Aegir5 development is happening! We (Consensus) have been making steady progress on it over the last few years and are looking to kick off a new burst of focused development. Here’s a summary of progress that has been made so far and how you can contribute. First off, as you’re probably aware, Aegir5 is a complete re-write of Aegir. We are intending to build on all the great aspects of Aegir, while freeing ourselves from a codebase that is rooted in PHP 4.

Today we are talking about Valhalla Content Hub with Shane Thomas.

For show notes visit: www.talkingDrupal.com/388

Topics

• Joining Netlify
• Changes at Gatsby
• What is a content hub
• How does that differ from a content repo
• What is Valhalla
• How does it work
• Data stitching with GraphQL
• Can you massage / normalize data
• Benefits
• Privacy
• Production examples
• How is it structured
• Do you have to use Gatsby
• Integrations with Drupal
• Timing
• Cost
• How to sign up

Resources

• Valhalla

Guests

Shane Thomas - www.codekarate.com/ @smthomas3

Hosts

Nic Laflin - www.nLighteneddevelopment.com @nicxvan John Picozzi - www.epam.com @johnpicozzi Jacob Rockowitz - www.jrockowitz.com @jrockowitz

MOTW Correspondent

Martin Anderson-Clutz - @mandclu Entity Share You configure one site to be the Server that provides the entities, and content types or bundles will be available, and in which languages.

"The whole is greater than the sum of its parts," said Aristotle. It is especially relevant while talking about a free software ecosystem.

In functional logic, it is helpful to break up things into smaller units so that it becomes manageable. There would be more focus, and bugs are easy to be identified.

The non-core modules that follow the strict guidelines for quality code are the building blocks contributing to Drupal's greatness. The insistence on quality is what binds these compartments seamlessly. Each team has its role. But their collective can touch in many ways than these individual parts could deliver.

The synergy between different constituent units is paramount in a loosely knit community formed based on superior technology and grand philosophy. Entities working in this space should constantly meet in some way or another and be able to share their ideas to achieve this synergy. The DrupalCons and DrupalCamps are always facilitating this catchup game.

DrupalCon Pittsburgh Early Bird Registration is now open and is available through April 02. But the deadline to apply for a scholarship will end tomorrow. Early Bird Registration for the 6th annual DrupalCamp Ruhr will also end tomorrow. DrupalCamp Florida is now over, and here is a look back. Read our interview with Melissa Bent and April Sides, published as part of DrupalCamp Florida. DrupalSouth (New Zealand and Australia) has called for paper submissions for their upcoming event in Wellington. They have opened registrations for the camp, and the first 50 registrants will get an early bird offer. If you are eager to attend Drupal training, you can consider registering for the training sessions at DrupalCamp New Jersey. Fan tickets are available for DrupalCamp Poland. Here is a list of current sponsors for Drupal Developer Days Vienna. Some sponsoring slots for the NERD Summit might still be open. The four-day DrupalCamping Wolfsburg, fashioned as a BAR Camp, has limited tickets, and those interested could rush for registration.

This March, we have the DrupalCamp NJ and the NERD Summit coming up. MidCamp is in April. DrupalSouth Wellington, The Stanford WebCamp, DrupalCamp Ruhr, and DrupalCamp Poland will follow in May. Not soon after, we have the first annual DrupalCon of this year in Pittsburgh by the beginning of June, just after the DrupalJam. In the same month, we have Drupal Camp Asheville and Drupal Developer Days Vienna. Let these gatherings be an excellent start for your Drupal journey if you are new to the community. For those already here, it is time to synergize with the rest. That is for this week. Thank you.

Sincerely,
Sebin A. Jacob
Editor-in-Chief, The Drop Times

It is now dead simple to add Tugboat to Drupal contributed modules.

Modern, attractive, clear, contrasting — these are just some adjectives you could use to describe Olivero, the new theme for Drupal sites. Read our post to learn about its features and the ideas behind it.

Drupal is known for its robust security features, making it a popular choice for websites that handle sensitive information. Drupal's security architecture includes multiple layers of protection, including secure coding practices, access controls, and input validation. However, even with these built-in security features, it's always a good idea to take extra precautions when it comes to website security.

