Recently, The Drop Times reported a discussion within the Drupal community regarding the use of the term “Add-ons” in the Drupal CMS Dashboard. The term was flagged as inconsistent since the Project Browser module uses “Recipes” to describe similar features.

Members of the development teams addressed the concern, explaining that the change aligns with efforts to simplify Drupal’s language for broader accessibility. However, some community members pointed out that uncoordinated terminology shifts could lead to confusion. Drupal CMS was designed to attract new users and empower non-technical users with greater control over technical aspects, making consistency in terminology crucial. A structured approach to managing such discrepancies could help ensure clarity.

For now, perspectives within the community vary. However, with user testing, further discussions, and potential governance decisions, a resolution may soon emerge.

As Drupal CMS continues to evolve, terminology debates like this will likely become more frequent. The challenge remains to modernize Drupal’s language for wider adoption while preserving the terminology that defines its identity.

Let's have a look at the important stories from the past week.

Discover Drupal

• 57 Expert-Picked Modules Powering the All-New Drupal CMS
• Drupal Trash Module: The Ultimate Solution for Managing Deleted Content
• Drupal Public Data, Statistics & Silver Linings? An Exploration #3
• Drupal’s Hidden Power: Lazy Loading for Better Performance, UX, and SEO

Event

• Drupal Global Contribution Weekend in Lutsk: A Success Story
• Drupal Bhopal Meetup Set for February 21
• Drupal Delhi Meetup Feb 2025: Event Details and Registration
• DrupalCon Atlanta 2025 Schedule Released
• Ripple Makers Networking Breakfast at DrupalCon Atlanta 2025
• Drupal Kochi Monthly Meetup Scheduled for February 27

Organization News

• Metadrop Launches Monthly Update Series to Highlight Drupal Innovations
• Dropsolid Acquires Pictonio to Expand AI-Driven Drupal Solutions in Europe
• React Online Marks 25 Years of Digital Innovation

Drupal Community

• Drupal’s ‘Add-ons’ vs. ‘Recipes’ Terminology Sparks Debate

That is for the week. While there were many stories worth mentioning, we cannot include more. Thanks for your continuing support. Be our patrons for the months and years to come. We could support the community together. 

Warm regards,
Thomas Alias K. 
Sub Editor, The Drop Times. 

AI (artificial intelligence) has become a powerful tool to improve the process of making and managing digital content. Drupal, the most famous content management system (CMS) known for its flexibility and robustness, has already started to integrate this new technology. This adds exceptional capabilities for creating and enhancing content. 

In this read, we will highlight how to install and configure the modules AI (Artificial Intelligence) and Image Genie AI in Drupal. The AI module improves CKEditor by adding AI-powered features such as tone adjustment, text generations, and translations. On the other hand, Image Genie AI allows image generation, for the efficient and rapid creation of complete content. 

Prerequisites 

To make everything function smoothly it is necessary to ensure that certain requirements are fulfilled before starting to integrate AI capabilities. 

Drupal CMS, a new preconfigured solution, represents a turning point in Drupal’s history and will have a significant influence on its future. In this article selected leaders from various Drupal agencies around the world share their perspectives on how this development could transform the ecosystem and expand Drupal's market presence.

Today, Drupal is an incredibly powerful, efficient, modern content management system. This solution allows you to create editorial workflows and various interfaces much easier and faster. All this will meet your specific requirements and needs.
Drupal has a relatively practical and multifunctional Render API. It plays a crucial role in displaying content on the site. Its task is to manage how the published content will be shown through the used rendering arrays and its elements.
However, these capabilities are not always sufficient. Combining Drupal functions and options with WebSocket is an excellent solution.

• Drupal core
• Themes
• Contributed and custom modules

• Use complex, unique usernames and passwords for all administrator accounts.
• Consider using a password generator to create strong credentials.

• Login Security: Limits login attempts and blocks suspicious IPs to prevent brute-force attacks.
• Password Policy: Enforces strong password requirements for all users.
• Security Kit: Mitigates risks like cross-site scripting (XSS) and clickjacking.
• Two-Factor Authentication (TFA): Adds an extra layer of protection during login.

• Ensure your hosting provider supports SSL/TLS certificates.
• Configure your site to redirect all HTTP traffic to HTTPS.

• Back up your site’s files and database frequently.
• Use modules like Backup and Migrate to automate the process.
• Store backups securely off-site to prevent loss.

