Drupal Association blog: DrupalCon Pitch-burgh Updates (08.2023)

August is traditionally a month when many in the northern hemisphere go on a much needed holiday from the heat and enjoy a well-deserved break from work.

However, this will not stop our Pitch-burgh contest winners, who were incredibly excited about starting the work and demonstrating how an open source competition like this can deliver cost-effective benefits for the Drupal project.

For the boring part, most or all of the agreements are in place (with some still being signed this second week of August), and the initial grants are starting to arrive in the awardee’s bank accounts. As previously mentioned, this is a first for the Drupal Association, and it has taken some time to figure out important things regarding contracts and how money is moved. In the end, we want to make sure none of us get in trouble with the tax collector.

In the meantime, for those keeping tabs on our Slack channels, you're likely aware of the substantial progress that's been made across the projects. It's remarkable that none of them were compelled to take action until the ink on the contracts had dried. This is the beauty of open source – a commitment driven by shared belief and trust among all contributors that transcends mere agreements and financial transactions. It's a challenge that proprietary software can hardly match.

I reached out to each project, asking for an update on their initial step. Here's what they had to say:

Mentor the mentor

The first iteration of the DrupalCon First Time Contributor workshop has been templated and made more accessible for folks who can't access the slides visually. The slide deck for local and regional camps is also primarily complete; awaiting feedback from other mentors. The next phase involves scripting the decks and incorporating documentation into Drupal.org's Contributor Guide.

Unsurprisingly, the issue queue etiquette deck is still in flux and changing as some contributors find new and unique ways to game the contribution system. AmyJune has contacted core and contrib maintainers, seeking insights into their most pressing pain points within the issue queue. The issue queue etiquette documentation is being shared as needed, but some of the community feels some points are antiquated or can be reworded into more productive dialog. The presentation depends on that etiquette. As most of the slides are complete, she will hold off on saying it's finished until the issue queue etiquette documentation discussion is in a healthy place.

Stay updated on the progress of this project by following the discussion in the #pitchburgh-mentoring-the-mentor channel in Drupal Slack.

Policy based access

Access policies in core now have a green patch for just the new API and a green patch for the API + integration in core. All I need to do now is add documentation and keep following up on the patch to get it into core.

To stay informed about the most recent developments, please keep an eye on the #pitchburgh-policy-based-access channel.

Drupal client

The Drupal API Client is currently in the process of finalizing our project planning phase and gearing up for implementation. Our intent is to begin by focusing on a limited-scope POC that will allow us to test our assumptions early and gather feedback. As part of this effort, we are in the final stages of addressing a related meta issue and eagerly welcome any insights you may have in the comments section.

Recently, we also conducted an initial async kickoff meeting in the #api-client channel in Drupal Slack. We're planning on establishing a bi-weekly Slack meeting on Thursdays at 15:00 UTC, and actively working on scheduling a one-off Zoom kickoff. Join #api-client for more info on these meetings, or just to say 'hi' and catch up on the backscroll.

The Slack channel is bustling with activity, encompassing daily discussions and regular catchup meetings. We invite you to participate and connect with our project leader, Brian Perry, in the #api-client channel within the Drupal Slack community.

Decoupled Layout Builder 

Discovery is complete, we’re all set up on Drupal.org with meta issues and sub tasks for the project. We’re planning to start development in September.

To stay informed about the latest developments, please track updates in the #pitchburgh-decoupled-layout-builder channel.

Gutenberg

The Gutenberg project is starting in September, with an ideal kickoff that includes a workshop in collaboration with Automattic, a company that, if you remember, its founder, Matt Mullenweg generously offered to sponsor this endeavor and proposed a workshop between our two teams to aid in the discovery and initial phases.

If you'd like to be part of the conversation or contribute your insights, please don't hesitate to join us in the #pitchburgh-gutenberg channel.

JSON Schemas and data storage in Core

Development on this initiative starts in earnest this month. The project schedule has a completion date of 31 December, which is ambitious but consistent with the strong community interest in these priorities. Even before contracting was completed, important discussions occurred in policy issues regarding minimum database driver versions with an eye toward ensuring these improvements can land in the D11 release cycle - and perhaps even in D10 minor releases. Development work has begun on refining existing merge requests for the JSON data type in the database schema API, and follow-on issues are being scaffolded per the project roadmap.