One of the ways to improve Drupal's security is by installing security modules. These modules provide additional layers of protection and can help mitigate potential vulnerabilities in your site. While it's important to note that no website can be 100% secure, installing security modules can help make your Drupal site even more secure.

Drupal's security architecture is built around the principle of defense in depth, which means that it uses multiple layers of protection to guard against potential threats. For example, Drupal employs secure coding practices to minimize the risk of vulnerabilities in its core codebase. It also uses access controls to ensure that only authorized users can access sensitive parts of the site. Additionally, Drupal has built-in input validation to prevent malicious code from being injected into your site.

Despite Drupal's robust security architecture, there are still potential vulnerabilities that can be exploited by attackers. You know what they say - no software is 100% secure. Installing security modules can help mitigate these risks and provide an additional layer of protection. Some of the most popular security modules for Drupal include Security Kit, Password Policy, and Two-Factor Authentication. Each of these modules provides unique benefits that can help enhance the security of your site.

In conclusion, while Drupal is already a secure CMS, installing security modules can provide an additional layer of protection and help mitigate potential vulnerabilities. By taking proactive steps to improve your site's security, you can help ensure that your sensitive information remains safe and secure. Here I'll be listing seven modules I think you really should consider installing and setting up.

The listed modules are all recently updated and work with Drupal 9 and 10.

1. Password Policy

Password Policy is a module that allows you to enforce strong password policies for your Drupal site. With this module, you can set rules for password complexity, length, and expiration. Password Policy helps reduce the risk of unauthorized access to your site by ensuring that users are using strong and secure passwords.

If you build sites for other, then this is a must. If you build sites for yourself, then I hope that you set strong passwords for yourself.

2. Two-Factor Authentication

Two-Factor Authentication is a module that adds an extra layer of security to your Drupal site. With this module, users are required to provide a second form of authentication, such as a token or SMS code, when logging in. Two-Factor Authentication helps protect your site against brute-force attacks and ensures that only authorized users can access your site.

There is also the module Two Factor Authentication - 2FA / Passwordless Login, which has a recently released version, but I haven't tried that one.

3. Login Security

Login Security is a module that helps prevent brute-force login attacks on your Drupal site. This module limits the number of failed login attempts from a given IP address or user account. You can also configure Login Security to lock out user accounts for a specified period of time after a certain number of failed login attempts. By enabling Login Security, you can reduce the risk of unauthorized access to your site.

4. Automated Logout

Automated Logout is a module that logs users out of your Drupal site after a specified period of inactivity. This module helps reduce the risk of unauthorized access to user accounts by automatically logging out users who have left their sessions open. By enabling Automated Logout, you can enhance the security of your Drupal site and protect your user's data.

Good if you have a lot of users, if you are the only user then it can be quite annoying when having to log in now and then.

5. Honeypot

Honeypot is a module that helps protect your Drupal site against spam bots. This module works by adding hidden fields to your forms that are invisible to users but detectable by bots. When a bot fills out these fields, the submission is blocked, and the bot is prevented from accessing your site. By enabling Honeypot, you can reduce the risk of spam and protect your site's performance.

I have used this module for at least a decade, and no site with forms are complete without it. It really whips the spammer's ass, to paraphrase the old Wimamp slogan. 

6. Content Security Policy

Content Security Policy is a module that helps protect your Drupal site against cross-site scripting (XSS) attacks. This module allows you to specify which sources of content are allowed to be loaded on your site. By setting strict policies for content sources, you can reduce the risk of XSS attacks and ensure that your site's content is safe and secure.

7. Security Kit

Security Kit is a comprehensive security module that provides a suite of security hardening options for Drupal. This module helps protect your site against common security threats such as XSS, clickjacking, and CSRF. Security Kit also provides input filtering options, session security, and helps prevent the injection of malicious code into your site. With Security Kit, you can easily enhance the security of your Drupal site and reduce the risk of vulnerabilities.

When it comes to strengthening your Drupal site, backend-wise, this is the go-to module, IMHO.