• Assign roles and permissions carefully, ensuring users only have access to necessary features.
• Restrict access to sensitive functions, such as PHP execution.
• Regularly review user roles to remove unnecessary privileges.

• Check Drupal’s built-in logs under "Reports > Recent Log Messages" for signs of issues, such as failed login attempts.
• Subscribe to Drupal’s Security Advisory email list or follow updates on social platforms for timely alerts.

• Ensure the web server cannot write to directories containing executable PHP files.
• Verify that .htaccess files are in place for all Drupal files directories.
• Regularly audit file permissions to maintain a secure configuration.

• Supports the latest Drupal version.
• Offers secure protocols like SFTP and SSH.
• Has robust firewall rules and intrusion detection systems.

• Use the Security Review module to scan for common security issues.
• Perform manual reviews or hire professionals for penetration testing.

Add new comment

Almost a year ago in February 2024, I introduced the Drupal Community to changes being made to the Drupal Certified Partner Program (see: Turning Takers into Makers: The enhanced Drupal Certified Partner Program).

The goal of the enhanced Drupal Certified Partner program was to define the culture of contribution necessary at the agency level to make Drupal thrive at the ecosystem level. We then set out to recognize and reward agencies who incorporate this culture into their operations.

In this blog, I will provide an update on progress made and further changes that will be made to the Drupal Certified Partner Program. These changes are necessary if we are to preserve independence and strong governance and avoid the fate of Wordpress, where the Maker/Taker problem is tearing the project apart.

The Update

We have made great progress in creating a model of sustainable support for Drupal, while maintaining it as one of the world's largest, independent open source projects. In the last year,  the number of Drupal Certified Partners has increased to 101, an increase of 26 companies.

In joining the program, agencies are placed in a Tier based on their previous 12-month contributions. It is heartening to see that we have a strong mix of contribution tiers. The breakdown is what you might expect: the upper tiers, demanding greater contribution, have fewer companies (29).  New Partners, who are beginning their contribution journey, make up ¾ of Drupal Certified Partners. It was exciting to see several companies join in 2024 and then move up a tier in the same year!

The program has some geographic diversity, but this is an area where we hope to grow.  I think the Asian, Australian, and Middle East markets have potential for solid growth.

Most importantly, the impact of the program on contributions has been tremendous. Total contributions to the Drupal Project in 2024 totaled 203,738 and Drupal Certified Partners sponsored 87% of these contributions (158,387 issue credits). The growth in total contributions was due to the Drupal Starshot Initiative, but it is fair (and obvious) to say that without Drupal Certified Partners, Starshot would not have been successful.

But, there were 1,440 organizations active on Drupal.org in 2024 and yet, only 101 Drupal Certified Partners (7%).  In fact, 96% of all contributions came from 219 companies (15%). This is not sustainable, if Drupal is to remain innovative and independent.

The Message

Agencies that rely upon selling Drupal to their customers need to be Makers, not Takers. In becoming a Drupal Certified Partner, such agencies are making an important investment in the sustainability of their company.  They are:

• Investing in the software that they sell to their customers, keeping it innovative into the future, and 
• Investing in their staff, connecting them to Drupal at a deeper level that improves job satisfaction, expertise, and retention, and
• Demonstrating to their customers and potential customers that they are an independently verified, high quality Drupal agency, one that understands open source and can competently deliver; and
• Investing in their business model by embracing open source and being an integral part of its success.

To read more about building a business model around open source, I would refer you to an excellent blogpost by Owen Lansbury, Chair of the Drupal Association and founder of Top Tier Drupal Certified Partner PreviousNext: Becoming a Drupal Certified Partner: How commitment to open source drives value and success at PreviousNext. Owen shares his model in the spirit of open source and with the knowledge that a strong Drupal ecosystem benefits all companies.

Over the past 18 months, the Drupal Association has been asking companies to make the decision to be a Maker and we have been heartened to see many making that commitment.

The progress we have made in 2024 is good and we are pushing for even more growth in 2025.

Invigorating Drupal, increasing marketplace awareness of Drupal, and maintaining its independence are not guaranteed outcomes for the Drupal Project.  We have witnessed poor outcomes in other open source projects over the last several years.

