Annertech: Places to Visit outside of Dublin while at DrupalCon

Planet Drupal - Thu, 01/09/2016 - 17:23
Places to Visit outside of Dublin while at DrupalCon Coming to DrupalCon Dublin but planning to travel around Ireland a bit? Previously we blogged about our top recommendations to see and do in Dublin, but I know some of you are planning to stay for longer and so here are our recommendations for places to visit outside Dublin.
Categories: Elsewhere

ThinkShout: See No Email, Hear No Email, Speak No Email

Planet Drupal - Thu, 01/09/2016 - 15:00

Listen up, Drupal savvy MailChimp fans. We’ve got some news for you: MailChimp recently rolled out a newer and more robust version of their API - MailChimp API version 3.0! Now I can probably guess what you’re thinking so I’ll just come out and say it: this means MailChimp’s API version 2.0 is about to become deprecated, and we’re not monkeying around.

For those of you using the 8.x and 7.x-4.x branches of the MailChimp module, feel free to sit back and relax - you are already using MailChimp’s API v3.0. Those of of you still using the 7.x-2.x and 7.x-3.x branches, get ready: API v2.0 will be phased out on December 31st, so we encourage you all to upgrade.

Don’t be a furious George - we’ve got you covered. Our documentation up on Drupal.org has been updated, and we’ve provided information that will help make your upgrade experience as seamless as possible. We’ve even included a shiny new FAQ page this go around. For additional support, feel free to post questions on Drupal Answers.

Alright, let’s get down to monkey business. Those of you who upgrade are about to have a module that is regularly maintained, has an improved infrastructure (see the README.txt on the 7.x-4.x branch for more info), and can be integrated with the new MailChimp E-Commerce module (more on that in a future blogpost) - now, that’s something to go bananas for!

Categories: Elsewhere

Thadeu Lima de Souza Cascardo: GNU libc and Linux

Planet Debian - Thu, 01/09/2016 - 13:34

Some time ago, I built a static program that I wanted to run on an Android tablet. What was my surprise when I saw a message saying "FATAL: kernel too old".

After some investigation, it turns out that GNU libc may assume some Linux features are present during build time. This means that given a minimum Linux version, that built libc might only work on that version or newer.

Since 2014, GNU libc itself requires 2.6.32 as the minimum. Previously, it was 2.6.16, changed in 2012.

Debian, as of 2015, builds it with a required minimum Linux version of 3.2.

To give an idea about the history of these kernel releases, we have:

  • December 2009, Linus releases Linux 2.6.32.
  • November 2010, Red Hat releases RHEL 6.0, Linux 2.6.32.
  • February 2011, Debian 6.0 Squeeze, Linux 2.6.32.
  • January 2012, Linus releases Linux 3.2.
  • April 2014, GNU Libc requires Linux 2.6.32.
  • December 2015, Debian GNU Libc uploaded to unstable requires Linux 3.2.

So, at least for GNU libc upstream, it would appear that not many devices would stop being supported, though the situation would not be as good for binary versions of Debian. However, I have a small list of devices that might show otherwise.

  • Nokia N900 shipped with Linux 2.6.28.
  • Android emulator, a platform called Goldfish, uses Linux 2.6.29.
  • The Wii port most widely tested is based on Linux 2.6.32.

Many Android devices have been shipped with Linux 3.4, but I encountered at least one using Linux 3.0.

So, even though many new devices ship with newer versions of Linux, it's still possible to find some new and older devices using versions older than 3.2, and even versions older than 2.6.32 may be found.

Another interesting note is that, without a few patches, it's not possible to build Linux 2.6.32 with GCC 5 and newer. For that and many other reasons, it's important that we update. For bug fixes, and so we can make progress and use better software are some of the other reasons.

So, it's imperative that we have devices support upstream. Otherwise, the task of doing updates with forward porting becomes daunting. And that's the current state for many devices, which is why I have been trying to use new software with older versions of Linux. But as time passes, I realize how hard a task this is, as most new software these days, even a building block like GNU libc, requires ever new versions of Linux.

For now, most gadgets I have support Linux 3.4 or newer. But not long ahead, that support will be dropped as well. And that means there will be no more updates for those devices. It's a consequence of both targeting time-to-market and programmed obsolescence as business practices. Upstream support is no priority, and maintenance is only that required until the next model is available on the stores.

This is one more reason why we need to have more operating systems available for those devices. Systems that are designed to last more than a couple of years. As I said, upstream support is imperative, but as a step forward, I still believe we can provide the GNU experience to lots of devices out there.

Categories: Elsewhere

Drop Guard: Free Drupal security for a good cause

Planet Drupal - Thu, 01/09/2016 - 11:00

Being casual about open source security is not funny. Headlines like the Panama Papers this year showed that an improvident dealing with security and updates can cause a huge damage. Fees are still a crucial reason for people to hesitate to secure their business by using charged services. This is not a pitty - this is grave.

There are many people out there who give a lot without receiving a reward. They see more benefits in helping and strengthen people, any kind of living being or purpose than in a regular salary.

Drupal Drupal Planet Security announcements non-profits Drupal Community
Categories: Elsewhere

Jamie McClelland: Trusted Mobile Device: How hard could it be?

Planet Debian - Thu, 01/09/2016 - 05:36

I bought a new phone. After my experiences with signal and the helpful comments readers gave regarding the ability to run android and signal without Google Play using microg I thought I would give it a shot.