So, there you have it. My seven recommendations for strengthening your site's security, in various ways. Let me know in the comments if you think these are good modules to install, or if you have other ways of improving the security of your Drupal site.

Let's define the scope and goals of our project to upgrade this very website to Drupal 10.

Essentially, that's it: we want to upgrade this website to Drupal 10 so that we can benefit from security releases etc. At the moment we want to do so with the minimum of effort, so I don't want to have to be writing lots and lots of code or changing fundamentally how the site works, but I am up for simplifying things if it gets us to a point where we have to maintain less code.

Since Drupal 9, major version upgrades now take this basic form:

• Update your code to be fully compatible with the last version of Drupal, removing all deprecations: hard.
• Upgrade to the new version of Drupal: easy!

I'm going to install and use the fantastic Upgrade Status module to get a detailed handle on what we need to change, upgrade and rewrite to get the site working in Drupal 9, but ready for Drupal 10. We'll use that as a basis to see what we need to upgrade, the best plan for each component and go from there.

Upgrade status - First pass

We previously have composer require'd the upgrade status module into our codebase, so after enabling and running the report, here are the major findings that concern us for this series:

Environment

• We'll need to upgrade to PHP 8.x, the site is currently running on PHP 7.4.
• We're using deprecated or obsolete modules that come with core and will be removed in Drupal 10. This is a rather scarily long list for us:
  • CKEditor
  • Color
  • RDF
  • Seven
  • Stable

But other than that, we're good to go from an environment point of view.

Contrib projects

Upgrade status breaks the list of contributed projects down into a few sections, those are:

• Projects that need an upgrade that might make them Drupal 10 compatible:
  • Better exposed filters
  • Components
  • Disqus
  • Advanced link
  • Entity browser
  • jQuery UI Slider
  • Scheduler
  • Simple XML Sitemap
  • Twig Tweak
  • Webform
• Projects that don't have Drupal 10 releases yet, so either require patches or work to get them to Drupal 10:
  • Entity Embed
  • jQuery UI Sortable
  • Kraken
  • Markdown
  • Social media share
  • Term Reference Change
  • Unified Twig Extensions
  • Video Embed HTML5
  • Weight
• Projects that are compatible with Drupal 10 already, I'll not list those, but there are plenty already, it's great to see community support for Drupal 10.

Custom code

Upgrade status will scan your code and tell you if there are problems that can be spotted that will stop the code working with Drupal 10. This is static analysis, so isn't perfect, but is a really good start. We have a few custom modules doing very specific things on our site, but we have a custom theme, doing quite a lot of custom things, and that's where the main bulk of the issues the scanner found are, so we're going to need to set aside some time for that.

Simplifications

This site was built in the early Drupal 8 days, and we've not actually made too many changes since, specifically when we upgraded to Drupal 9 we basically did the smallest amount of work to get it there. How you'd typically handle media on a Drupal site has fundamentally changed since we built this site, in that you'd likely use the core Media module and add entity reference fields to your entities rather than adding image/file fields directly. However, we never had that luxury and never got around to changing our approach to use the core Media framework.

So, we're going to allow ourselves a bit of scope creep to do this 'sub project' given that the benefits are that we're going to be able to remove a bunch of modules: entity browser, file browser, etc. that will then mean that we don't need to upgrade those modules and our dependencies will be better supported: since they'll be in Drupal core. It's no slight against those modules, it's just that we don't need the functionality they bring, for our site today.

The scope/plan

So roughly the scope/plan is shaping up to be:

1. Convert our file/image fields to core media, and remove entity browser, file browser, etc.
2. Update our custom code
3. Evaluate the remaining upgradeable contrib projects to see if we can remove them, and if not, upgrade them.
4. Evaluate the remaining non-upgradeable contrib projects to see if we can remove them, and if not, work with maintainers to get them upgraded.
5. Handle the core modules that have been marked as deprecated or obsolete.
6. Upgrade the PHP version we use to run the site
7. Get the site running in tip-top condition with the latest Drupal 9 etc.
8. Do the Drupal 10 upgrade.

Then we'll have a shiny Drupal 10 install, ready for the next few years of security patching.

