If this tutorial is not what you were looking for, you still have any questions, suggestions or concerns - feel free to let us know. Please help us to serve you better!

Your Name

Your Email

Your Message (required)

captcha

Drupal News and Updates

This page will show you the most recent Drupal templates updates and Drupal Community news.

Drupal Templates News and Updates

December 3, 2012. The New Word In Creating Drupal Stores

December 03 2012 | Category: Drupal Updates

The creators of Drupal Commerce decided to bring their favorite CMS to masses. When speaking with one of TemplateHelp’s Drupal developers, he said: “I can’t understand, why users don’t use Drupal, it’s so simple…” Commerce Guys, those who created Drupal Commerce stores, got to be thinking that way.

Read More

May 03, 2012 – Drupal 7.14 released

May 09 2012 | Category: Drupal Updates

(Russian) В этой заметке вы узнаете о проблемах сопутствующих обновлению ядра Drupal 7.14.

Read More

Responsive Drupal templates

April 09 2012 | Category: Drupal Updates

Responsive Drupal templates include several layout options – each is optimized for proper screen resolution.

Read More

Drupal 6.19 templates

April 26 2011 | Category: Drupal Updates

Drupal templates starting from #30278 are compatible Drupal 6.19

Drupal 6.19 release anouncement is available here. You can also check the release notes to see the updates

Drupal templates starting from #30278 are compatible Drupal 6.19

Drupal 6.19 извещение о релизе доступно здесь. Вы также можете ознакомиться с с релиз нотами чтобы увидеть обновления.…

Read More

Drupal 7 templates are available

April 26 2011 | Category: Drupal Updates

Drupal templates starting from #32668 are compatible with Drupal 7

Drupal 7 features:

  • Vastly improved administrative user interface thanks to the D7UX movement
  • Flexible content and custom fields
  • Better visual presentation and theming with Render API
  • Accessibility is greatly improved
  • Image support is now included
  • Automated code testing
  • Improved database support
  • Better distribution support
  • Support for the Semantic Web through
Read More

Drupal 6.17 compatible templates

June 22 2010 | Category: Drupal Updates

Drupal templates starting from #29476 are compatible with Drupal 6.17

Drupal 6.17, a maintenance release fixing issues reported through the bug tracking system, is now available for download. There are no security fixes in this release. Upgrading your existing Drupal 6 sites is recommended. For more information about the Drupal 6.x release series, consult the Drupal 6.0 release announcement.

Highlights …

Read More

Drupal Themes are Now Available!

April 04 2008 | Category: Drupal Updates

After having launched Joomla and Mambo CMS templates last fall we have noticed that even though these two product types are strikingly popular the audience still wants more. Therefore in response to this growing demand for various CMS products we have decided to be so kind and to launch a new CMS designs range which we have chosen to be …

Read More

Drupal News and Updates

Drupal 8.0.3 and 7.42 released

3 February 2016, 7:16 pm

Drupal 8.0.3 and Drupal 7.42, maintenance releases with numerous bug fixes (no security fixes), are now available for download.

See the Drupal 8.0.3 release notes and Drupal 7.42 release notes for full lists of included fixes.

Upgrading your existing Drupal 8 and 7 sites is recommended. There are no major nor non-backwards-compatible features in these releases. For more information about the Drupal 8.x release series, consult the Drupal 8 overview. More information on the Drupal 7.x release series can be found in the Drupal 7.0 release announcement.

Security information

We have a security announcement mailing list and a history of all security advisories, as well as an RSS feed with the most recent security advisories. We strongly advise Drupal administrators to sign up for the list.

Drupal 8 includes the built-in Update Manager module, which informs you about important updates to your modules and themes.

There are no security fixes in these releases of Drupal core.

Bug reports

Drupal 8.0.x and 7.x actively maintained, so more maintenance releases will be made available, according to our monthly release cycle.

Change log

Drupal 8.0.3 contains bug fixes and documentation and testing improvements only. The full list of changes between the last 8.0.x patch release and the 8.0.3 release can be found by reading the 8.0.3 release notes. A complete list of all changes in the stable 8.0.x branch can be found in the git commit log.

Drupal 7.42 contains bug fixes and minor new features. The full list of changes between the last 7.x patch release and the 7.42 release can be found by reading the 7.42 release notes. A complete list of all changes in the stable 7.x branch can be found in the git commit log.

Update notes

See the 8.0.3 release notes and 7.42 release notes for details on important changes in these releases.

Known issues

See the 8.0.3 release notes and 7.42 release notes for known issues.

Front page news: 
Drupal version: 

Overview

It’s a great time to be part of the Drupal Association. We’ve done some amazing work in the last few years, and we’re in a great position to work with the community to continue to improve and grow fully into our mission. As a Drupal Association At-Large Director, you’d be in the center of the action. The At-large Director position is specifically designed to ensure community representation on the Drupal Association board and we strongly encourage anyone with an interest to nominate themselves today.

Nominate Yourself Today

The Board of Directors of the Drupal Association are responsible for financial oversight and setting the strategic direction of the Drupal Association. New board members will contribute to the strategic direction of the Drupal Association. Board members are advised of, but not responsible for matters related to the day to day operations of the Drupal Association, including program execution, staffing, etc. You can learn more about what’s expected of a board member in this post and presentation.

Directors are expected to contribute around five hours per month and attend two in-person meetings per year (financial assistance is available if required). All board members agree to meet the minimum requirements documented in the board member agreement.

Today we are opening the self-nomination form that allows you to throw your hat in the ring. We're looking to elect one candidate this year to serve a two-year term.

How to Nominate Yourself

To nominate yourself, you should be prepared to answer a few questions:

  • About Me: Tell us about yourself! Your background, how you got into Drupal, etc.
  • Motivation: Why are you applying for a board position? What initiatives do you hope to help drive, or what perspectives are you going to try and represent?
  • Experience: What Drupal community contributions have you taken part in (code, camps, etc.)? Do you have experience in financial oversight, developing business strategies, or organization governance?
  • Availability: I am able to travel to three in-person board meetings per year (either self-funded, or with financial sponsorship)
  • IRC Handle
  • Twitter Handle

We've also made a few changes to the process based on community feedback from the 2015 election:

  • We now display your username, not your given name, on your candidate profile to address privacy concerns that had been raised. Nominees should note that given names are required on legal documentation such as our 990 IRS filings, but we will do our best to preserve your privacy where we can. 
  • Updated sidebar block has more information about the elections, making it easier to the information you need. 
  • When you nominate yourself we will ask if you would like to opt-in to share your election results data. Last year was the first time we published full results from the vote data. Candidates that opt-in will have their name displayed next to their vote counts, as in this example from 2015.

We will also need to know that you are available for the next step in the process, meet the candidate sessions. We are hosting 3 sessions: 

Meet the Candidate Web Conferences:

Session One
Tue 23 Feb 2016 at 16:00 UTC

  • 7 AM PST Tue 23 Feb, US and Canada
  • 10 AM EST Tue 23 Feb, US and Canada
  • 1 PM Tue 23 Feb, Sao Paulo Brasil
  • 3 PM Tue 23 Feb, London
  • 11 PM Tue 23 Feb, Beijing

Session Two
Wed 24 Feb 2016 at 21:00 UTC

  • 12 PM PST Wed 24 Feb, US and Canada
  • 3 PM EST Wed 24 Feb, US and Canada
  • 5 PM Wed 24 Feb, Sao Paulo Brasil
  • 8 PM Wed 24 Feb, London
  • 4 AM Thu 26 Feb, Beijing
  • 7 AM Thu 26 Feb, Sydney Australia

Session Three
Thu 25 Feb 2016 at 01:00 UTC

  • 4:00 PM PST Thu 25 Feb, US and Canada
  • 7:00 PM EST Thu 25 Feb, US and Canada
  • 9:00 PM Thu 25 Feb, Sau Paulo Brasil
  • 12:00 AM Fri 26 Feb, London
  • 8:00 AM Fri 26 Feb, Beijing
  • 11:00 AM Fri 26 Feb, Sydney Australia

The nomination form will be open February 1, 2016 through February 20, 2016 at midnight UTC. For a thorough review of the process, please see the elections home page.

If you have any questions, please contact Holly Ross, Drupal Association Executive Director. For the sake of keeping conversational threads in one place, the comments on this news item have been closed. Please comment on the original post on the Drupal Association website.