Since microg reports that signature spoofing is required and comes out-of-the-box with omnirom I thought I'd aim for installing omnirom's version of Android 6 (marshmallow) after years of using cyanomgenmod's version of Android.

The Nexus line of phones seemed well-supported by omnirom in particular (and the alternative ROM community in general) so I bought a Nexus 5x.

I carefully followed the directions for installing omnirom however when it came time to boot into omnirom, I just got the boot sequence animation over and over again.

Frustrated, I decided to go back to cyanogenmod and see if I could use one of the microg recommended methods for getting signature spoofing to work. The easiest seemed to be Needle by moosd but alas no such luck with Marshmallow. Someone else forked the code and might fix it one day. I then spent too much time trying to understand what xposed is before I gave up understanding it and just tried to install it (woops, looks like the installer page is out of date so instead I followed sketchy instructions from a forum thread). Well, to make a long story short it resulted in a boot loop.

So, I decided to return to omnirom. After reading some vague references to omnirom and supersu, I decided to flash both of them together and voila, it worked!

Next, I decided to enable full disk encryption. Not so fast. After clicking through the screens and hitting the final confirmation, my phone rebooted and spent the next 5 hours showing me the omnirom boot animation. Somehow, powering down and starting again resulted in a working machine, but no disk encryption.

After much web searching, guessing and trial and error, I fixed the problem by clicking on the SuperSU option to "Full unroot" the device (I pressed "no" when prompted to attempt to restore stock image). Then I rebooted and followed the directions to encrypt the device. And it worked! Hooray!

I had to reboot and re-flash the supersu to regain su privileges.

All was great.

The first root action I decided to take was to install the cryptfs program from f-droid because using the same password to decrypt your device as you use to unlock the screen seems either tedious or insecure.

That process didn't work so well. I got a message saying: use this command from a root shell before you reboot: vdc cryptfs changepw <password>. I followed the advice, carefully typing in my 12 character password which includes numbers and letters.

Then, I happily did what I expected to be my last reboot when, to my horror, I was prompted to decrypt my disk with ... a numeric-only keypad.

That wasn't going to work. At this point I had already spent 5 days and about 8 hours on this project. Sigh. So, I started over.

Guess what? It only took me 25 minutes but, it seems that cryptfs is broken. Even with a numeric password it fails. Ok, I guess I need a long pin to unlock my phone. This time it only took my 15 minutes to wipe and re-install everything.

There are only two positive things I can think of:

  • TWRP, which provides the recovery image, is really great. Everytime something went wrong I booted into the TWRP recovery image and could fix anything.
  • I'm starting to get used to the error on startup warning me that "Your device is corrupt. It can't be trusted and may not work properly." It's a good thing to remember about all digital devices.

p.s. I haven't even tried to install microg yet... which was the whole point.

Categories: Elsewhere

Enrico Zini: Links for September 2016

Planet Debian - Thu, 01/09/2016 - 00:00
A Few Useful Mental Tools from Richard Feynman [archive]

«These tricks show Feynman taking the method of thought he learned in pure science and applying it to the more mundane topics most of us have to deal with every day.»

Pasta [archive]

A comprehensive introduction to pasta, to keep at hand in case I meet someone who has little familiarity with it.

MPTP: One Designer Drug and Serendipity [archive]

Abstract: Through an unlikely series of coincidences and fortunate accidents, the development of Parkinson’s disease in several illicit drug users was traced to their use of a meperidine analog contaminated with 1-methyl-4-phenyl-1,2,3,6-tetrahydropyridine (MPTP). The discovery of a chemical capable of producing animal models of the disease has revitalized research efforts and resulted in important new information. The serendipitous finding also prompted consideration of what changes seem advisable if designer drugs are to be dealt with more efficaciously.

The Debunking Handbook: now freely available for download

The Debunking Handbook, a guide to debunking misinformation, is now freely available to download. Although there is a great deal of psychological research on misinformation, there's no summary of the literature that offers practical guidelines on the most effective ways of reducing the influence of myths.

Faulty neon light jams radio appliances [archive]

«An apparent interference source began plaguing wireless vehicle key fobs, cell phones, and other wireless electronics. Key fob owners found they could not open or start their vehicles remotely until their vehicles were towed at least a block away, nor were they able to call for help on their cell phones when problems occurred»

Calvin & Muad'Dib

Calvin & Hobbes with text taken from Frank Herbert's Dune. It's been around since 2013 and I consistently found it moving and deep.

When Birds Attack - Bike Helmet Hacks [archive]

Australian magpies attacking cyclists has propted several creative adaptations, including attaching an afro wig to the bike helmet.