Open source is only as sustainable as the level of commitment to it from the community.  There are proprietary products that view Drupal’s capabilities as an obstacle to market dominance and only the strength of the project and community can stave that off. This is one of the reasons why the launch of Drupal CMS is so important- it innovates the product and rallies the community. It offers opportunities for Drupal Agencies to expand the market and earn business.  It can introduce Drupal to more marketers and site builders.

All this is good, but to be sustainable, we need to do more.

The Drupal Association believes that we need:

• A larger network of Drupal Certified Partners. The Drupal Association’s Board of Directors set a goal of 106 DCPs by the middle of 2026.  We will meet that this quarter.

  We realize now that number is not sufficient to keep Drupal independent and thriving.  A global project with the breadth and depth of Drupal needs a larger network of Makers of all sizes and business models in all markets.

  The number of Drupal Certified Partners needs to be three times as high.

• Greater support from large companies, even those for which Drupal is only a part of their business. Many large (and some really huge) global companies have not committed to the contributions necessary to be a Drupal Certified Partner.

  One of the changes we made to the Certified Partner program was to make code contributions central and the primary reason for placement in the program tiers. The financial sponsorship amount does not move a company up or down the ranking. But financial sponsorship amount does go to support Drupal.org, the Drupal Servers, the Drupal Project and several initiatives to grow the community. Financial sponsorship is tied to employee size as a rough proxy of agency's revenues.

  We are finding that the Drupal teams within some of these large organizations cannot convince upper management to authorize contributions and/or make the financial contribution, even though it is a nominal amount compared to the organization's overall revenue.

  How do we get integrators and other large organizations that make millions of dollars in revenue from Drupal to be Makers in open source and not Takers? These organizations use several open source products and thus it is not a problem that Drupal faces alone.

  The Drupal Association is continually trying to make the case and I welcome additional ideas from the community as to how to solve this.

• Companies to increase contributions commensurate with their size. The primary goal of the Drupal Certified Partner program is to drive contributions to the project that supports innovation and growth to improve Drupal’s relevance in the marketplace.

  Knowing that Drupal has a very diverse ecosystem, we established a program that companies of all sizes can participate in. Given that about 42% of DCPs have less than 20 employees, I think we’ve been pretty successful.  There are plenty of examples of small and mid-size companies contributing far more than one would expect.  For an extreme example, check out Redfin Solutions and their under 10 person team contributing at the Diamond Tier level!

  But, this has led to the situation where large companies meet minimum requirements for certification but do not contribute commensurate with the size of their Drupal team. This holds back innovation. So we need to find a way to incentivize companies who can, to move up in the Tier structure and contribute more back to Drupal.

  The Drupal Association will begin to implement further improvements to the Drupal Certified Partner program to provide extra recognition and benefits for Partners in the upper Tiers.

• Drive Drupal business to Drupal Certified Partners. Dries Buytaert, in his influential Balancing Makers and Takers to scale and sustain Open Source, cites economics 101 and the free rider problem in making the case that we must level the playing field between Makers and Takers by driving business to Makers.

  For Drupal to innovate, for it to sustain, for it to remain independent, those companies that give back must be rewarded.  This is in the interest of Drupal's end users who invest significant funds into their projects and want to know that Drupal will thrive.  Much cheaper than paying license fees in perpetuity is ensuring that the company who is building and maintaining your website is sustaining the software.  In 2024, we started an initiative to make end users aware of the importance of working with Drupal Certified Partners through a model RFP.

  We need to go further.  The Drupal Association will continue to ensure that Drupal is free to anyone, anywhere in the world to download and use as they wish.  We will also aggressively drive business to Drupal Certified Partners.

The Hope

There are SO MANY positive things happening in the Drupal Project and the Drupal Community.  With strong governance and the promise of Drupal CMS, the future of Drupal is ours to create.

My plan, one year from now, in February 2026, is to provide an update to the community that highlights the success of the community’s Drupal Certified Partners in keeping Drupal innovative, inspiring and independent.

If your company will join us, you can make writing that blogpost much easier. 

Since I started working on the Drupal Event Platform initiative, a request that I've heard more than once is for a configurable theme. I have considered making a subtheme of Olivero that would expand the number of configuration options available, to allow for more options in the overall site styling, potentially including things like spacing, border-widths, and border-radius.

Tags

• Theming
• Drupal

• Read more about Artisan Theme: On the Workbench
• Add new comment