If you're keen to contribute to this significant effort, we encourage you to participate in the discussion within the #pitchburg-json-ftw channel or the #contribute channel on Drupal Slack. - Brad Jones

Salsa Digital: The European Union’s Cyber Resilience Act and how it affects open source

Image removed.What is the Cyber Resilience Act? The Cyber Resilience Act is proposed legislation that will make it mandatory for hardware and software producers to: Ensure that their products meet minimum security standards before they’re released  Keep their products’ security up-to-date after release (e.g. monitoring security threats and releasing security updates) The Act also aims to make it easy for users to compare the security features of different products. The end goal: to make digital products more secure, to protect citizens and businesses.  View the draft Act in multiple languages What effects will it have on software development? A factsheet about the Act outlines the manufacturer’s obligations.

Freelock Blog: Rate Limiting an aggressive bot in Nginx

Rate Limiting an aggressive bot in Nginx John Locke Tue, 08/22/2023 - 10:58 Image removed.

High load isn't necessarily an emergency, but it may be a heads-up before a site noticeably slows down. Sometimes there are weird spikes that just go away, but sometimes this is an indication of a Denial of Service.

Rate Limiting

NGinx has rate limiting that can be used to handle cases where a slow URL is targeted. Today one of our sites had high load alerts. Here's how I handled it:

Matt Glaman: How do theme template overrides in Drupal work?

In Drupal, with themes, you can override default template output by copying, pasting, and customizing those templates. It works, but how? I thought I always knew how this worked. But I realized I didn't when I dove into supporting Drupal 7 themes with Retrofit.

I know Drupal builds the theme registry and theme hook suggestions. In doing so, it scans templates, and part of that process includes scanning the active theme for template and theme hook template implementations. But when reading the \Drupal\Core\Theme\Registry code, I was coming up blank.