Categories: Elsewhere

Chris Lamb: Free software activities in August 2016

Planet Debian - Wed, 31/08/2016 - 23:48

Here is my monthly update covering what I have been doing in the free software world (previously):

  • Worked on nsntrace, a userspace tool to perform network traces on processes using kernel namespaces:
    • Overhauled error handling to ensure the return code of the wrapped process is returned to the surrounding environment. (#10).
    • Permit the -u argument to also accept uids as well as usernames. (#16).
    • Always kill the (hard-looping) udp_send utility, even on test failures. (#13).
    • Updated configure.ac to look for iptables in /sbin & /usr/sbin (#11) and to raise an error if pcap.h is missing (#15).
    • Drop bashisms in #!/bin/sh script (#14) and ignore the generated manpage in the Git repository (#12).
  • Independently discovered an regression in the Django web development framework where field__isnull=False filters were not working with some foreign keys, resulting in extending the testsuite and release documentation. (#7104).
  • Proposed a change to django-enumfield (a custom field for type-safe constants) to ensure passing a string type to Enum.get returned None on error to match the documentation. (#36).
  • Fixed an issue in the Mopidy music player's podcast extension where the testsuite was failing tests in extreme timezones. (#40).
  • Proposed changes to make various upstream's reproducible:
    • botan, a crypto/TLS library for C++11. (#587).
    • cookiecutter, a project template generator, removing nondeterministic keyword arguments from appearing in the documentation. (#800).
    • pyicu, a Python wraper for the IBM Unicode library. (#27).
  • Integrated a number of issues raised by @piotr1212 to python-fadvise, my Python interface to posix_fadvise(2), where the API was not being applied to open file descriptors (#1) and moving the .so to a module directory (#2).
  • Various improvements to try.diffoscope.org, a hosted version of the diffoscope in-depth and content-aware diff utility, including introducing an HTTP API (#21), updating the SSL certificate and correcting a logic issue where errors in diffoscope itself were not being detected correctly (b0ff49). Continued thanks to Bytemark for sponsoring the hardware.
  • Fixed a bug in django-slack, my library to easily post messages to the Slack group-messaging utility, correcting an EncodeError exception under Python 3 (#53) and updated the minimum required version of Django to 1.7 (#54).
  • Various updates to tickle-me-email, my Getting Things Done-inspired email toolbox, to also match / in IMAP's LIST separators (#6) and to encode the folder list as UTF-7 (#7). Thanks to @resiak.
  • Clarified the documentation for travis.debian.net — my hosted script to easily test and build Debian packages on the Travis CI continuous integration platform — regarding how to integrate with Github (#20).

Reproducible builds

Whilst anyone can inspect the source code of free software for malicious flaws, most Linux distributions provide binary (or "compiled") packages to end users.

The motivation behind the Reproducible Builds effort is to allow verification that no flaws have been introduced — either maliciously and accidentally — during this compilation process by promising identical binary packages are always generated from a given source.

Toolchain issues

I submitted the following patches to fix reproducibility-related toolchain issues:

My work in the Reproducible Builds project was also covered in our weekly reports. (#67, #68, #69, #70).


diffoscope is our "diff on steroids" that will not only recursively unpack archives but will transform binary formats into human-readable forms in order to compare them:

  • Added a command-line interface to the try.diffoscope.org web service.
  • Added a JSON comparator.
  • In the HTML output, highlight lines when hovering to make it easier to visually track.
  • Ensure that we pass str types to our Difference class, otherwise we can't be sure we can render them later.
  • Testsuite improvements:
    • Generate test coverage reports.
    • Add tests for Haskell and GitIndex comparators.
    • Completely refactored all of the comparator tests, extracting out commonly-used routines.
    • Confirm rendering of text and HTML presenters when checking non-existing files.
    • Dropped a squashfs test as it was simply too unreliable and/or has too many requirements to satisfy.
  • A large number of miscellaneous cleanups, including:
    • Reworking the comparator setup/preference internals by dynamically importing classes via a single list.
    • Split exceptions out into dedicated diffoscope.exc module.
    • Tidying the PROVIDERS dict in diffoscope/__init__.py.
    • Use html.escape over xml.sax.saxutils.escape, cgi.escape, etc.
    • Removing hard-coding of manual page targets names in debian/rules.
    • Specify all string format arguments as logging function parameters, not using interpolation.
    • Tidying imports, correcting indentation levels and drop unnecessary whitespace.


disorderfs is our FUSE filesystem that deliberately introduces nondeterminism in system calls such as readdir(3).

  • Added a testsuite to prevent regressions. (f124965)
  • Added a --sort-dirents=yes|no option for forcing deterministic ordering. (2aae325)

  • Improved strip-nondeterminism, our tool to remove specific nondeterministic information after a build:
    • Match more styles of Java .properties files.
    • Remove hyphen from "non-determinism" and "non-deterministic" throughout package for consistency.
  • Improvements to our testing infrastucture:
    • Improve the top-level navigation so that we can always get back to "home" of a package.
    • Give expandable elements cursor: pointer CSS styling to highlight they are clickable.
    • Drop various trailing underlined whitespaces after links.
    • Explicitly log that build was successful or not.
    • Various code-quality improvements, including prefering str.format over concatentation.
  • Miscellaneous updates to our filter-packages internal tool:
    • Add --random=N and --url options.
    • Add support for --show=comments.
    • Correct ordering so that --show-version runs after --filter-ftbfs.
    • Rename --show-ftbfs to --filter-ftbfs and --show-version to --show=version.
  • Created a proof-of-concept reproducible-utils package to contain commonly-used snippets aimed at developers wishing to make their packages reproducible.