Flickr photo: Clyde Robinson

Front page news: 

Predictions for 2016

18 January 2016, 9:02 pm

Without a doubt, 2015 was one of the Drupal community's best years. We continued to grow and change from being on an island to more of a peninsula. We also released the best Drupal version ever.

If you look back at our predictions for 2015, the Drupal 8 release was one of the most predicted events for the year. Now the question is: what we will be doing in 2016?

Will we have a decoupled Drupal? Will Drupal 9 be released? Will we see a "Drupal 6 Legacy Support" program? It is that time of year when you—yes, you—can predict the future of Drupal; take a look at your crystal ball and describe what you see. Share your deepest thoughts on what will happen for us as a community, what will happen to our code, and the difference our work might make.

Republished from buytaert.net

On December 29, 2000, I made a code commit that would change my life; it is in this commit that I called my project "Drupal" and added the GPL license to it.

Drupal name and license

The commit where I dubbed my website project "Drupal" and added the GPL license.


A couple weeks later, on January 15, 2001, exactly 15 years ago from today, I released Drupal 1.0.0 into the world. The early decisions to open-source Drupal and use the GPL license set the cornerstone principles for how our community shares with one another and builds upon each other's achievements to this day.

Drupal is now 15 years old. In internet terms, that is an eternity. In 2001, only 7 percent of the world's population had internet access. The mobile internet had not entered the picture, less than 50% of the people in the United States had a mobile phone, and AT&T had just introduced text messaging. People searched the web with Lycos, Infoseek, AltaVista and Hot Bot. Google -- launched in 1998 as a Stanford University research project -- was still a small, private company just beginning its rise to prominence. Google AdWords, now a $65 billion business, had less than 500 customers when Drupal launched. Chrome, Firefox, and Safari didn't exist yet; most people used Netscape, Opera or Internet Explorer. New ideas for sharing and exchanging content such as "public diaries" and RSS had yet to gain widespread acceptance and Drupal was among the first to support those. Wikipedia was launched on the same day as Drupal and sparked the rise of user-generated content. Facebook and Twitter didn't exist until 4-5 years later. Proprietary software vendors started to feel threathened by open source; most didn't understand how a world-class operating system could coalesce out of part-time hacking by several thousand developers around the world.

Looking back, Drupal has not only survived massive changes in our industry; it has also helped drive them. Over the past decade and a half, I've seen many content management systems emerge and become obsolete: Vignette, Interwoven, PHP-Nuke, and Scoop were all popular at some point in the past but Drupal has outlived them all. A big reason is from the very beginning we have been about constant evolution and reinvention, painful as it is.

Keeping up with the pace of the web is a funny thing. Sometimes you'll look back on choices made years ago and think, "Well, I'm glad that was the right decision!". For example, Drupal introduced "hooks" and "modules" early on, concepts that are commonplace in today's platforms. At some point, you could even find some of my code in WordPress, which Matt Mullenweg started in 2003 with some inspiration from Drupal. Another fortuitous early decision was to focus Drupal on the concept of "nodes" rather than "pages". It wasn't until 10 years later with the rise of mobile that we started to see the web revolve less and less around pages. A node-based approach makes it possible to reuse content in different ways for different devices. In a way, much of the industry is still catching up to that vision. Even though the web is a living, breathing thing, there is a lot of things that we got right.

Other times, we got it wrong. For example, we added support for OpenID, which never took off. In the early days I focused, completely and utterly, on the aesthetics of Drupal's code. I spent days trying to do something better, with fewer lines of code and more elegant than elsewhere. But in the process, I didn't focus enough on end-user usability, shunned JavaScript for too long, and later tried to improve usability by adding a "dashboard" and "overlay".

In the end, I feel fortunate that our community is willing to experiment and break things to stay relevant. Most recently, with the release of Drupal 8, we've made many big changes that will fuel Drupal's continued adoption. I believe we got a lot of things right in Drupal 8 and that we are on the brink of another new and bright era for Drupal.

I've undergone a lot of personal reinvention over the past 15 years too. In the early days, I spent all my time writing code and building Drupal.org. I quickly learned that a successful open source project requires much more than writing code. As Drupal started to grow, I found myself an "accidental leader" and worried about our culture, scaling the project, attracting a strong team of contributors, focusing more and more on Drupal's end-users, growing the commercial ecosystem around Drupal, starting the Drupal Association, and providing vision. Today, I wear a lot of different hats: manager of people and projects, evangelist, fundraiser, sponsor, public speaker, and BDFL. At times, it is difficult and overwhelming, but I would not want it any other way. I want to continue to push Drupal to reach new heights and new goals.

Today we risk losing much of the privacy, serendipity and freedom of the web we know. As the web evolves from a luxury to a basic human right, it's important that we treat it that way. To increase our impact, we have to continue to make Drupal easier to use. I'd love to help build a world where people's privacy is safe and Drupal is more approachable. And as the pace of innovation continues to accelerate, we have to think even more about how to scale the project, remain agile and encourage experimentation. I think about these issues a lot, and am fortunate enough to work with some of the smartest people I know to build the best possible version of the web.

So, here is to another 15 years of evolution, reinvention, and continued growth. No one knows what the web will look like 15 years in the future, but we'll keep doing our best to guide Drupal responsibly.

Continue the conversation on buytaert.net

Front page news: 

There’s been a lot of positive feedback and a few questions about the recent changes to the marketplace. I want to take a minute and talk about how the marketplace made it to where it is now and mention some plans for the future of the marketplace on Drupal.org.

TL;DR

This is a long post. You may not want to read the whole thing, so here is a condensed version.

We want to highlight individuals and organizations that are actively contributing to Drupal. You can now attribute your work in the Drupal.org issue queues to your employer or a customer. Maintainers can award issues credits to people who help resolve issues with code, comments, design, and more. These credits can roll up to service providers listed in the Drupal Marketplace. (And eventually we want to show customers with credits as well.)

Want to know all the details? Read on.

A little history

Back at DrupalCon Austin (2014), Dries presented a sketch of an idea for highlighting organizational contributions to Drupal to myself and several business owners in the Drupal community. Later that week, those initial ideas turned into A method for giving credit to organizations that contribute code to Open Source.

The idea was to use commit messages to highlight organizational contribution. The first draft looked something like this:

$ git commit -am "Issue #n by INDIVIDUAL@AGENCY*CUSTOMER: message."

It was simple and intended to be parsable from our Git logs. However, contribution is about more than just code—and while code contributions are a good place to start, we also needed to ensure that tools for providing attribution and credit would be extensible to non-code contributions as well.

That initial conversation turned into an issue that spawned lots of child issues and ideas for how best to collect data that allowed a user on Drupal.org to attribute their work to an organization.

The resulting conversations didn’t have a simple solution, but the participation in these issues was lively and full of great ideas. Determining the format for commit credit is still an active issue.

A commit credit format alone was not going to get the information onto Drupal.org. Eventually, we settled on a couple of different solutions for tracking organization involvement and pulled all of this together into the current state of the Drupal.org Marketplace.

Organizations that support modules, themes, and distributions

First, we added a feature to projects on Drupal.org (modules, themes, distributions) that allowed maintainers to reference organizations that were supporting a module—either by providing time to their developers to give back or by directly funding development.

Supporting organizations field

Commit credit user interface

The next part of the work was giving maintainers a better way to create their commit message related to a particular issue. A lot of the complexity of deciding who should get credit for work on Drupal.org was simplified into a UI that showed how many people had participated in an issue, how much each person had participated, and whether that person had uploaded files related to the issue. The UI also generated the Git command that would properly tie the resulting code changes to the issue and people involved. The result for a relatively large issue thread looks like the image below:

Commit credit UI

Attribution

While that effort made it a lot easier to create commit credits, it didn’t solve the problem of attributing issues that didn’t result in code change, nor did it allow people to give credit to the organizations that made it possible for them to work on that issue—by giving them time or by paying for the work directly as a customer.

To do that we had to figure out a way to add organization attribution to the work being done on an issue.

Issues and comments are the primary tools for tracking what needs to be built out in Drupal code. This is where we determine the features, report the bugs, plan out the work, and more. Tracking intent at the point of this interaction was the best way for us to cover the widest range of contribution to Drupal core, modules, themes and distributions.

The resulting UI for attributing a comment to an organization is simple and straightforward.

Attribution UI

While the instructions for attributing a contribution are documented, there’s still some confusion about when to attribute a comment to an organization versus a customer.

Attributions for organizations

These attributions are to allow a person to attribute their participation in a specific issue to a company that allotted time for them to work on the issue. This is typically an employer that pays that person's salary or wage. This organization must be directly tied to the contributor's user profile on Drupal.org as a current or past employer and the organization must have an organization profile on Drupal.org. (Create an organization profile).