Internships and Fellowships

In this fourth part of a four-part series, Yang talks about her background, the projects she's worked on, and the vision for her professional future

There is no one way to change a career path. Palantir.net’s four most recent fellows - Paak, Tessa, Travis, and Yang - all joined us through the DrupalEasy program. With their different professional backgrounds and experiences, each offers a unique perspective into what interested them in Drupal and their journey to becoming integral members of Palantir.net.

In each of their written entries they share, among other insights, how they have each adjusted to a fully-remote workplace, how their own skills supported their success as a Fellow, and the importance of Palantir.net’s culture which encourages asking questions, remaining curious, and reaching out for help.

Here's Yang's story.
 

Where I Started

I was looking for a career change.

I was in the process of getting a nursing degree, but I wasn’t sure that’s what I wanted to do. A couple of years ago, a friend of mine suggested I learn to code.

When the COVID pandemic started, I had a lot of extra time at home (like many people!), and I started watching coding tutorials on YouTube. I found that I was fascinated by the idea of coding, so I took the initiative to learn HTML and CSS on Codecademy. Slowly - but surely - I went on to complete even more web development courses on Udemy. I had learned a lot but still found I didn’t have the confidence in my skill set to apply for any jobs in the field.

Earlier this year, my friend sent me a link about the Palantir.net Fellowship program to attend DrupalEasy. I wasn’t sure that I was qualified for the opportunity, but she encouraged me to apply. So I did.

And now, here I am!

The adventure of learning Drupal is like riding a roller coaster: I felt great one moment, but the next thing I knew, I was banging my head against the railing. Then, rinse and repeat. 

After 12 weeks of DrupalEasy, I had the opportunity to improve and apply my what I learned during my Fellowship at Palantir.net.

The Fellowship program is run by our talented Palantir.net colleagues, with a professional structure and many great resources that accelerate and support our Drupal learning. I also love Palantir.net’s culture, which is very transparent, collaborative, and co-creative. I have learned and continue to learn new things everyday from my coworkers. 

For me, the most important aspect of working here are the people. Everyone contributes, shares, and helps others develop their current skills and learn new ones. When I don’t know something, I feel free to ask questions. I learn from others and feel confident experimenting and making mistakes, learning and growing as I go. 

I’ll be honest: learning Drupal is harder than I thought, but the end result is incredibly rewarding. My advice to others who might be feeling daunted by learning Drupal or to code would be, don’t give up! Keep going! You can do this. 
 

Where I am Now

I know that every great programmer was once a beginner, and that is exactly where I am now.

In the future, I hope to be a great programmer and to pass my own knowledge to the very same community that helped me get where I am today.

There are a lot of talented, welcoming, and fun people at Palantir.net, and my goal right now is to learn as much as I can from others to become a full-stack developer. I am currently beginning to develop my personal skill set. I’ll be taking another PHP course in the near future to gain additional back-end knowledge. 

I know I still have a long way to go, but I look forward to learning new skills every day and applying them to real projects. In my opinion, consistency is the key to learning anything new and, over time, I am confident I will reach each goal I set for myself. I’m unsure whether my future holds being a full-stack developer, project leader, or something else. But the door to opportunity is wide open, and the only real way to get there is by doing the work. 

Fortunately, I am on the right path with the right people.

Community Culture Drupal People

What is Predictive Marketing? Editor Fri, 02/24/2023 - 16:41

Predictive marketing is a type of marketing that uses a large amount of information to predict customer behavior and needs accurately. It involves the analysis of all data to determine the best and most effective version of the marketing strategy. 
Based on a client's past shopping experience, marketers develop marketing strategies. Therefore, you can create more effective personalized ads in the future that will increase conversions. By forecasting correctly, you can also reduce customer churn and increase demand for your products or services. Stand out from the competition and stay ahead of the game by doing this.
Many famous companies have used predictive modeling in marketing for years because they have seen effective results. When analytics are adequately conducted, websites can increase their customers and orders. A business owner who has mastered predictive marketing can anticipate their target audience's needs and keep up with all current trends.

Introduction

This article enumerates why an organization must invest in leadership training programs for budding and existing leaders.