I also submitted 92 patches to fix specific reproducibility issues in advi, amora-server, apt-cacher-ng, ara, argyll, audiotools, bam, bedtools, binutils-m68hc1x, botan1.10, broccoli, congress, cookiecutter, dacs, dapl, dateutils, ddd, dicom3tools, dispcalgui, dnssec-trigger, echoping, eekboek, emacspeak, eyed3, fdroidserver, flashrom, fntsample, forkstat, gkrellm, gkrellm, gnunet-gtk, handbrake, hardinfo, ircd-irc2, ircd-ircu, jack-audio-connection-kit, jpy, kxmlgui, libbson, libdc0, libdevel-cover-perl, libfm, libpam-ldap, libquvi, librep, lilyterm, mozvoikko, mp4h, mp4v2, myghty, n2n, nagios-nrpe, nikwi, nmh, nsnake, openhackware, pd-pdstring, phpab, phpdox, phpldapadmin, pixelmed-codec, pleiades, pybit, pygtksourceview, pyicu, python-attrs, python-gflags, quvi, radare2, rc, rest2web, roaraudio, rt-extension-customfieldsonupdate, ruby-compass, ruby-pg, sheepdog, tf5, ttf-tiresias, ttf-tiresias, tuxpaint, tuxpaint-config, twitter-bootstrap3, udpcast, uhub, valknut, varnish, vips, vit, wims, winswitch, wmweather+ & xshisen.

Debian GNU/Linux Patches contributed

I also submitted 22 patches to fix typos in debian/rules files against ctsim, f2c, fonts-elusive-icons, ifrit, ldapscripts, libss7, libvmime, link-grammar, menulibre, mit-scheme, mugshot, nlopt, nunit, proftpd-mod-autohost, proftpd-mod-clamav, rabbyt, radvd, ruby-image-science, snmpsim, speech-tools, varscan & whatmaps.

Debian LTS

This month I have been paid to work 15 hours on Debian Long Term Support (LTS). In that time I did the following:

  • "Frontdesk" duties, triaging CVEs, etc.
  • Authored the patch & issued DLA 596-1 for extplorer, a web-based file manager, fixing an archive traversal exploit.
  • Issued DLA 598-1 for suckless-tools, fixing a segmentation fault in the slock screen locking tool.
  • Issued DLA 599-1 for cracklib2, a pro-active password checker library, fixing a stack-based buffer overflow when parsing large GECOS fields.
  • Improved the find-work internal tool adding optional colour highlighting and migrating it to Python 3.
  • Wrote an lts-missing-uploads tool to find mistakes where there was no correponding package in the archive after an announcement.
  • Added optional colour highlighting to the lts-cve-triage tool.
  • redis 2:3.2.3-1 — New upstream release, move to the DEP-5 debian/copyright format, ensure that we are running as root in LSB initscripts and add a README.Source regarding our local copies of redis.conf and sentinel.conf.
  • python-django:
    • 1:1.10-1 — New upstream release.
    • 1:1.10-2 — Fix test failures due to mishandled upstream translation updates.

  • gunicorn:
    • 19.6.0-2 — Reload logrotate in the postrotate action to avoid processes writing to the old files and move to DEP-5 debian/copyright format.
    • 19.6.0-3 — Drop our /usr/sbin/gunicorn{,3}-debian and related Debian-specific machinery to be more like upstream.
    • 19.6.0-4 — Drop "template" systemd .service files and point towards examples and documentation instead.

  • adminer:
    • 4.2.5-1 — Take over package maintenance, completely overhauling the packaging with a new upstream version, move to virtual-mysql-server to support MariaDB, updating package names of dependencies and fix the outdated Apache configuration.
    • 4.2.5-2 — Correct the php5 package names.

Bugs filed (without patches) RC bugs

I filed 3 RC bugs with patches:

I additionally filed 8 RC bugs for packages that access the internet during build against autopkgtest, golang-github-xenolf-lego, pam-python, pexpect, python-certbot, python-glanceclient, python-pykka & python-tornado.

I also filed 74 FTBFS bugs against airlift-airline, airlift-slice, alter-sequence-alignment, apktool, atril, auto-apt-proxy, bookkeeper, bristol, btfs, caja-extensions, ccbuild, cinder, clustalo, colorhug-client, cpp-netlib, dimbl, edk2, elasticsearch, ganv, git-remote-hg, golang-codegangsta-cli, golang-goyaml, gr-radar, imagevis3d, jacktrip, jalv, kdepim, kiriki, konversation, libabw, libcereal, libdancer-plugin-database-perl, libdist-zilla-plugins-cjm-perl, libfreemarker-java, libgraph-writer-dsm-perl, libmail-gnupg-perl, libminc, libsmi, linthesia, lv2-c++-tools, lvtk, mate-power-manager, mcmcpack, mopidy-podcast, nageru, nfstrace, nova, nurpawiki, open-gram, php-crypt-gpg, picmi, projectl, pygpgme, python-apt, python-django-bootstrap-form, python-django-navtag, python-oslo.config, qmmp, qsapecng, r-cran-sem, rocs, ruby-mini-magick, seahorse-nautilus, shiro, snap, tcpcopy, tiledarray, triggerhappy, ucto, urdfdom, vmmlib, yara-python, yi & z3.