When you use this feature, you are highlighting an organization that is contributing code—or other improvements through the issue queues—to the community.

Attributions for customers

When you attribute a customer, you are essentially saying that the work was requested by that customer but you are not employed by them. Typically this means one of three possibilities:

  • The customer organization paid the contributor's employer
  • The customer organization paid the contributor directly
  • The contributor was volunteering for the customer organization

You can select any organization as a customer that has an organization profile on Drupal.org.

When you use the customer attribution, you’re highlighting a different way of contributing to the Drupal ecosystem and often showing relationships between organizations to solve a problem.

Marking a comment with "I'm a volunteer"

Making it possible to attribute organizations who have supported contribution also helps us to gather data on purely altruistic contributions. We went round and round on this attribution feature, but in the end, we decided to add “I’m a volunteer” as an explicit attribution option in the attribution UI. It’s deliberately not the default. This is because we want to collect the explicit intent of the users making attributions. While we are now collecting this data, we haven’t yet figured out a great way to show this intent on a contributor's profile.

Possible intent on a comment could include:

  • I contributed on my own time as a volunteer and community member.
  • On this issue, some of my time was paid for by an employer, but some of my time was my own.
  • I contributed this work as a volunteer for one or more customer organizations.

The intent of volunteerism is complex, which is why it is hard to add up into neat little data to show on a profile.

Regardless whether they mark "I'm a volunteer" or not, contributors can still be awarded issue credit by a maintainer for their work on an issue.

Attribution versus issue credit versus commit credit, what's the difference?

Attribution is the first step of the process to award an issue credit. The contributor attributes their work to one or more organizations and/or as a volunteer. The next step doesn't come until the maintainer of the project (Drupal core, module, theme, distribution) gets involved in the process.

Issue credits

Project maintainers may grant issue credits for issues opened against their projects. At any time during the life of the issue, a maintainer can update the credit UI to credit any of the users who have participated in the issue. Any organizations or customers attributed by those users will be credited as well. When the issue is closed fixed, those assigned credits will appear on the appropriate user and organization profiles.

Issue credits are more comprehensive than just code. They can include reviews, designs, prototypes, or just really helpful comments. The maintainer choses what they want to credit even if the issue does not have code associated with it in the form of a patch. This is a great way to help highlight contributions to policy and work to keep Drupal.org running well.

Commit credits

Maintainers can grant commit credits. A commit credit gets added to the Git commit message that accompanies a commit by a maintainer of a project on Drupal.org (Drupal Core, modules, themes, distributions, etc.). Sites like drupalcores.com track this information in the public changelog and use it to highlight contribution numbers based on the number of times a user is mentioned in a commit message.

Commit credits currently can’t be easily tied to organizations, the parsing would be cumbersome and require a lot of precision when maintainers entered the information into Git, which is a big reason why we needed a UI on Drupal.org to help make all the connections and store that information into a database for easy retrieval.

Showing contributions on Drupal.org

Right now, there are three ways that contributions show up on Drupal.org: the user profile, the organization profile, and the marketplace. (We have some ideas to expand this that I will detail below.)

User profiles

Do you log in to Drupal.org? Great! You have a profile.

On every user profile, we show the total number of issues that a contributor has helped fix in the past 90 days.

You can drill into this information and see the specifics. This is a good way to see a facet of how a person is contributing to Drupal. There are other examples on a user's profile that show other ways they are involved.

Organization profiles

Any confirmed user can create an organization page on Drupal.org. Organization profiles are currently related to a single user, but we have plans to roll out additional permissions to relate multiple users to an organization.

On the organization profile, we show the number of issues that an organization has contributed to fixing in the last 90 days.

Organization profiles also show a list of modules that have been supported by that organization, whether that organization is a Drupal Association member or Supporting Partner, and additional self-reported information about their involvement in the Drupal community.

We are currently working to automate more methods for collecting data about how organizations are contributing to the community through DrupalCon and Drupal Camp sponsorships as well as hosting user groups to help support meetups, and giving to Global Training Day events. The number of case studies associated with an organization is another indicator of how much they use Drupal and how they are helping get others to use Drupal by sharing their success stories.

Marketplace

We recently rolled out some changes to how the Drupal.org Marketplace is ordered in order to better highlight contributing organizations.

Currently, the marketplace is sorted by number of issue credits awarded to an organization in the last 90 days, then whether the organization is a supporter, then by alphabetical order.

Every organization on the marketplace shows counts of its users on Drupal.org, projects (modules, themes, distributions, etc.) supported, issue credits in the last 90 days, and case studies. We also highlight organizations that are funding the ongoing support and development of Drupal.org by being in our supporting partner programs.

Questions we have heard

While most people have been excited about the changes to the Marketplace, there have been several questions.

Why is it only Drupal Service providers?

The marketplace was originally created to highlight Drupal service providers that are active in the Drupal community.

A "Contributing Organizations" list is the next step to expand the types of organizations we highlight. There are community members that are already working to highlight customers using Drupal that contribute back, community volunteers, and volunteers that are working for organizations that rely on volunteerism (many camps fall into this category).

These are great ideas. Contributing to those issues is a great way to help us figure out the best way forward.

What about "x" contribution type?

Yes, there are many ways that organizations contribute. We are definitely hoping to add in contributions that we can objectively verify. There are so many great things that organizations can do to support Drupal, both the local and worldwide community, and Drupal.org, including:

  • Sponsor a DrupalCon
  • Help plan a DrupalCon
  • Sponsor, organize, or host a Drupal Camp
  • Host a Global Training Days event
  • Host a local user group/meetup
  • Post a case study of a successful Drupal project
  • Contribute helpful content to Drupal Planet

There are many other phenomenal ways organizations give back. If you know of one that has objective data that can be added to the algorithm we use to highlight organizations, let us know by creating an issue in theDrupal.org Customizations queue.

Why is it so hard to create an organization profile?

We definitely want to improve this process. There are over 650 organization profiles on Drupal.org, so we know that people have figured it out, but it could be much more intuitive.

We have also had a several requests to add permissions to organization profiles so that multiple people can be editors of those profiles and help administer who is allowed to be associated with the organization. Our current method of tying users to organization by using an exact text match is a bit clunky. (If you want your organization to list you as an employee, you must exactly enter the title of the organization as it appears on the organization profile and list that organization as "current".)

What about more tools for individual contributions?

We have so many thoughts on how to improve the way we highlight individuals on their profile. We already show issue credits, documentation edits, commits, and lots of self-reported information. There is a lot of objective data to pull from including DrupalCon attendance, whether they have been a speaker at a DrupalCon, translation strings submitted to localize.drupal.org, Drupal Association membership, modules maintained, and many more.

Engagement with the community involves a lot of factors and we want to highlight as many as possible while still making the user profile useful and relatively succinct.

Help us make Drupal.org better

In addition to the questions that have come up above, we want your feedback to keep improving the user experience on Drupal.org and make it easier to hightlight the companies that are doing so much to make Drupal the leading platform for the web and the individuals that provide their expertise and commitment to the community. Drop your ideas into the Drupal.org Customizations queue.

Front page news: 

Drupal 8.0.2 released

6 January 2016, 10:32 pm

Update: Drupal 8.0.3 is now available.

Drupal 8.0.2, a maintenance release with numerous bug fixes (no security fixes), is now available for download. See the Drupal 8.0.2 release notes for a full list of included fixes.

Upgrading your existing Drupal 8 sites is recommended. There are no major nor non-backwards-compatible features in this release. For more information about the Drupal 8.x release series, consult the Drupal 8 overview.

Security information

We have a security announcement mailing list and a history of all security advisories, as well as an RSS feed with the most recent security advisories. We strongly advise Drupal administrators to sign up for the list.

Drupal 8 includes the built-in Update Manager module, which informs you about important updates to your modules and themes.

There are no security fixes in this release of Drupal core.

Bug reports

Drupal 8.0.x is actively maintained, so more maintenance releases will be made available, according to our monthly release cycle.

Change Log

Drupal 8.0.2 contains bug fixes and documentation and testing improvements only. The full list of changes between the 8.0.1 and 8.0.2 releases can be found by reading the 8.0.2 release notes. A complete list of all changes in the stable 8.0.x branch can be found in the git commit log.

Update notes

See the 8.0.2 release notes for details on important changes in this release.

Known issues

See the 8.0.2 release notes for known issues.