Specbee: 15 Drupal Jargons Decoded

Imagine this: you’re interested in cars - their mechanisms, designs, and all things cars. You want to pursue a career in modifying cars, but when you step into the garage you don’t know squat about the tools. Before you can even get started,  one of the first things you’ll need to do is learn what those tools are and how to use them! Similarly, you’ve stepped into the world of Drupal, all set to curate stunning websites and reap the benefits of its immense power. But hold up - what’s up with all the jargon in Drupal? Don’t you worry, my fellow adventurer,  we’ve got your back! Join us as we decode the Drupal-speak and have you talking the Drupal talk and walking the Drupal walk. Below, you'll find a rundown of 15 essential Drupal terms, each explained in plain English. Prepare to grasp the core concepts of this content management titan. Entity Types One of the strongest tools (or can be termed as THE strongest tool) in Drupal is the Entity API system. The Entity type is the starting point of the Entity API system. An Entity type consists of the base attributes or fields that are required to create an item of that particular Entity type. For example, imagine the animal kingdom. In this case, “Animal” will be an Entity type with the base attributes like:- Name of the Animal- Type (Mammal or Reptile) Out of the box, Drupal provides certain Entity types like Node, User, Blocks, Media, etc. which are used for different types of items that serve as the building blocks for building a website with Drupal. Bundles Now that we have an Animal Entity type, we can add different ‘types of animals,’ which are called “Bundles” in the Drupal ecosystem. These ‘bundles of animals’ will share the same base fields and storage. Any additional type-specific fields can be added as configurable fields or per-bundle base fields. Moving ahead with the previous example, we can now create different types of Animal bundles like Tiger, Lion, and Crocodile. Now, each bundle can have its own set of attributes/fields - Tiger can have fields like size, color, origin; Lion can have fields like gender, type, and origin; Crocodile can have fields like species, length, and color. This allows you to create different types of Animals and bundle them under a particular type.  In the Drupal context, taking content as the reference point which comes under the Entity type called “Node” (more on that soon), we can have different bundles under it, such as Articles, Resources, Events, and Places, etc., where each of the bundle will share the base attributes of Node like title, published status, author, etc. However, they can have their own set of fields as well, to separate them from other bundles. Entities Nearly, every major component that makes up a Drupal site is an entity of one type or another, e.g. items created under users, nodes, and blocks are all types of entities. In technical terms, an entity would be one instance of a particular entity type such as a comment, taxonomy term, or user profile or of a bundle such as a blog post, article, or product. Continuing our above example, any animal item that is created of the Entity type “Animal” will be an entity but of different bundles like Tigers, Lions, or Crocodiles.In the Drupal context, creating an Article or an Event, one single instant or single item of the content is called an Entity. Display Modes Drupal, being a Content Management System (CMS) allows you to work on your content and rely on Display Modes for presentation. Display Modes provide different presentations of your Content entities for viewing. In other words, you can choose what fields to display for a particular content entity under a bundle by creating different Display modes. For example, we have an Article content type that has basic fields like title, body, image, tags, categories, post date, and author. Now, based on the page we want to show the articles, we can use display modes.  Let’s say on the Homepage, we want to display a teaser of the article contents (title, post date & image). On another page, let’s display articles in a card display (title, post date, author, and a trimmed body). So, to be able to do this, you can create different display modes and adjust/configure it accordingly via Drupal UI to show only those fields and use them to present by Article content data in different formats. This helps in reducing duplication of data since you don’t have to replicate the Article content multiple times. Instead, you can have one copy of an Article content and using Display Mode, configure different presentations of the same copy of the content. Views Now that we know Entities and display modes, we need a mechanism to display a list of these Entities. This is what is called a View in Drupal terminology. In Drupal, a View is a listing of content on a website. Now, the view itself is a vast topic to cover which can be done separately. It is not only tied to a single Entity type, but you can also use views to create a listing of any available Entity type on your website. You can also apply certain criteria to filter out the contents in the view listing, which is called “Filter Criteria.” Additionally, it allows you to present your listing in different layouts, such as a list, grid, or table. In short, Views is a very utility tool in Drupal with which you can create any type of listing based on different conditions with various possibilities. Node All the content on a Drupal website is stored and treated as "nodes". A node is any piece of individual content, such as a page, poll, article, forum topic, or blog entry. In fact, this page you’re reading itself is a node. As we read earlier, Node is one of the Entity types that Drupal provides, however, any entity of a Node Entity type is also called a “node”. For example, an item created under Article will be a node (content) of type (bundle) Article under Node (Entity type).  