FTP Team

As a Debian FTP assistant I ACCEPTed 90 packages: android-platform-external-jsilver, android-platform-frameworks-data-binding, camlpdf, consolation, dfwinreg, diffoscope, django-restricted-resource, django-testproject, django-testscenarios, gitlab-ci-multi-runner, gnome-shell-extension-taskbar, golang-github-flynn-archive-go-shlex, golang-github-jamesclonk-vultr, golang-github-weppos-dnsimple-go, golang-golang-x-time, google-android-ndk-installer, haskell-expiring-cache-map, haskell-hclip, haskell-hdbc-session, haskell-microlens-ghc, haskell-names-th, haskell-persistable-record, haskell-should-not-typecheck, haskell-soap, haskell-soap-tls, haskell-th-reify-compat, haskell-with-location, haskell-wreq, kbtin, libclipboard-perl, libgtk3-simplelist-perl, libjs-jquery-selectize.js, liblemon, libplack-middleware-header-perl, libreoffice, libreswan, libtest-deep-json-perl, libtest-timer-perl, linux, linux-signed, live-tasks, llvm-toolchain-3.8, llvm-toolchain-snapshot, lua-luv, lua-torch-image, lua-torch-nn, magic-wormhole, mini-buildd, ncbi-vdb, node-ast-util, node-es6-module-transpiler, node-es6-promise, node-inline-source-map, node-number-is-nan, node-object-assign, nvidia-graphics-drivers, openhft-chronicle-bytes, openhft-chronicle-core, openhft-chronicle-network, openhft-chronicle-threads, openhft-chronicle-wire, pycodestyle, python-aptly, python-atomicwrites, python-click-log, python-django-casclient, python-git-os-job, python-hypothesis, python-nosehtmloutput, python-overpy, python-parsel, python-prov, python-py, python-schema, python-tackerclient, python-tornado, pyvo, r-cran-cairo, r-cran-mi, r-cran-rcppgsl, r-cran-sem, ruby-curses, ruby-fog-rackspace, ruby-mixlib-archive, ruby-tzinfo-data, salt-formula-swift, scapy3k, self-destructing-cookies, trollius-redis & websploit.

Categories: Elsewhere

ImageX Media: The Top Five Ways Drupal 8 will Benefit your Business

Planet Drupal - Wed, 31/08/2016 - 21:41

Drupal 8 includes more than 200 new features and enhancements for developers, and there’s been no shortage of information on the technical advantages of upgrading.

Categories: Elsewhere

Aram Boyajyan: Changing user display name in Drupal 7 and Drupal 8

Planet Drupal - Wed, 31/08/2016 - 21:15
Changing user display name in Drupal 7 and Drupal 8

Every website that displays user information on the front end will use profile fields such as first and last names for representing the members. By default Drupal shows only the username, which is definitely something you will want to change.

Modifying this is relatively simple. You could always choose which fields to use in Views, Rules and other modules, but the main problem is maintenance - the setup will be spread across many different pages and it's not the most optimal solution in the long run.

The right way is to change the way user display names are formatted by the system itself. This article will show you how to manage this for both Drupal 7 and Drupal 8 in your custom code.

aram Wed, 31/08/2016 - 21:15
Categories: Elsewhere

myDropWizard.com: Drupal 6 security updates for Flag!

Planet Drupal - Wed, 31/08/2016 - 19:49

As you may know, Drupal 6 has reached End-of-Life (EOL) which means the Drupal Security Team is no longer doing Security Advisories or working on security patches for Drupal 6 core or contrib modules - but the Drupal 6 LTS vendors are and we're one of them!

Today, there is a Moderately Critical security releases for the Flag module for multiple Access Bypass vulnerabilities.

The module includes a view that lists each user's bookmarked content as a tab on their user profile. The permissions on this view are setup incorrectly, allowing any user who has permission to use the 'bookmarks' flag to see the list of content that any user has bookmarked.

See the security advisory for Drupal 7 for more information.

Here you can download the patch for 6.x-1.x or 6.x-2.x!

If you have a Drupal 6 site using the Flag module, we recommend you update immediately! We have already deployed the patch for all of our Drupal 6 Long-Term Support clients. :-)

If you'd like all your Drupal 6 modules to receive security updates and have the fixes deployed the same day they're released, please check out our D6LTS plans.

Note: if you use the myDropWizard module (totally free!), you'll be alerted to these and any future security updates, and will be able to use drush to install them (even though they won't necessarily have a release on Drupal.org).

Categories: Elsewhere

Mediacurrent: Converting a Drupal 7 Site from Straight Css to Use Node.sass

Planet Drupal - Wed, 31/08/2016 - 16:02

Or, just adding this setup to your current theme, even if it is Ruby...

Categories: Elsewhere

WDTutorials.com: Drupal 8 Tutorial #44 : CKEditor CodeSnippet Module

Planet Drupal - Wed, 31/08/2016 - 11:45

With CKEditor CodeSnippet module you can insert code snippets with syntax highlighting into the editor.

Categories: Elsewhere

Michal &#268;iha&#345;: Weblate 2.8

Planet Debian - Wed, 31/08/2016 - 11:30

Quite on schedule (just one day later), Weblate 2.7 is out today. This release brings Subversion support or improved zen mode.