Front page news: 
Drupal version: 

Republished from buytaert.net

Last month, my blog post about whether a client-side framework is right for Drupal stimulated some excellent insights into how the future of the Drupal front end might look. There was broad agreement that incorporating more JavaScript into Drupal's administrative interface is important for a future-ready user experience.

I am confident that adopting a client-side framework through progressive decoupling will give us the best of both worlds. Of course, this does not mean I oppose fully decoupling through any other framework; in fact, I believe we should redouble our efforts toward a first-class API-first Drupal. But progressive decoupling means that we will be able to work toward a next-generation user experience without abandoning much of the work we've done so far.

With that in mind, I tasked a small team made up of various experts from the Drupal and various JavaScript communities with putting together a list of criteria and a comparison matrix to help us decide on the most appropriate client-side framework for progressive decoupling in Drupal.

JavaScript framework comparison matrix

After a hundred hours of work, we came up with a criteria document and comparison matrix (PDF version):

Special thanks to all of the following experts who provided review and input: Miško Hevery (creator of Angular; Google) and Igor Minar (technical lead for Angular; Google); Ed Faulkner (core maintainer for Ember); Amitai Burstein (Drupal and Elm contributor; Gizra); Sebastian Siemssen (Drupal contributor, Elm and React developer; Zensations); and John Albin Wilkins (Drupal 8 mobile initiative lead), Alex Bronstein (Drupal core maintainer; Acquia), Wim Leers (Drupal core contributor; Acquia), and Preston So (Drupal contributor, Acquia).

Though this is a good starting point that lays the groundwork for a formal adoption process in Drupal core, it is time to open our comparison for review by members of both the Drupal and JavaScript communities. We should also more rigorously evaluate these frameworks' appropriateness through actual development.

First, have we decided on the right criteria regardless of the frameworks themselves? This is probably the most important at this stage. While many organizations choose to adopt client-side frameworks for fully decoupled implementations, Drupal is the first to consider layering a framework on top to allow both richly dynamic and more traditional modules to coexist gracefully through progressive decoupling. What issues around templates, rendering, and client-side caching should we incorporate into these criteria? Is there anything missing or overemphasized?

Second, have we selected the right frameworks to focus on? Are there other frameworks, libraries, or even compile-to-JavaScript projects (such as Elm) that should be included in the matrix? In my view, it is best for Drupal to adopt a framework with an already large community and ecosystem that would allow us to more quickly bridge the gap and resolve any friction during adoption. To provide a good frame of reference, we've also included Backbone, Angular, and Knockout, all three slightly older among client-side frameworks. Others on our shortlist that we didn't consider due to low levels of adoption and small communities are Mithril, Riot, and Vue. Still other ambitious projects such as the Elm and ClojureScript languages are also candidates, but their adoption will mean more up-front work to support typical features of client-side frameworks, as well as buy-in into an approach where JavaScript is compiled from a different language.

Finally, have we drawn the right conclusions against these criteria? In other words, did we fill out the cells correctly? While they have been reviewed by some of the frameworks' experts, there might be unexpected gotchas or caveats.

I'm sharing the initial comparison matrix on my blog for maximum reach; I want both the Drupal community and the JavaScript framework communities, as well as the broader front-end community, to take note. After three installments on my blog ("The future of decoupled Drupal", "Should we decouple Drupal with a client-side framework?"), it's time to move the technical conversation to drupal.org. There is now an issue in the core issue queue on drupal.org to iterate on the matrix.

Preliminary conclusions

At the moment, the most promising candidates in the comparison matrix appear to be Angular 2, Ember, and React, given their technical robustness, relative suitability for progressively decoupled Drupal, and their strong levels of community support and broader adoption. Given that Backbone is already in core and several modules already rely on it, we have included it too.

What we've learned from talking to the different projects is that they are often converging on similar techniques and best practices; they are by and large adding support for Virtual DOM implementations or rehydration (seamless state transfer), and they are all obsessing over small payload size and performance, better testability, etc. Therefore it is important to focus on the fundamental, often philosophical, differences between the projects that will likely be unchanged in time; key architectural differences, their release cadence and stance on backward compatibility, their license, their governance model, their flexibility and learning curve, etc.

From a quick glance at the criteria and our needs, it seems that Ember is currently our best candidate, as it appears to have a slight technical edge overall. Ember 2.0 has an all-new rendering engine named Glimmer, and it has server-side rendering through FastBoot. On the other hand, however, Ember is quite bulky and opinionated (enforcing patterns for code structure) compared to other candidate frameworks. A more fundamental difference is that unlike Angular and React, which have corporate governance and funding, Ember is a community-driven project like Drupal.

While React is lightweight, it needs integration with a variety of other libraries in the React ecosystem to work as a full-fledged implementation, which gives it a steep learning curve from an implementation standpoint. Because React is a relatively young project, best practices are shifting quickly and making it less attractive. The Virtual DOM, among React's most compelling features, has also seen its core ideas filter into other framework projects. But more importantly, React is licensed with what I believe to be a potentially unacceptable patent clause, which states that an organization can no longer use React once it sues Facebook for any (unrelated) patent infringement. This has already generated some concerted pushback from both WordPress's Calypso and React contributors.

Angular 2 is a complete rewrite of Angular 1 to address issues with that version of the framework, including performance problems stemming from a large file size. The new version also introduces a new template engine that incorporates both directives familiar to Angular 1 developers and nestable component-based templates. But Angular 2's Apache 2.0 licensing is incompatible with Drupal's own GPLv2 license. While Drupal's PHP code and JavaScript code run in isolated processes, it appears that an Apache 2.0-licensed project can't be jointly distributed within an umbrella project that uses a GPLv2 license.

In addition to being at a slight technical disadvantage to Ember, the legal concerns with React and Angular make me believe Ember might be our best bet. But I'm not a lawyer nor a JavaScript expert, so I can't make this decision alone; I'm looking for lots of feedback, particularly from JavaScript experts, to determine the best option for Drupal.

Conclusion

Whatever the result of the debate around which client-side framework to adopt, I believe that Drupal needs to move quickly to embrace a framework that will aid development of a progressively decoupled architecture and corresponding user experience improvements. By providing some baseline criteria and including our accomplished community, I have no doubt we can reach this decision quickly but also intelligently.

Special thanks to Preston So for contributions to this blog post.

Continue the discussion at buytaert.net or at #2645250: [META] Supersede Backbone in core admin UIs with a new client-side framework

Front page news: 
Drupal version: 

2015 Year in Review for Drupal.org

5 January 2016, 10:50 pm

If your 2015 was anything like mine, it passed by extremely quickly. It was marked by periods of frustration (spammers still love Drupal.org) and elation (Drupal 8 launched, woot!).

Below are a few highlights from our 2015 change logs on Drupal.org. For a more detailed look into each monthly update you can read our "What's New on Drupal.org?" blog posts.

January

February

  • DrupalCon Latin America
  • Launch of Drupal Events (<a href="https://events.drupal.org>events.drupal.org) with the site for DrupalCon Los Angeles - all new events sites are hosted from the same installation
  • Account creation improvements including a faster 2-step registration that returns users to the site they initiated registration from
  • Support for the 2015 community elections for board member at large
  • Implementation of Server Density for systems monitoring
  • Centralized logging for Druapl.org infrastructure

March

April

May

June

July

  • Interns from Epicodus join the Drupal.org team for 8 weeks
  • New Git servers configured and deployed to production to replace aging hardware
  • Core patch testing enabled for DrupalCI

August

  • Upgrade of Localize.drupal.org to Drupal 7
  • Apache Solr upgrades
  • Updates to make issues in project queues easier to quickly read and digest
  • Performance profiling on a new integration server leads to site speed improvements

September

  • Drupal.org search improvements
  • First content model update with sections and pages deployed
  • Solr server high availability improvements
  • DrupalCon Barcelona
  • Marketplace updates to order organizations by last 90 days of issue credits and supporter status

October

  • Drupal 8 RC1
  • DrupalCI becomes the primary test platform for Drupal 8 Core; legacy testing is disabled
  • Flag module and administrative views are deployed for a new take on spam fighting
  • Drupal 6 & 7 testing are enabled on DrupalCI
  • Kicked off the first Drupal.org membership drive
  • Breadcrumbs for top level sections to make navigation a bit easier

November

December

  • Published plan for Composer support on Drupal.org
  • Old testbots are disabled and all Drupal testing is now run through DrupalCI
  • Homepage changes to support the membership campaign
  • Presented the new community engagement plan to the board and working groups

That was a lot of work in what was a tumultuous year. Between all the DrupalCon websites, and major updates to some of our existing sub-sites, we launched as many sites as some web development shops—at least the smaller ones.