Taxonomy and Vocabulary As we know, we can segregate different types of entities under an Entity type using bundles. However, you might want to categorize your entities further, which can be done using the Taxonomy system in Drupal. Vocabulary is used to group, organize and, in many cases, categorize a set of taxonomy terms. Consider Vocabulary as the Entity type, then a bundle of Vocabulary is called Taxonomy and each Taxonomy term inside a Taxonomy is an Entity. For example, a category in an Article content type will be linked to the Vocabulary named “Category.” While creating an Article node/content, you can choose the term from the Category Vocabulary and associate that with the particular piece of content you’re creating (Let’s say, Music). Now, this will help you to segregate Articles that fall under the Music category and can be used as a filter when we create a view of Article to show only the contents that fall under Music. Image Styles Drupal Image Styles revolutionize the visual appeal of websites. It’s like a digital artist, dynamically transforming and enhancing images to fit various contexts. With wizard-like magic, Image Styles resizes, crops, and applies filters, breathing life into visuals. From vibrant thumbnails to captivating banners, Drupal Image Styles creates an engaging user experience, without compromising the original image integrity. Modules Modules are pluggable items that consist of code of PHP, JavaScript, and CSS that allows you to extend or add new functionalities to a website. Their pluggable nature allows you to enable them if you want their respective features on your website, and uninstall them if you don’t. Basically, you plug in and plug out based on your needs. This makes Drupal flexible enough to tweak it as per your requirements.Drupal Modules can be categorized into:  Core modules: These come by default in Drupal core and are enabled when you initially install Drupal, while others can be enabled as needed. Contributed modules: These are community-made modules, as its members contribute back to the Drupal community and extend the core functionalities. Custom modules: These modules are crafted according to specific site applications. Visit here to find a beginner’s guide to creating custom modules. Hooks Hooks are your code maestros, orchestrating Drupal's core sub-system and modules. They act like intercoms between various code components in Drupal. Developers can change the functionality of the core or other modules without making changes to the existing code. Hook provided by core can be found here.For example, if you want to change the form labels on the User Login form which is provided by Drupal core, we can use a hook called “hook_form_alter” to manipulate the form and form items. Configuration Synchronizer Okay, get ready to get confused!  We already discussed entity, and as mentioned, nearly every major component that makes up a Drupal site is an entity of one type or another. The content on a site is called a “Content Entity,” however, there’s another type of entity called “Configuration Entity.” Configurations reside on the database that is suitable for creating user-defined configurations, such as image styles, views, content types, etc. While working on a Drupal website, you might need to sync the configurations from one environment to another to reduce the manual process.  For example, let’s create a new content type, “Events” on your local environment. Now, to move this content to higher environments like dev or production, you’d need to re-create the content type again. To reduce this manual effort, you can export these configurations from the database as YAML files and import them into the higher environments from the YAML files to the database. There you have it - the entire process called - Configuration Synchronization.  Headless Drupal (Decoupled Drupal) “Head-less” Drupal sets your “front-end” free!  While the front end flaunts diverse tech, interconnected with APIs, headless or decoupled Drupal powers the content backend. In simple words, your website body does all the work while its soul is on vacation. This allows you to use Drupal as a content repository which delivers the content as APIs, while the Frontend can be built using a JS framework like Angular or React to consume these APIs and display the content.   Distributions Distributions are Drupal's all-inclusive packages, like vacation bundles with Core, themes, modules, and even installation profiles. You've got your full-featured packages for niche needs and snappy starters for the builders and dreamers. Here are the two primary types of Drupal distributions: Full-featured distributions: These are complete packages for niche needs. Other distributions: These include snappy starter tools for site builders and developers. For example, if you want to build a website for UK councils to publish public-facing websites quicker, cheaper, and better, you can use the LocalGov distribution that allows you to get started with the development by pre-packing features like Banner, Alerts, News, and Search.  Recipes Distributions are difficult as they are hard to discover before you install Drupal. Once you've chosen to start with a distribution, switching the profile is hard and to maintain over several Drupal release cycles depends on the maintainer of the distribution. To deal with this, a new concept “Drupal recipes” was introduced that allows the automation of Drupal module installation and configuration via the user interface and the Drupal recipe composer plugin. Consider Drupal Recipes as modules that can be plugged/unplugged at any time based on the requirements, while adding the benefits of a distribution. Taking the example above about the website for UK councils, we can have recipes that provide individual features as Recipes that can be installed to get a kick-start for the project. Single Directory Component (SDC) Consider components as the building blocks for your website. The metadata, HTML, CSS, and optional JavaScript - all share the same directory in Drupal, making the assembly of Lego pieces easier. Hence, they’re called a Single Directory Component (SDC). With the help of SDC, you can build and render components on your Drupal site, keeping the code confined to a single directory. Final Note: Drupal Jargon Decoded! Congratulations, you've successfully cracked the Drupal code! Armed with this Drupal cheat sheet, you can dive into Drupal articles in depth without deciphering each term. You're now equipped to do the Drupal walk-and-talk without budging!  

Acquia Developer Portal Blog: Effortless Google Tag Setup for Drupal

Image removed.

Being able to know what your users are doing on your website is a critical component of maintaining and running your Drupal website.  For years, site maintainers have relied on Google Analytics to gather that information and with the recent launch of GA4 it's important to make sure your site is setup for success.  The Acquia Drupal Integration Team has worked closely to upgrade the Google Tag module as part of the GA4 transition and it is better than ever.  Leveraging the latest GTag script and supporting GTM all from within the same module eliminates confusion for developers and maintainers.  During this tutorial we will step you through installing the new Google Tag module and some basic configuration items you need to consider.

  1. Add/Enable the Google Tag module

    Add the Module

    Depending on how your Drupal site is setup, there are different ways to add the module to your