Full list of changes:

  • Documentation improvements.
  • Translations.
  • Updated bundled javascript libraries.
  • Added list_translators management command.
  • Django 1.8 is no longer supported.
  • Fixed compatibility with Django 1.10.
  • Added Subversion support.
  • Separated XML validity check from XML mismatched tags.
  • Fixed API to honor HIDE_REPO_CREDENTIALS settings.
  • Show source change in zen mode.
  • Alt+PageUp/PageDown/Home/End now works in zen mode as well.
  • Add tooltip showing exact time of changes.
  • Add option to select filters and search from translation page.
  • Added UI for translation removal.
  • Improved behavior when inserting placeables.
  • Fixed auto locking issues in zen mode.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on https://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. You can login there with demo account using demo password or register your own user. Weblate is also being used on https://hosted.weblate.org/ as official translating service for phpMyAdmin, OsmAnd, Aptoide, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

Filed under: Debian English Gammu phpMyAdmin SUSE Weblate | 0 comments

Categories: Elsewhere

Jim Birch: One or Multiple. Make a Bootstrap Carousel from a Multiple Value Drupal Field

Planet Drupal - Wed, 31/08/2016 - 11:20

Earlier this week I wrote how to create a Bootstrap Carousel using the Drupal Paragraphs module.  We can modify this approach to add a Bootstrap Carousel on a field.  I use this most on nodes that have a Featured Image field, one where we can use as a hero image, and one where we can set the Open Graph Meta image on a per node basis.

Thanks to social media outlets like Facebook, LinkedIn, and Twitter, every piece of content published to the web should have an image attached to it, define by the og:image meta tag.  But what happens when the content has or deserves more than one image?  If the field allows multiple, we can display them as a carousel/slideshow.

While I am discussing images in this blog post, this technique could be used for any type of field.  And even though I develop using the Bootstrap front end framework, the same theory could be applied to other frameworks and javascripts like the Slick carousel.  You would just need to change the markup to fit your specific framework.

So, all we need is a multiple value field.  Once we have defined which field that is, take a look at this markup and replace your template's markup with it.  The file name would be field--FIELD-NAME.html.twig

Read more

Categories: Elsewhere

Unimity Solutions Drupal Blog: Strategies for Revenue Streams for Digital Publishers

Planet Drupal - Wed, 31/08/2016 - 11:00

Coupled with increasing literacy rate publishing industry in India has seen tremendous growth in the past decade. Contradicting the global trend, in India the Newspaper industry has seen 8% growth last year. Most of this growth is driven by vernacular newspapers. It is expected that in the next decade regional newspapers grow at a rate of 12-14% as primary source of information. Although there is an increase in the adoption of digital books, digital news is yet to be accepted by Indians. 

Categories: Elsewhere

Joey Hess: late summer

Planet Debian - Wed, 31/08/2016 - 03:15

With days beginning to shorten toward fall, my house is in initial power saving mode. Particularly, the internet gateway is powered off overnight. Still running electric lights until bedtime, and still using the inverter and other power without much conservation during the day.

Indeed, I had two laptops running cpu-melting keysafe benchmarks for much of today and one of them had to charge up from empty too. That's why the house power is a little low, at 11.0 volts now, despite over 30 amp-hours of power having been produced on this mostly clear day. (1 week average is 18.7 amp-hours)

September/October is the tricky time where it's easy to fall off a battery depletion cliff and be stuck digging out for a long time. So time to start dusting off the conservation habits after summer's excess.

I think this is the first time I've mentioned any details of living off grid with a bare minimum of PV capacity in over 4 years. Solar has a lot of older posts about it, and I'm going to note down the typical milestones and events over the next 8 months.

Categories: Elsewhere

Drupal Association News: MarCom changes, and how we’ll keep moving forward

Planet Drupal - Wed, 31/08/2016 - 02:47

This post is part of a series about recent changes at the Drupal Association.

Like each of the Drupal Association teams, Marketing & Communications (MarCom) has a broad range of responsibilities. Our job is to persuade and sell, but also to inform and educate. About our work. About yours. About what it’s like to be part of this community.

We contribute to more than 20 Association programs and products, like Membership, Supporter Program fulfillment, and DrupalCon support. Day-to-day community engagement—via Zendesk, Twitter, Facebook, issue queue, etc.—is part of each of those.

It’s a feat that’s always been impossible without help from community members like you. There’s the work Dave does in the content issue queue. What Paul and Alex do on our social accounts. And what Jess, catch, Gábor, David, Michael, and many more do to coordinate releases. There’s more than we can count.

But it’s also a feat we used to have more staff to handle. A year ago, we were a team of five. After retrenchment and reorganization, we’re a team of two. As we support and advance the Association’s initiatives to increase Drupal adoption, we have to make hard choices.

First, an apology

We’re sorry. This isn’t just business; our work is for you. We think about the impact it has every day. Having to stop doing some of that work—even the work some may consider little things—isn’t something we take lightly.

If we don’t have a sticker shipping budget, it may impact the energy you create at a meetup. If we don’t support Global Training Days, maybe the next would-be contributor in your region isn’t inspired to learn Drupal. And if we don’t share stories of grant recipients, maybe you don’t know that your membership dues make an immeasurable difference in people’s lives. (They do, by the way.)

So, if we let you down, we’re sorry. Your trust is invaluable to us. We try to earn it every day.

But we must decide Criteria

The Association has two priorities:

  • Create sustainable financial health
  • Get more organizations with large, complex digital ecosystems—government agencies, publishers, universities, etc.—to choose Drupal

This means prioritizing revenue-generating initiatives. It means changing, or adding to, some of the user experience on Drupal.org—to better present Drupal as an answer to the questions our new primary audience has. And it means amplifying stories that persuade that audience to make Drupal part of their systems.


We have a lot of work to do. And we won’t be able to do it alone. For those reasons and more, we need to make a promise about the content we publish.

We started on the following content strategy statement based on insight from our leadership. It describes our goal, methods, and primary audience in relation to each other.