We made several small but high impact usability improvements to Drupal.org, and built better features to highlight the contributions of individuals and organizations on their profiles. We modernized and hardened our infrastructure. We made Drupal.org a little more beautiful to better promote this amazing software and community that we support to people finding us for the first time. Among all of that…

What was the most important work in 2015?

If I had to call out just one thing the Drupal.org team did this year that was essential to the success of Drupal and the community, I would highlight the great work done to launch DrupalCI and make it a production system that could handle our community's unique testing needs.

DrupalCI (the CI stands for Continuous Integration) started as a community initiative. It had been in progress for years as work to replace our aging testbot infrastructure. The old testbots required a manual spin up of new testing servers that were hosted on VMs in a cluster at the Open Source Labs. They were proprietary and rigid. If a testbot went down, it would require manual intervention to free up the queue and allow tests to begin again.

By working closely with the community throughout Q2 and Q3 of 2015, we were able to launch a testing infrastructure that supports multiple testing environments—a feature which has already helped support other projects, like PHP 7—dynamically scales to the testing load, and which is tightly integrated with the Drupal.org issue queues. Overall the new system is much more configurable and far more scalable than the previous system.

Why is testing so vital to the community? Because Drupal 8 represents a much larger code base than Drupal 7. A huge proportion of those new lines of code are tests. Every time a patch is submitted to Drupal Core, up to 15,000+ tests are run—with over 100,000 assertions. Core maintainers and initiative leads need those tests to help them understand how the new code introduced will affect Drupal. Contrib developers can also use DrupalCI to ensure their modules will work well with Drupal.

Though the work to get DrupalCI into production and optimized, we were able to give core maintainers faster and more reliable information about code submitted for inclusion in Drupal.

I honestly believe that without DrupalCI, we would not have had Drupal 8 in 2015. It sped the release of Drupal, which makes it the most accomplishment for our team in 2015.

Happy but not satisfied

Larry Garfield (Crell) wrote a blog post shortly after the release of Drupal 8 where he talked about how he was happy that Drupal 8 was released—and feels it is a huge leap forward for the project—but he is not satisfied because he sees how much work is left to be done.

That is the nature of software. It can always be a little better—more performant, more usable, more extendable.

Drupal.org improved in 2015, but the team is far from satisfied. There is so much more work to complete.

At DrupalCon Amsterdam, I outlined the top 7 initiatives that the Drupal.org team would focus on. When I look back on the year, we did not hit all of our goals.

In April, one year into my time at the Drupal Association, I could point back to a lot of accomplishments, but for many, the improvements were not fast enough. By DrupalCon Los Angeles, we had achieved one of our initiative goals, and moved forward many more, but we added four more to our list. In agile project management terms, we burned up (added more work) than we burned down (work completed).

While the fact that more work is requested faster than we could complete it is not unusual, it did make us think, and we learned some lessons. We have to focus on fewer, high impact priorities. We need to plan for the unplannable - we know there will be unforeseen needs from the community and new technology to support that may not exist yet, and we must be flexible enough to respond. We need to build more partnerships and find great solutions with technology providers that are experts in their fields.

We are pretty excited that much of the planning and design work put into 2015 should result in a much more rapid pace of change to Drupal.org in 2016.

What's next for Drupal.org

So, we are celebrating all the good things from 2015—there were a lot—but we are also closing the book on what was a challenging year.

Our focus shifts now to supporting the community as we all work to make Drupal 8 successful. We'll be keeping the Drupal.org Roadmap up to date and adding in new initiatives.

As we start the new year, we are still committed to the content strategy work that will make the content creation experience on Drupal.org and sub-sites better. This will improve our documentation as well as make it easier to talk about the benefits of Drupal to decision makers that help choose Drupal as the best content management framework for their organization.

Additionally, we are doing some exciting work to better support Composer on Drupal.org to align us with the rest of the PHP community as well as planning some much needed improvements to our Git workflow and developer tools.

Lastly, we are not done improving how we highlight contributions within the Drupal community. As Dries outlined in Amsterdam, Drupal is a public good. We need to highlight the great work that people around the world are doing in building Drupal and the community that supports it.

We can't wait to get started on 2016!

Front page news: 
Drupal version: 

Drupal 8.0.0 released

19 November 2015, 2:33 pm

Update: Drupal 8.0.2 is now available.

Today we released Drupal 8.0.0, the first fully supported release of Drupal 8! This is the biggest update ever to Drupal, our open source content management platform. Here are just a few of the hundreds of improvements in Drupal 8:

  • In-context, what-you-see-is-what-you-get (WYSIWYG) editing and previews
  • Comprehensive content modeling out of the box with entities, fields, and views
  • Customization of content pages and even forms and administrative pages via the administrative interface
  • Full translatability and localization out of the box
  • Reliable configuration management for safe and straightforward deployment of changes between environments
  • Mobile-first, responsive, HTML5 output
  • REST-first native web services
  • Enhanced accessibility and WAI-ARIA compliance
  • Modern PHP standards and practices, with integration of popular libraries such as Composer, Symfony2, Guzzle, and Twig
  • Significantly improved front-end performance out of the box
  • Enhanced caching and best-of-class integration with CDNs and reverse proxies
  • Full compatibility with PHP7, and the PostgreSQL and SQLite databases
  • ...And much more!

Screenshot of the Drupal 8 Quick Edit feature
Drupal 8 in action

With key modules like Views and Entity Reference fully included in Drupal 8 core, and many contributed projects already available for Drupal 8, you can start building new Drupal 8 sites right now, today. You can also use the crowd-sourced Drupal 8 Contrib Porting Tracker to get updates on the status of your favorite modules and themes, or read how you can help.

How do I upgrade my current site?

If you have a Drupal 6 or 7 site you want to upgrade, install or update the Upgrade Status module to get a customized, up-to-date report on the status of your modules and themes in Drupal 8. Once you are ready, Drupal 8 core also includes the Migrate module to update existing Drupal 7 and 6 sites to Drupal 8 directly. Migrate is marked "experimental" in Drupal 8.0.0, but will be fully supported in an upcoming release. Read more about how you can migrate from Drupal 6 or 7.


The DrupalCon Asia team cheering with Druplicon
Photo credit: pdjohnson

What about other versions of Drupal?

Drupal 8.0.0 marks several changes for Drupal releases. We will add new features to Drupal 8 every six months in minor releases, with bug fix and security release windows every month. The next bugfix release window is December 2, 2015, and next scheduled minor release (Drupal 8.1.0) is planned for mid-April 2016.

The release of Drupal 8 also means that it's time to say a fond farewell to Drupal 6 after eight great years. Drupal 6 will reach its end-of-life (EOL) on February 24, 2016, meaning that it will no longer receive official community support and you should plan to update Drupal 6 sites soon. Refer to the Drupal 6 end-of-life announcement for more information.

Drupal 7 is still fully supported and will remain so for several more years. Read more about the Drupal core release cycle.

Found a bug?

With your help, we can find and fix bugs sooner rather than later. If you find a bug in Drupal 8, search for it in the Drupal 8 issue queue, and if you don't find an existing bug report, file a new one.

Celebrating the release

Help share and celebrate this milestone for the Drupal community! The Drupal 8 media kit includes the official Drupal 8 press release which has already been translated into many languages. Share this press release with your community, or use the #Drupal8 hashtag to talk about Drupal 8 on social media. Then, join one of over 200 Drupal 8 release parties on six continents.

Map of Drupal 8 release parties around the world
Source: drupical.com

Drupal 8 core is the work of more than 3300 contributors in over 16,000 Drupal core commits during nearly five years of development, and it is by far the best release of Drupal yet. There are already more than 50,000 Drupal 8 installations, so start yours today!

Build something amazing, for anyone.

Front page news: 
Drupal version: 

Fastly logoWe are so stoked to announce our partnership with Fastly. Fastly is now serving up all of our traffic from the *.drupal.org domain Drupal sites and related services.

Drupal.org is big

Drupal.org and its services handle over 1.5 billion requests per month; this is a massive amount of traffic for an open source project.

Every time cron runs the update service on your Drupal site, it talks to updates.drupal.org. Every time you download a copy of Drupal or any projects on Drupal.org, you talk to ftp.drupal.org. (We see over 400,000 downloads of Drupal core in a typical month—way more around DrupalCons and major community sprints.)

Each month we have over 15 million unique pageviews on Drupal.org—by over 2 million unique visitors.

All of those stats are about to rise significantly with the launch of Drupal 8. Drupal 7 caused a 30% bump in traffic when it was released and we expect even more with the launch of Drupal 8.

Fastly is… well… fast

In 2014, we implemented a CDN (content delivery network) for Drupal.org. The impact was immediate. Everything was faster. We met our initial goal of getting Drupal.org sites and services fronted by a CDN.

That CDN solution was a good start, and while it lacked features we didn’t know we needed, it improved our ability to deliver Drupal-generated content as well as packaged projects.

Late in 2014, we were introduced to Fastly. They offered us an opportunity to try out the service for ftp.drupal.org and we haven't looked back.

Varnish for the win!

You may already use the open source Varnish for your Drupal sites. Varnish is an HTTP accelerator. Drupal.org began using Varnish in 2009 to reduce load on its web servers. It is a powerful cache that likely sits in front of your web origins. Fastly gives us a globally distributed Varnish cache with all of the features we are familiar with.

Fastly hires maintainers of the Varnish project and are helping move it forward. Drupal 8 cache keys are also a straight correllation to Fastly Surrogate Key purging and Fastly's active involvement is another great example of Fastly working with an open source community (ours!) to build a better experience.

Yay, open source!

Open Source Alliance

Speaking of open source, Fastly has an open source alliance that provides free content delivery to projects like Debian, the MIT Media Lab, the W3C, Memcached, Linux Foundation, and more. They have even open sourced some of their technology stack to make it easier for others to build systems with their tools. We love partnering with these sorts of organizations.

Supporting Technology Partner

Speaking of partnering, Fastly took their partnership a step further and are helping fund a lot of great work on Drupal.org through commitments to sponsor DrupalCons and even the release of Drupal 8. Look for them at upcoming DrupalCons. Thanks Fastly!

How Fastly Works

Fastly’s Global Network consists of Points of Presence (POPs) running Fastly’s custom Varnish software stack. These POPs are spread around the world in strategic locations close to the highest density Internet Exchange Points, ensuring cached content is just a few milliseconds away.

Global network

Fastly has a powerful feature that allows us to specify a specific POP as a shield to our origin server. In our case we chose the Seattle POP because of its proximity to our servers at the OSL in Corvallis, Oregon in the United States.

Caching basics

The origin shield configuration means all requests to Drupal.org flow through Fastly’s origin server in Seattle before reaching our Drupal.org origin. If Fastly’s origin server in Seattle has already cached the file, no request to our Drupal.org origin is necessary.

Caching basics, subsequent requests

In practice, this allows us to deliver a huge amount of content with an extremely high hit ratio. (See that spike in the GIF below, that's one of those regular times that cron jobs request a ton of content from our updates server. Fastly is just churning along.)

Really cool animated GIF showing updates traffic

(Fastly made us confident we could put this enormous GIF in our write up.)

Faster changes, faster response time

Another advantage to Fastly has been the efficiencies it has given us by allowing us to quickly make changes to how they cache our content. With our previous CDN, changes could take up to 4 hours to propagate through the system. We can now change a Varnish config and reflect those changes in under 5 seconds. That has been a huge help when we need to make a hot fix to production and keep Drupal.org delivering Drupal to the world.

Logging and improving our usage stats

Fastly also allows us to stream our logs. This means we can parse those logs and turn them into data. We are already seeing much more reliable project usage statistics with from our new log processing for updates.drupal.org thanks to Fastly’s log streaming.

More accurate logs mean we can provide users with better data to help them to make better decisions about modules, themes and distributions that have the most installations.

Next Steps with Fastly

We have been impressed with Fastly, both for their responsiveness and the performance improvements we have seen while using their services. They have given a ton to our community and we can't wait to see where they take Varnish and their open-source-powered service. If you are interested in using Fastly with your own Drupal sites, you can learn more about Fastly on their Drupal.org organization page or sign up for a developer account at Fastly.com—there is even a Fastly module for Drupal7, and one for Drupal8 is on the way!

Front page news: 

Drupal 6 end-of-life announcement

9 November 2015, 3:34 pm

As announced in the Drupal 6 extended support policy, 3 months after Drupal 8 comes out, Drupal 6 will be end-of-life (EOL).

On February 24th 2016, Drupal 6 will reach end of life and no longer be supported.

What this means for you:

  1. Drupal 6 will no longer be supported by the community at large. The community at large will no longer be creating new projects, fixing bugs in existing projects, writing documentation, etc. around Drupal 6.
  2. There will be no more core commits on Drupal 6.x to the official tree. (see What if I have a Drupal 6 site still)
  3. The security team will no longer provide support or Security Advisories for Drupal 6
  4. All Drupal 6 releases on project pages will be flagged as not supported.
  5. At some point in the future update status may stop working for Drupal 6 sites.

Should I update to Drupal 7 or Drupal 8?

The version of Drupal you choose for your upgrade will depend on how complex your site is, what contributed modules you need, and other factors. Many modules have been built in to Drupal 8. For example, Views and a WYSIWYG editor come as a part of Drupal 8, which means that some sites can move to Drupal 8 much sooner. Find out more about Drupal 8.

Drupal 8 core also provides a Migration path directly from Drupal 6 as an experimental feature, so sites can update directly to Drupal 8 using either a user interface or with Drush. See Executing a Drupal 6/7 to Drupal 8 upgrade for more details. The Migrate feature will be fully supported in a later minor release of Drupal 8.

Drupal 7 remains fully supported, so Drupal 6 sites can also update to Drupal 7 using the core update feature when that is a better fit. Drupal 7 is estimated to be supported until Drupal 9 is released, or later. For more information follow: [policy, no patch] Drupal 7 (and 8) EOL timing.

What if I have a Drupal 6 site still?

You should plan to upgrade your site as soon as possible. For sites not updated before February 24th 2016, the Security Team is working with a few vendors who are willing to provide paid support for Drupal 6 sites beyond February 24th, 2016. We recently announced the list of vendors.

If you are a vendor that would like to look into doing this too, please read D6 LTS Vendors policy.

Front page news: 
Drupal version: 

Based on our experience with our successful release candidates, we are confident to announce that Drupal 8.0.0 will be released on November 19, 2015! Until then, we will continue publishing Drupal 8 release candidates with the latest fixes. See the first release candidate announcement for more details on the release candidate phase, or download the latest release candidate (RC4) for a preview of the release.

Port your modules/themes and update translations

There is not a lot of time left if you are looking to have your module, theme or translation ready for the big day! Read more about porting your modules and themes and contributing to translations.

Preparing for release promotion

We are working on both the release announcement and the press release in English. However we do need volunteers to help translate it to their language. The final translations will be posted on Drupal.org at time of release.

If you can help promote the release on Twitter on November 19th and 20th in your respective time zones, Paul Johnson is looking for you. When tweeting about Drupal 8, be sure to use the hashtag #drupal8.

Parties around the globe!

We also need you to throw a party! Organize a local meetup on the week (or even better the exact date) with sweets, sessions, shirts, stickers or whatever fits to spice it up. Make sure to let the community know, so it shows up on the world map on Drupical.com We also suggest you follow @celebr8d8 and promote your party and share your party stories with #celebr8d8.

Finally, thanks to the nearly 3,300 people who contributed to the codebase of Drupal 8 as well as hundreds of others who organized events, conducted usability tests, mentored contributors, found sponsors, etc.—in short did all the awesome things that made Drupal 8 happen. Now, let’s go make something amazing, for anyone!

Front page news: 
Drupal version: 

Drupal 7.41 released

21 October 2015, 7:25 pm

Update: Drupal 7.42 is now available.

Drupal 7.41, a maintenance release which contain fixes for security vulnerabilities, is now available for download. See the Drupal 7.41 release notes for further information.

Upgrading your existing Drupal 7 sites is strongly recommended. There are no new features or non-security-related bug fixes in this release. For more information about the Drupal 7.x release series, consult the Drupal 7.0 release announcement.

Security information

We have a security announcement mailing list and a history of all security advisories, as well as an RSS feed with the most recent security advisories. We strongly advise Drupal administrators to sign up for the list.

Drupal 7 includes the built-in Update Manager module, which informs you about important updates to your modules and themes.

Bug reports

Drupal 7.x is being maintained, so given enough bug fixes (not just bug reports), more maintenance releases will be made available, according to our monthly release cycle.