Slides available on Google Drive

Clarity gives us the best chance to be efficient, effective, and consistent. So, we’ll keep narrowing that statement. It’s an important step toward giving the content we create—or ask others to create—a chance to live up to a shared potential.


What can two people do or coordinate well? What can we complete and sustain?

A team that churns out content but doesn’t, for example, regularly pause to evaluate each thing it creates—that doesn’t turn that knowledge into insight for what it makes next (or doesn’t)—isn’t doing its job well.

Our decisions about what work we will and won’t do aren’t just about what we can somehow make happen. They’re about what we can turn into sustainable growth.

What we’ll do

There are products and programs that are critical to our identity. We’re not a membership association if we don’t have a membership program, for example. Then there are mission-critical initiatives. Drupal.org (D.o) is an incredible platform, so promoting Drupal without using the site would undercut our mission. And there are fiscal health requirements, like DrupalCon ticket sales.

So, most of our work will stay on our to-do list. It’ll just be prioritized differently. These are the areas of work that either stay mostly as-is or grow:

  • Drupal marketing and communications (e.g., release support)
  • D.o content management of promoted areas (e.g., the planned homepage refresh and “Drupal for industries” content)
  • DrupalCon marketing and communications, and sponsor and partner fulfillment
  • Membership (for people and organizations)
  • Supporter Program fulfillment
  • Jobs.drupal.org marketing and communications
  • Camp engagement (we’ll create a 2017 camp kit before January; promise)
  • Elections support
  • Association communications, generally (e.g., writing and editing posts like this)
The work we won’t

To make the work we’ll do possible, there’s work we can’t give as much attention.

There’s work we, unfortunately, won’t do at all.

  • Help build new D.o Sections (the initiative Tatiana led is paused for now)
  • D.o content management of areas that aren’t being promoted
  • Support the Drupal Store (its inventory will be liquidated)
  • Share Community Spotlights
  • Manage assoc.drupal.org content (the subdomain will be phased out)
  • Promote our webcast series

And there’s work we’ll reduce or others will lead.

  • Global Training Days (we’re setting up a community working group to coordinate it)
  • Advertising content production (we’ll depend on designers we trust)
  • Email newsletters (we’ll send fewer than the four we do now)
  • Sticker distribution (we’ll bring them to DrupalCons, but won’t ship them around the world)

This process will be fluid. As we adjust to these changes, these work lists may change again. If so, we’ll let you know.

How can you help?

If you help the Engineering and Events teams by giving back in ways Tim mentioned or contributing as Rachel suggested, you help us too. But there are things you can do to help MarCom specifically.

  1. Become a member. The revenue helps, of course. But it’s also one of the best ways to advocate for community programs.
  2. Refer friends and colleagues. Ask people you know at organizations that aren’t using Drupal to contact us. We need to know how these organizations make their decisions, and why they haven’t decided on Drupal.
  3. Support Global Training Days. Join the group at groups.drupal.org/global-training-days and add your 2016 events there. And if you want to know more about the working group we’re organizing, email Lizz.
  4. Contribute in the content issue queue. Especially for case studies, services listings, and training listings.
  5. Submit even the non-DrupalCon surveys. It’ll help us make decisions based on what you like, appreciate, value, and actually do.


About Bradley

Bradley Fields joined the Drupal Association in March 2015 as Content Manager. He now leads the content team as Marketing & Communications Manager.

When not at his desk, he’s curating Spotify playlists, watching an animated Disney movie, on the hunt for great whisk{e}y, or reading Offscreen magazine. He lives in Portland, OR.

Categories: Elsewhere

Mike Gabriel: credential-sheets: User Account Credential Sheets Tool

Planet Debian - Tue, 30/08/2016 - 22:05
Preface This little piece of work has been pending on my todo list for about two years now. For our local school project "IT-Zukunft Schule" I wrote the little tool credential-sheets. It is a little Perl script that turns a series of import files (CSV format) as they have to be provided for user mass import into GOsa² (i.e. LDAP) into a series of A4 sheets with little cards on them, containing initial user credential information. The upstream sources are on Github and I have just uploaded this little tool to Debian. Introduction After mass import of user accounts (e.g. into LDAP) most site administrators have to create information sheets (or snippets) containing those new credentials (like username, password, policy of usage, etc.). With this tiny tool, providing these pieces of information to multiple users, becomes really simple. Account data is taken from a CSV file and the sheets are output as PDF using easily configurable LaTeX template files. Usage Synopsis: credential-sheets [options] <CSV-file-1> [<CSV-file-2> [...]] Options The credential-sheets command accepts the following command-line options: --help Display a help with all available command line options and exit. --template=<tpl-name> Name of the template to use. --cols=<x> Render <x> columns per sheet. --rows=<y> Render <y> rows per sheet. --zip Do create a ZIP file at the end. --zipfilename=<zip-file-name> Alternative ZIP file name (default: name of parent folder). --debug Don't remove temporary files. CSV File Column Arrangement The credential-sheets tool can handle any sort of column arrangement in given CSV file(s). It expects the CSV file(s) to have column names in their first line. The given column names have to map to the VAR-<column-name> placeholders in credential-sheets's LaTeX templates. The shipped-with templates (students, teachers) can handle these column names:
  • login -- The user account's login id (uid)
  • lastName -- The user's last name(s)
  • firstName -- The user's first name(s)
  • password -- The user's password
  • form -- The form name/ID (student template only)
  • subjects -- A list of subjects taught by a teacher (teacher template only)
If you create your own templates, you can be very flexible in using your own column names and template names. Only make sure that the column names provided in the CSV file(s)'s first line match the variables used in the customized LaTeX template. Customizations The shipped-with credential sheets templates are expected to be installed in /usr/share/credential-sheets/ for system-wide installations. When customizing templates, simply place a modified copy of any of those files into ~/.credential-sheets/ or /etc/credential-sheets/. For further details, see below. The credential-sheets tool uses these configuration files:
  • header.tex (LaTeX file header)
  • <tpl-name>-template.tex (where as <tpl-name> students and teachers is provided on default installations, this is extensible by defining your own template files, see below).
  • footer.tex (LaTeX file footer)
Search paths for configuration files (in listed order):
  • $HOME/.credential-sheets/
  • ./
  • /etc/credential-sheets/
  • /usr/local/share/credential-sheets/
  • /usr/share/credential-sheets/
You can easily customize the resulting PDF files generated with this tool by placing your own template files, header and footer where appropriate. Dependencies This project requires the following dependencies:
  • Text::CSV Perl module
  • Archive::Zip Perl module
  • texlive-latex-base
  • texlive-fonts-extra
Copyright and License Copyright © 2012-2016, Mike Gabriel <mike.gabriel@das-netzwerkteam.de>. Licensed under GPL-2+ (see COPYING file).
Categories: Elsewhere