Changelog

Drupal 7.41 is a security release only. For more details, see the 7.41 release notes. A complete list of all bug fixes in the stable 7.x branch can be found in the git commit log.

Security vulnerabilities

Drupal 7.41 was released in response to the discovery of security vulnerabilities. Details can be found in the official security advisory:

To fix the security problem, please upgrade to Drupal 7.41.

Known issues

None.

Front page news: 
Drupal version: 

Veronica Vedia Profile PictureVeronica Vedia (veronicanerak) organized Women in Drupal at DrupalCamp Bolivia in 2014 alongside Karen Da Cruz and several other women. Veronica shared the story of how she went from anonymous Drupaler to community evangelist over email with the Drupal Association. Parts of this Community Spotlight have been transcribed from a medium.com article that Veronica wrote on her experience coordinating Women in Drupal.

I started using Drupal approximately 4 years ago. At the time, I worked in front-end, and I did my work in multiple different languages and frameworks, like PHP, C#, and Microsoft’s .NET. I really enjoyed working in front-end, but wanted to get more specialized. At one point, a coworker told me about Drupal roles, and the idea of becoming a dedicated “themer” caught my attention. I decided to study Drupal on my own so I could leave that company and find another employer where I could work in Drupal as a themer.

I didn’t become very active in my local community until after Drupal Picchu in 2014 in Cusco, Peru. Before that, I had been a relatively passive participant in the Bolivian Drupal community. But when I heard about Drupal Picchu, I knew I had to go. I admit, the chance to travel to Machu Picchu was my main motivation, but I also knew that attending the Drupal workshops and talks would be very valuable.

When I got to Drupal Picchu, I was amazed at how many passionate people were at the event. There were people with so much experience and talent sharing knowledge from basic to advanced. It really caught my attention how so many people were generously sharing knowledge that they put so much effort into learning. It was a really encouraging experience for me.

The event's keynote was on Women in Drupal, and was led by Karen Da Cruz, Nancy Contreras, Molly Byrnes, and Holly Ross, all of whom are very inspiring women in the industry. I found their stories very motivating, and wound up talking to Karen afterward. I told her, “I want to do the same thing in my country that you have done here.” So I got together with several other women in my local community, and together we made the Women in Drupal group a reality at DrupalCamp Bolivia 2014 several months later.

At DrupalCamp Bolivia, Karen and I gave a “Women in Drupal in Bolivia” workshop where we taught several women Drupal. The goal was to motivate everyone (but especially girls and women) who are learning Drupal. The workshop was a success and it was amazing how enthusiastic all of our attendees are. It wouldn’t have been possible without all the amazing women who came out to help us conduct the workshop and replicate the Drupal Picchu keynote on Women in Drupal. It was really fun to participate in both the workshop and the the keynote, and I had a great time speaking about my own experiences alongside Nancy Contreras (Peru), Karen (Peru), and Mariana Graf (Brazil).

Organizing an activity like Women in Drupal in Bolivia was really intimidating at first. I was worried that there might not be attendees, or that our activities wouldn’t be well received. But everyone was so encouraging and helped me realize that the important thing is the desire to share knowledge — it’s normal to feel fear, and it’s worth overcoming it in the end. Without help from Karen, Freddy Cahuas, and the other DrupalCamp Bolivia organizers, I wouldn’t have succeeded. It also made me realize that one day, you’re new to the community, and the next day, you’re daring to try something new for the community. It becomes a chain where everyone helps each other and the community grows, and I think it’s really powerful how it breaks across the boundaries of languages and cultures and brings us closer to each other.

In the future, I hope to help grow the community and the "Women in Drupal” events. I want to motivate many other girls and women to learn Drupal. It’s a world of endless opportunities and possibilities! To make this happen, I am always looking for help from the community. If anyone has examples of activities that I could share to help boost, improve, and motivate my local community group, I would love to hear from you.

Thank you to everyone who continues to participate and encourage each other to be part of this big family called “Drupal"!

Responding to spam on Drupal.org

15 October 2015, 2:16 am

With the recent release of Drupal 8 RC1, and the related increases in mentions on social media and tech news outlets, Drupal.org is seeing a modest bump in traffic. Along with that modest bump in real traffic, spammers have decided to increase their efforts to get content onto Drupal.org to boost their own SEO. Drupal.org is very attractive to these spammers.

Spam fighting is not fun, and certainly not glamorous, but it is a necessary part of keeping our community home clean and tidy. Community volunteers have helped report and block spam for many years, and Drupal Association staff are looking for ways to ease this burden.

Every spam fighting solution for a website as open as ours takes on spammers using two approaches: automated pattern matching and human review. I wanted to take a moment to walk through some of the approaches we use—though not in too much detail lest the spammers read this and adapt their methods to match.

On the automated front, we use tools like Mollom to do text analysis. Their system is constantly learning from the sites that use it. These services also have tools to help distinguish a robot from a human. Figuring out which spam is coming from bots helps us prevent certain types of spam from filling up the site. We also use tools like Honeypot to try and detect particularly fast submissions to the site. (Note: this is a tough one as many developers type as fast as a robot. You know who I'm talking about.)

Just as common as bot-based attacks are those that are run by humans. The advantage in using humans to place spam is they can get around bot-detection techniques such as captcha or submission speed check.

The most recent spam attacks are a combination of these techniques. We employed a combination of techniques to respond. These include some automated techniques and some that rely on humans.

The automated techniques will likely get a bit more strict for a time while we sort out the best ways to limit the rate of spam hitting Drupal.org. Most of the spam is submitted to our forum system.

As for the human-reliant techniques, we need your help. If you see something, report it. We switched the focus of our development team this week on building the tools to make reporting process much easier. Early next week confirmed users should be able to help us target spam and remove it from Drupal.org with minimal effort by simply flagging content as spam.

We really appreciate all of the amazing work our community does to help keep its home tidy and free of spam. Our community is phenomenal!

Front page news: 

Drupal 7.40 released

14 October 2015, 11:39 pm

Update: Drupal 7.41 is now available.

Drupal 7.40, a maintenance release with numerous bug fixes (no security fixes) and several new features, is now available for download. See the Drupal 7.40 release notes for a full listing.

Upgrading your existing Drupal 7 sites is recommended. There are no major, non-backwards-compatible features in this release. For more information about the Drupal 7.x release series, consult the Drupal 7.0 release announcement.

Security information

We have a security announcement mailing list and a history of all security advisories, as well as an RSS feed with the most recent security advisories. We strongly advise Drupal administrators to sign up for the list.

Drupal 7 includes the built-in Update Manager module, which informs you about important updates to your modules and themes.

There are no security fixes in this release of Drupal core.

Bug reports

Drupal 7.x is being maintained, so given enough bug fixes (not just bug reports), more maintenance releases will be made available, according to our monthly release cycle.

Changelog

Drupal 7.40 contains bug fixes and small API/feature improvements only. The full list of changes between the 7.39 and 7.40 releases can be found by reading the 7.40 release notes. A complete list of all changes in the stable 7.x branch can be found in the git commit log.

Update notes

See the 7.40 release notes for details on important changes in this release.

Known issues

None.

Front page news: 
Drupal version: 

Membership matters: Membership badges stacked verticallyToday, we introduced a banner on drupal.org pages. It invites all site visitors to support the Drupal project by becoming Drupal Association members.

Our membership drive runs from now through December 30, and we have two big goals: $100,000 in revenue and 1,000 new/renewed members. Visitors to drupal.org who log in as current Individual Members will be invited to share the campaign; all other visitors will be invited to join.

We hope you enjoy the stories told as part of this campaign. We've invited community members to participate by telling us why the Association matters to them. This is another great opportunity for community spotlights to shine on some of the most active and passionate people in Drupal. Want to share your story? Reach me by contact form at http://drupal.org/u/lizzjoy.

We'll keep you updated on our progress toward the campaign goals at https://assoc.drupal.org/support-project-you-love and https://assoc.drupal.org/help-grow-our-membership.

Front page news: 

Drupal 8.0.0-rc1 released

7 October 2015, 9:33 pm

Drupal 8 RC1

Update: Drupal 8.0.0 is now available.

We now present the first release candidate for Drupal 8.0.0! Drupal 8 includes a tremendous number of new features and improvements for both users and developers.

We revamped Drupal's user interface; added WYSIWYG and in-place editing; significantly improved mobile support; added and improved key contributed modules including Views, Date, and Entity Reference; introduced a new object-oriented backend leveraging Symfony components; revamped configuration management; improved multilingual support; and added hundreds of other improvements. Drupal 8.0.0-rc1 is the collective work of over 3,200 core contributors. Read more about what's new in Drupal 8.0.x.