Palantir: From Intern to Employee: What to Expect in the Transition

Planet Drupal - Tue, 30/08/2016 - 19:59
From Intern to Employee: What to Expect in the Transition brandt Tue, 08/30/2016 - 12:59 Matt Carmichael Aug 30, 2016

Internship experience is extremely valuable, especially in web development. So what can you expect in the transition from coursework to client work?

In this post we will cover...
  • The benefits of having an internship
  • What learning challenges you can expect

Want to work at Palantir?

Send us your resume!

The transition from student to full-time programmer can be intimidating. The days of submitting buggy and poorly-tested code that is just good enough to get a passing grade are over. Every line of code is just as important as the last, and even the smallest mistakes could lead to catastrophic problems for your team and your client. But trust me, it's doable!

I was lucky enough to have an internship at Palantir the summer before becoming a full-time employee. The opportunity to dive into the professional side of development without having quite the expectations of a full-time employee is priceless in my opinion. It gives you a chance to focus more on the learning experience of being a developer, without stressing as much over productivity and results. 

The most prominent takeaways from my time as an intern were learning and engaging in the process of collaborative programming with a team and also understanding the importance of code quality. In school a majority of the projects are done individually and you rarely have to rely on anyone else to get the job done. This is one of the biggest adjustments to make, as the workplace is the exact opposite. The members of your team need your code to be correct, verbose, and understandable in order to do their jobs. That being said, coding standards cannot be stressed enough in a team environment and doing things ‘your way’ is not going to cut it. 

At Palantir, I was introduced to an extensive Github repository devoted to documenting our code standards and development process. Familiarizing myself with the workflow, documentation, and code style expectations seemed like a full time job in its own right. Every line of code is submitted in a pull request which is inspected by a senior engineer and tested against the standards that are laid out in the developer documentation. 

Issues as seemingly trivial as the size of an indentation and documentation formatting are sent back to the programmer for revisions. Once the code has been through the critique and revision phase and is cleared by the engineer, the code is finally merged into the master branch and is ready to go into production.  This level of attention to details that seem trivial at a glance, but are vital for code consistency and readability, is in place to ensure the best product for the client.

Once you get past the logistics of teamwork, and the code standards become second nature to you, it's all uphill from there. As I settle in and become more confident in my role I realize how exciting worklife is. The opportunity to work with people of all backgrounds and skillsets and to see a project come together from start to finish is what makes it all worthwhile. 

Stay connected with the latest news on web strategy, design, and development.

Sign up for our newsletter.
Categories: Elsewhere

Chromatic: Drush SQL Sync Alternative: SQL Sync Pipe

Planet Drupal - Tue, 30/08/2016 - 19:56

Using Drush to sync databses (drush sql-sync) is a valuable tool, but it is not always an efficient choice when dealing with large databases (think over 1GB). SQL Sync Pipe (drush sql-sync-pipe) is a Drush command that provides an alternative for drush sql-sync that streams the database dump directly from the source to the destination as opposed to sql-sync saving the database dump, transferring it via rsync and then importing the dump file. As an added bonus it excludes cache tables by default.


Below are examples from the command's README, syncing the same 1.05Gib database using the two different methods:

drush sql-sync Command: drush sql-sync @alias.dev @alias.sandbox --no-cache Transfer size: 88.1MiB (compressed using rsync) Import size: 1.05GiB Total time elapsed: 46 minutes 47 seconds drush sql-sync-pipe Command: drush sql-sync-pipe @alias.dev @alias.sandbox --progress Transfer size: 88.1MiB (sent compressed using gzip) Import size: 1.05GiB Import & transfer time: 27 minutes 05 seconds Total time elapsed: 30 minutes 35 seconds

What are you waiting for? Download and install SQL Sync Pipe and get started!

drush dl drush_sql_sync_pipe --destination=$HOME/.drush && drush cc drush
Categories: Elsewhere


Subscribe to jfhovinne aggregator - Elsewhere