The first release candidate provides a great opportunity to begin developing with Drupal 8, especially for:

  • New sites.
  • Sites that rely mainly on the expanded functionality provided by Drupal 8 core alone.
  • Projects that will take months of development time.
  • Sites for which Drupal 8's benefits outweigh the effort needed to port (or work around) contributed modules that do not yet have Drupal 8 versions.

Using Drupal 8 #

Launching new sites #

Drupal 8 itself is very functional straight out of the box -- many of the top Drupal 7 modules are now included in core, and several features have been made more flexible to avoid the need to install many other modules. Evaluate your needs, and you may easily find that everything you need for a project is already included in Drupal 8 core. Check out our slides about Drupal 8 to learn about the changes.

Updating existing sites #

The new version also includes a revamped Migrate module to update existing Drupal 6 and 7 sites to Drupal 8 directly. The migration feature is currently marked "experimental," meaning it is not yet fully supported and we are still working to improve it. For this reason, the Drupal 8 release candidate does not yet provide a user interface for migrations. Use the Migrate Plus and Migrate Upgrade modules to test migrations now, or read more about Migrate in core.

Contributed modules and themes #

There are a number of modules already ported to Drupal 8 as well as themes already being developed. We set up the contrib tracker project to make it easier to track the status of the ports of contributed modules.


DrupalCon Barcelona Drupal 8 sprint photo by Pedro Lozano (under the CC BY 2.0 license)

Porting modules and themes to Drupal 8 #

If you have not done so already, now is the time to ensure that your modules and themes will work with the new version. While there are many changes in Drupal 8, we wanted to make it as easy as possible to get started porting modules. We suggest you use Drupal Module Upgrader to run a first pass of code upgrades. Some things will be automatically upgraded while others will get a @todo comment or will be left untouched.

To help you learn and apply the new APIs, the api.drupal.org site has overviews and short examples of all major Drupal 8 APIs. The Drupal.org handbooks have in-depth guides with more background information on each API as well. We also have a complete list of all API changes to Drupal 8, spanning the 4.5 years of Drupal 8's development.

Instead of using our own home-brewed templating system from Drupal 7 and earlier, Drupal 8 uses the Twig templating engine. Many of the concepts from previous versions of Drupal still apply with Twig. We are working on a guide for you to help update your themes. Also check out the Drupal 8 theming documentation for more information.

Be sure to file any core bugs that you may find while updating your module or theme.

Translating Drupal 8 #

The interface strings are officially frozen now. Only error corrections, removals or additions of whole strings, and fixes required for critical issues may be made to the interface text from this point forward. This is the best time to translate Drupal 8, so your translations will be available when the final version is released. The installer now comes with automated translation downloads, so whatever you translate now will be useful for all Drupal 8 installs. Localize.drupal.org has a summary page about core translation status in all the supported languages with a step-by-step guide in the sidebar to help you contribute.

Documentation, book, and video authors #

The user interfaces, interactions, and "look and feel" of Drupal 8.0.0 are now frozen and will only be changed if required for critical bug fixes. If you previously put your documentation, instruction video, or book project on hold, now is the time to pick it up again. Now is also the time to update documentation on Drupal.org and to get documentation fixes into Drupal 8, so the explanations are correct. Thanks for your contributions!

Be aware that Drupal 8 will employ semantic versioning, with new "minor" releases (backwards-compatible with API additions and new features) approximately every six months. So strings, user interfaces, and other visual aspects of Drupal will be improved throughout the entire Drupal 8 process, which may require subsequent updates to these materials.

Contributing to Drupal 8 core #

During the release candidate phase, only critical fixes and documentation improvements will be committed to Drupal 8 core (plus certain non-disruptive "rc target" changes at core committer discretion). Other issues that have been reviewed and tested by the community may remain uncommitted until after 8.0.0 to ensure that critical bugs can be fixed quickly without risking regressions. Read more about the allowed changes during the RC phase.

When will Drupal 8.0.0 be released? #

We will schedule an official release date for 8.0.0 when we are confident that the rate and nature of incoming critical bugs has slowed enough to ensure a stable release. Until then, release candidates of Drupal 8 will be released twice a month concurrently with the Drupal 6 and 7 release windows.

Update: Drupal 8.0.0 will be released on November 19, 2015!

Known issues #

We are confident that our code is stable enough for wider testing by site owners, developers, and end users. There are however still known issues with Drupal 8.0.x, including major bugs. Help resolve these issues by testing Drupal 8 and searching for existing bug reports and adding more information to help resolve those bugs. If your suspected bug hasn't been reported yet, submit a bug report.

Handling security issues #

Starting now, any security issues discovered for Drupal 8 should be kept confidential and reported using the Report a security vulnerability link on the Drupal project page in order to protect existing sites. Through December 31, 2015, the Drupal 8 security bounty is also still active, so you can get paid for finding security issues and reporting them in our private tracker! See the security team page for more information on Drupal security.

Talk about the release candidate! #

We suggest the #drupal8rc hashtag for Twitter, Facebook, etc. posts. To mention and find conversations about work already made with Drupal 8, use #madewithd8. We can't wait to see what you make with Drupal 8!

Front page news: 
Drupal version: 

We are excited to announce some big changes to the Drupal.org Marketplace. In Dries’ Amsterdam Keynote, he made a compelling case for showing the contributions of organizations that are helping build Drupal. By highlighting organizations that give their employees time to give back, we make it possible for more people to give time to making the project better.

In March, we took steps to begin collecting this information by allowing individuals that were contributing in the issue queues to attribute their contributions to organization that they are employed by or customers that funded the work. When a maintainer of a project (module, theme, distribution or Drupal Core) closes an issue as fixed, they have an opportunity to pass on credit to the individuals who helped contribute to fixing the issue—and not just code contributions, but any kind of feedback, review, designs, etc.

We called this system issue credits and it has been a huge success. We now show the last 90 days of issue credits awarded to an individual or organization on their profile.

Today, after months of collecting this data, we are taking how we highlight contributing organizations to a new level.

With this launch, we are removing the distinction of "featured service providers" versus "all service providers". By using data about these organizations contributions, we can provide a single list of all organizations ordered by their contributions.

For now, we are using issue credits as the primary sort. The secondary sort highlights organizations that are giving back by supporting Drupal.org through the supporting partner program or organization membership. Soon, we plan to incorporate case studies submitted, DrupalCon sponsorships, and camp sponsorships to help make a more complete picture of how organizations are contributing to our community.

Give it a look and give us your feedback.

Front page news: 

Help us test DrupalCI

15 September 2015, 5:05 pm

DrupalCI is the next generation testing infrastructure for Drupal. After years of development, DrupalCI has been rolled out for testing Drupal 8 Core and Contrib projects - and will soon be taking over testing Drupal 7 Core and Contrib as well and for Drupal 6 for the duration of its long term support window.

But we need your help!

At this time, DrupalCI is running in parallel with the existing PIFT/PIFR testing architecture. Before we retire the old testing infrastructure we want to ensure that there are no feature regressions in the new DrupalCI system, and that core and contrib developers have had time to learn the new testing architecture and try it out thoroughly.

If you are a maintainer of a contrib module with testing enabled, we will enable DrupalCI testing for your project. At this time, DrupalCI supports testing in D8 Core and Contrib, but D7 and D6 testing will be enabled soon. If you see that DrupalCI testing has been enabled for your project, please provide your feedback in the issue linked below.

To learn more about how to use DrupalCI for automated testing of your project on Drupal.org, please consult this documentation page.

How can you provide feedback?

We are collecting feedback on the new testing architecture in this issue: #2534132 - Disable Legacy Testbots and use drupalCI as our testing infrastructure. Please focus your feedback on:

  • Feature regressions from current testbots
  • Unexpected test failures
  • User interface issues
  • Test result parsing and display

Though DrupalCI is a more flexible and extensible testing architecture, we are not collecting additional feature requests at this time.

If you are a module maintainer, and you are a satisfied that the new DrupalCI tests are meeting your testing needs, you can return to the Automated Testing tab for your project and choose to disable PIFT/PIFR testing, by deleting the specific releases you no longer need tested in the old system:

Delete unneeded release from old testbots

Learn how to add automated testing to your project…

If you would like to add automated testing to your projects on Drupal.org you can learn more about writing tests with this tutorial.

Front page news: