Feed aggregator

Cheeky Monkey Media: Working with Bootstrap’s New Responsive Utility Classes

Planet Drupal - Fri, 17/06/2016 - 00:34
Working with Bootstrap’s New Responsive Utility Classes denis Thu, 06/16/2016 - 22:34

As an html/css purist at heart, my school of thought has always been having your representational layer separated from your markup. Sites like CSS Zen Garden taught us that you should never have to mix your design styles inside your markup with the idea being that well structured html will never have to change even on a complete re-design.

Bootstrap

2 years ago, I was forced to use a css framework for one of my project. Being the control freak that I am, I was reluctant to try new things and bloat my beautiful handmade custom css.

It took me a little over a year for me to embrace using a css framework and rely on existing css to style my markup, but I’ve learned so much by doing so from people a lot smaller than I am. And I’ve reduced more than half the need to write custom css as well as lowered production time.

Disclaimer: Some of these new classes will only work on the current alpha-2 release of bootstrap 4 and might change in the future since it’s still in heavy development. Use at your own risk.

Responsive Floats

Responsive floats are great for header elements among other things. I often come across designs that have search box right aligned on desktop, but are left aligned on tablet. Or main navigation that are floated to the left but move to the right and collapse on mobile.

Responsive floats works by using the pull-<breakpoint>-<direction> pattern.

<header>

  <form class=”pull-xs-left pull-md-right”>

     <input type="text" placeholder="Search">

  </form>

</header>

The above code will float the search bar left until the screen width reaches the “md” breakpoint, floating it to the right.

In conjunction with other components from the framework like navbar, spacing and setting your own variables in sass, we can easily come very close to the original design mockups without writing a single line of custom css. Like I said earlier, it took me a while to develop using these concepts but it opened my mind to write my code in a more modular fashion and reuse these components on every site I work on.

Responsive Text Alignments

This one I use often for content. On Desktop, the design’s text is aligned center inside articles but on mobile this makes for a weird looking effect and we’de much rather have it left aligned.

Bootstrap v4 introduces new responsive text alignment classes like this:

<article class=”text-md-center”>

 <p>Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit ex, semper quis eros sed,</p>

</article>

This will leave the text at its default left alignment on smaller breakpoints, but will align the text center on the medium breakpoint and up, removing the need to write a media query in your css.

If you prefer to have your text centered on all breakpoints you simply need to use text-xs-center

Conclusion

This is just the tip of the iceberg for new features that ships with the Bootstrap 4. Some other things that I’m really loving is the new card component and contextual colors and backgrounds creating custom ones is as easy as using the “bg-variant($parent, $color)” mixin.

If you haven’t already, I urge you to look at the documentation , but whatever css framework you chose to use, make sure you really dig in the documentation and use all the tools that are available to you. The investment will save you time in the long run.

  Categories Drupal Planet
Categories: Elsewhere

Cheeky Monkey Media: IntentionJS and RequireJS - How monkeys do it (the sfw edit)

Planet Drupal - Fri, 17/06/2016 - 00:32
IntentionJS and RequireJS - How monkeys do it (the sfw edit) micah Thu, 06/16/2016 - 22:32

Prerequisites:

  • RequireJS (and some knowledge of how to use it)
  • IntentionJS
  • A brain
  • Bananas

There are plenty of reasons you shouldn’t HAVE to use IntentionJS, but it’s just so good when you NEED your fix, of DOM manipulation.

Normally a responsive website should be designed so that when you expand or collapse the viewport (effective screen), the DOM elements flow naturally from left to right, and top to bottom. The order is preserved, and it was designed so that those elements follow that flow in terms of importance and usability.

Admittedly, this does limit us at times, and we need elements to be in completely different placements in the DOM, depending on the device used. Sure we can mess with duplicated content by hiding and showing the right elements based on the screen size [please don’t, it’s bad], or doing some fancy schmancy css floating and absolute positioning, but then you start to get other fun issues, that go beyond the scope of this banana log.

So, we’re left with manually moving the elements around. You could start using the append() and after() functions say, from jQuery, but that also gets complicated.. setting screen widths, window resize, or using Modernizr.mq (media query), etc. All messy in some form or another.

We like clean, even though we like poo, we still like clean.

Our Hero, IntentionJS

From the mouths of the intentionJS magicians: (http://intentionjs.com/)

“Intention.js offers a light-weight and clear way to dynamically restructure HTML in a responsive manner.”

Good right? riiight.

Okay, so we all have our own methods for including JS, and writing libraries and code. Here’s what we monkeys do.

Starting with RequireJS

We like using requireJS. A lot. In fact I get a banana every time I do. So in the main.js file loaded by require we have:

requirejs.config({ paths: { // vendor 'intention': 'vendor/intention', 'underscore': 'vendor/underscore-min', 'viewportsize': 'vendor/viewportSize-min', // custom 'jquery': 'modules/jquery-global', 'intentcontext': 'modules/intentcontext', 'homepage': 'modules/homepage', 'initintent': 'modules/initintent' }, });

Here we are just telling require where to find all our ‘required’ files when we ‘require’ them. Yeah.. there is probably a better way of saying that. *puts on deal with it glasses*

Intention requires underscore, so we’re including that. Also, we’re using a little library called ‘viewportsize’. Why? well because different browsers report different viewport sizes, based on whether or not it’s showing the scroll bar. That’s a problem, this fixes that problem. (https://github.com/tysonmatanich/viewportSize)

Then we include jQuery, cause we need it. Then comes some magical code with unicorns.. and monkeys.

require([ 'jquery', 'underscore', 'intentcontext', ], function ($, _, IntentContext) { 'use strict'; // DOM ready $(function() { // js loaded only on homepage if ($('body').hasClass('front')) { require(['homepage']); } if ($('html').length > 0) { require(['initintent']); } }); // DOM ready });

So here, we’re just including the needed libraries for the site in general, and then checking if we’re on the homepage, if so, include the homepage module. Then the very last that we include in the initialization of the intent. Think of it, as intentions’s big red “go” button. We’ll get to these a bit later. For now, just know, that we are making sure that the initinent file is included last, since we’re doing all ‘intention’ setup first. Since require loads these in ORDER, of the code inclusion, we’re able to do all the setup first, then lastly initialize it.

IntentContext.js

This is where we setup our ‘contexts’. A context is basically a ‘switch point’ - a point a which stuff is supposed to happen. Each ‘context’ is associated to a screen size (these values should match your CSS media queries for major layout changes)..

IntentContext.bp_desktop = 1025; IntentContext.bp_tabletlandscape = 769; IntentContext.bp_tablet = 641; IntentContext.bp_mobilelandscape = 321; IntentContext.bp_mobile = 0;

These are the breakpoints were major layout changes happen (for the purpose of this blog). Yours would match that of your CSS breakpoint values.

Next up, making our contexts. As you will see, each context has a name, and I’m setting the “min” value to the breakpoint value that I set in the above code. So basically, the ‘desktop’ context will get triggered every time the browser hits the “1025 pixel” viewport width or above. (It won’t keep re-triggering events though, as you increase viewport width above that, which is nice.) All the other ‘contexts’ will get triggered at their respective screen width values.

IntentContext.horizontal_axis = IntentContext.intent.responsive({ ID: 'width', contexts: [{ name: 'desktop', min: IntentContext.bp_desktop }, { name: 'tabletlandscape', min: IntentContext.bp_tabletlandscape }, { name: 'tablet', min: IntentContext.bp_tablet }, { name: 'mobilelandscape', min: IntentContext.bp_mobilelandscape }, { name: 'mobile', min: IntentContext.bp_mobile }], matcher: function (measure, context) { return measure >= context.min; }, measure: function () { IntentContext.v_width = viewportSize.getWidth(); return IntentContext.v_width; } });

So, there is a thing. It’s thing you may need. Normally intention won’t activate the context on first page load, which you may need. We will get to that. (This is what that initintent.js file is for).

Homepage.js

Now we need to tell which elements where to be placed in the dom, according to whatever ‘context’ is triggered. You can either go directly in the HTML and add all the special intention attributes to the elements, or do it via JS. I like doing it in the JS, i find it cleaner.

So in our Homepage.prototype.intent = function () function:

var footer = $('.l-footer'); footer.attr('intent', ''); footer.attr('in-desktop-after', '.l-header'); footer.attr('in-tabletlandscape-after', '.l-main'); footer.attr('in-tablet-after', '.l-main'); footer.attr('in-mobilelandscape-after', '.l-header'); footer.attr('in-mobile-after', '.l-header'); IntentContext.intent.on('desktop', function() { footer.attr('style', 'border: 4px solid red;'); }); IntentContext.intent.on('tabletlandscape', function() { }); IntentContext.intent.on('tablet', function() { }); IntentContext.intent.on('mobilelandscape', function() { footer.attr('style', 'border: 4px solid white;'); }); IntentContext.intent.on('mobile', function() { footer.attr('style', 'border: 4px solid blue;'); });

First line we just get the element we want to target. The next lines are key.

I’m now manually adding all the required contexts on that elements, so for each ‘breakpoint’ context, we know where to place the footer. The syntax is as follows

footer.attr(‘in-[your-breakpoint-name]-[move-function], ‘[dom element]’)’

‘your-breakpoint-name’ is just the name you associated to the breakpoint, up in the IntentContext.js file.

‘move-function’ is the method in which you want to place that element. They work just like jQuery’s manipulation functions [append(), before(), after(), prepend()]

‘dom-element’ is just the element you are specifying to be “moved to”.

So in this case, when the browser hits the ‘desktop’ layout screen width, we are putting the ‘.l-footer’ element just after the ‘.l-header’ element in the DOM. The next lines all work the same and specify where the element needs to go, for whichever context (screen size).

Then, we have some more magical code.

IntentContext.intent.on('desktop', function() { footer.attr('style', 'border: 4px solid red;'); }); IntentContext.intent.on('tabletlandscape', function() { footer.attr('style', ''); });

So, for each context, we can run some custom code of any kind. In this case, every time we hit the ‘desktop’ context, we are going to add a border to the footer element. Everytime we hit the ‘tabletlandscape’ context, we make sure remove any lingering styles. Etc..

I normally like to use these methods to ‘reset’ certain things that may have been triggered on an alternate layout.

Lastly, the Initilization of Intent. This will allow us to use those .on() [in above code] functions on page load as well.

Know that all this will only happen on the homepage though. If you need this to happen on all pages, you can create a separate module that can handle site wide context changes, and just include it in the main.js require section.

InitIntent.js IntentContext.horizontal_axis.respond(); IntentContext.intent.elements(document); $(window).on('resize', IntentContext.horizontal_axis.respond);

So these 3 lines just get everything going. Check out the intention.js website for further detail, but suffice to know, they get intention up and running.

That should be it to have it all working nicely and being able to do some sexy DOM manipulation without to much pain.

Categories Drupal Planet
Categories: Elsewhere

Acquia Developer Center Blog: 5 Mistakes to Avoid on your Drupal Website - Number 2: Security

Planet Drupal - Thu, 16/06/2016 - 23:49

Good security practices protect your site from hacker attacks. In this article we'll look at some methods for reducing security risks on your site. 

Drupal Security Best Practices

Drupal has good security built in if used correctly. However, once you begin to configure your site you might introduce new security issues. Plan configuration so that only trusted users have permissions that involve security risks.

Tags: acquia drupal planet
Categories: Elsewhere

DrupalCon News: Sharing the secrets of your success!

Planet Drupal - Thu, 16/06/2016 - 23:07

Welcome to Dublin, stranger. Why don't you come and warm yourself round our campfire? There. That's better.

Help yourself to stew, it's all we have, but you're welcome to share it.

It's good stew, warms all the right parts in all the right ways. The only thing we ask in return is that you share with us your secrets. You know, the secrets of your success.

Don't be shy now, I can see from the way you walk that you're a superstar project manager. Seeing that sort of thing is just a gift of mine, I guess.

Categories: Elsewhere

ImageX Media: Higher Education Notes and Trends

Planet Drupal - Thu, 16/06/2016 - 22:47

In this week’s higher education notes and trends, predictive behavior technology comes to the education sector, for-profit schools see sharp declines and a closer look at how the University of Southern California is differentiating itself from other prestigious private schools by becoming a leader in recruiting minorities. 

Categories: Elsewhere

Lullabot: Lullabot Project Manager Roundtable

Planet Drupal - Thu, 16/06/2016 - 22:00
Matt & Mike sit around with several Lullabot project managers, and talks about the ins, outs, and hows of PMing.
Categories: Elsewhere

Acquia Developer Center Blog: The Risks and Rewards of Fully Decoupling Drupal

Planet Drupal - Thu, 16/06/2016 - 21:36

With the advent of web services in Drupal 8 core, decoupling Drupal — namely, using Drupal as a content repository to expose data for retrieval and manipulation by other applications — has never been easier. Now, with the REST module in core, you can transform Drupal into a data service without custom code or substantial configuration. But is it a good idea? What are some of the considerations you should scrutinize when opting for a fully decoupled project?

Tags: acquia drupal planet
Categories: Elsewhere

jfhovinne deleted branch hotfix/SA-CORE-2016-002 at ec-europa/platform-dev

Devel - Thu, 16/06/2016 - 16:14
jfhovinne deleted branch hotfix/SA-CORE-2016-002 at ec-europa/platform-dev Jun 16, 2016
Categories: Networks

jfhovinne deleted branch HOTFIX/NEXTEUROPA-11595 at ec-europa/platform-dev

Devel - Thu, 16/06/2016 - 15:08
jfhovinne deleted branch HOTFIX/NEXTEUROPA-11595 at ec-europa/platform-dev Jun 16, 2016
Categories: Networks

jfhovinne pushed to 2.1-support at ec-europa/platform-dev

Devel - Thu, 16/06/2016 - 15:08
Jun 16, 2016 jfhovinne pushed to 2.1-support at ec-europa/platform-dev
Categories: Networks

jfhovinne closed pull request ec-europa/platform-dev#662

Devel - Thu, 16/06/2016 - 14:57
Jun 16, 2016 jfhovinne closed pull request ec-europa/platform-dev#662 [core] Security fix : SA-CORE-2016-002
Categories: Networks

Darren Mothersele: PHP Framework in One Weekend

Planet Drupal - Thu, 16/06/2016 - 14:30

Earlier this year I set about creating a day of training for DrupalCamp London. It was based on a PHP Framework course I’d given, but reduced to fit into a day. We ended up focusing on Modern PHP, as that was most useful for the attendees in their transition from Drupal 7 to Drupal 8.

It was a really successful day, and I had some great feedback. I have since developed the idea into a two day training course, which looks at some of the core concepts behind most modern PHP apps.

Over the past couple of months I have worked hard to refine the content and edit it down into a short guide. I’ve released it (thanks to Leanpub) in the form of a book. It guides the reader through a weekend-long project to construct a simple PHP web framework.

“a weekend, the fundamental unit of coding self-improvement” - Peter Shirley

In particular, it uses Symfony Components, and some other popular PHP packages, to demonstrate the core features of web frameworks, like routing, templating, controllers, and dependency injection. Projects such as Drupal, phpBB, Laravel, eZ Publish, Joomla!, Magento, Piwik, and many more are using Symfony Components as a foundation on which to build. The book uses these, and more, to build our own PHP Framework in a weekend.

Here’s the full contents:

  • Getting Started
  • Managing Complexity
  • Testing
  • HTTP
  • Templating
  • Content
  • Routing
  • Controllers
  • Dependency Injection
  • Design and Layout
  • Reuse

Click the cover image below to get the book:

Drop me a line if you have any questions.

Thanks!

Categories: Elsewhere

John Goerzen: Mud, Airplanes, Arduino, and Fun

Planet Debian - Thu, 16/06/2016 - 06:00

The last few weeks have been pretty hectic in their way, but I’ve also had the chance to take some time off work to spend with family, which has been nice.

Memorial Day: breakfast and mud

For Memorial Day, I decided it would be nice to have a cookout for breakfast rather than for dinner. So we all went out to the fire ring. Jacob and Oliver helped gather kindling for the fire, while Laura chopped up some vegetables. Once we got a good fire going, I cooked some scrambled eggs in a cast iron skillet, mixed with meat and veggies. Mmm, that was tasty.

Then we all just lingered outside. Jacob and Oliver enjoyed playing with the cats, and the swingset, and then…. water. They put the hose over the slide and made a “water slide” (more mud slide maybe).

Then we got out the water balloon fillers they had gotten recently, and they loved filling up water balloons. All in all, we all just enjoyed the outdoors for hours.

Flying to Petit Jean, Arkansas

Somehow, neither Laura nor I have ever really been to Arkansas. We figured it was about time. I had heard wonderful things about Petit Jean State Park from other pilots: it’s rather unique in that it has a small airport right in the park, a feature left over from when Winthrop Rockefeller owned much of the mountain.

And what a beautiful place it was! Dense forests with wonderful hiking trails, dotted with small streams, bubbling springs, and waterfalls all over; a nice lake, and a beautiful lodge to boot. Here was our view down into the valley at breakfast in the lodge one morning:

And here’s a view of one of the trails:

The sunset views were pretty nice, too:

And finally, the plane we flew out in, parked all by itself on the ramp:

It was truly a relaxing, peaceful, re-invigorating place.

Flying to Atchison

Last weekend, Laura and I decided to fly to Atchison, KS. Atchison is one of the oldest cities in Kansas, and has quite a bit of history to show off. It was fun landing at the Amelia Earhart Memorial Airport in a little Cessna, and then going to three museums and finding lunch too.

Of course, there is the Amelia Earhart Birthplace Museum, which is a beautifully-maintained old house along the banks of the Missouri River.

I was amused to find this hanging in the county historical society museum:

One fascinating find is a Regina Music Box, popular in the late 1800s and early 1900s. It operates under the same principles as those that you might see that are cylindrical. But I am particular impressed with the effort that would go into developing these discs in the pre-computer era, as of course the holes at the outer edge of the disc move faster than the inner ones. It would certainly take a lot of careful calculation to produce one of these. I found this one in the Cray House Museum:

An Arduino Project with Jacob

One day, Jacob and I got going with an Arduino project. He wanted flashing blue lights for his “police station”, so we disassembled our previous Arduino project, put a few things on the breadboard, I wrote some code, and there we go. Then he noticed an LCD in my Arduino kit. I hadn’t ever gotten around to using it yet, and of course he wanted it immediately. So I looked up how to connect it, found an API reference, and dusted off my C skills (that was fun!) to program a scrolling message on it. Here is Jacob showing it off:

Categories: Elsewhere

Savas Labs: Using XHProf to profile your Drupal module

Planet Drupal - Thu, 16/06/2016 - 02:00

Second part in a series of how to use XHProf effectively within a VM for a Drupal website. Continue reading…

Categories: Elsewhere

Reproducible builds folks: Reproducible builds: week 59 in Stretch cycle

Planet Debian - Thu, 16/06/2016 - 01:27

What happened in the Reproducible Builds effort between June 5th and June 11th 2016:

Media coverage

Ed Maste gave a talk at BSDCan 2016 on reproducible builds (slides, video).

GSoC and Outreachy updates

Weekly reports by our participants:

  • Scarlett Clark worked on making some packages reproducible, focusing on KDE backend and utility programs.
  • Ceridwen published an initial design for the interface for reprotest, including a discussion on different types of build variations and the difficulties of specifying certain types of variations.
  • Valerie Young improved documentation for building our tests website, began migrating Debian-specific pages into a new namespace, and planned future work around its navigation.
Documentation update

- Ximin Luo proposed a modification to our SOURCE_DATE_EPOCH spec explaining FORCE_SOURCE_DATE.

Some upstream build tools (e.g. TeX, see below) have expressed a desire to control which cases of embedded timestamps should obey SOURCE_DATE_EPOCH. They were not convinced by our arguments on why this is a bad idea, so we agreed on an environment variable FORCE_SOURCE_DATE for them to implement their desired behaviour - named generically, so that at least we can set it centrally. For more details, see the text just linked. However, we strongly urge most build tools not to use this, and instead obey SOURCE_DATE_EPOCH unconditionally in all cases.

Toolchain fixes
  • TeX Live 2016 released with SOURCE_DATE_EPOCH support for all engines except LuaTeX and original TeX.
  • Continued discussion (alternative archive) with TeX upstream, about SOURCE_DATE_EPOCH corner cases, eventually resulting in the FORCE_SOURCE_DATE proposal from above.
  • gcc-5/5.4.0-4 by Matthias Klose now avoids storing -fdebug-prefix-map in DW_AT_producer, thanks to original patch by Daniel Kahn Gillmor.
  • sphinx/1.4.3-1 by Dmitry Shachnev now drops Debian-specific patches relating to SOURCE_DATE_EPOCH applied upstream, original patch by Alexis Bienvenüe.
  • asciidoctor/1.5.4-2 by Cédric Boutillier now supports SOURCE_DATE_EPOCH, thanks to original patch by Alexis Bienvenüe.
  • dh-python/1.5.4-2 by Piotr Ożarowski now behaves better in some cases, thanks to original patch by Chris Lamb.
Packages fixed

The following 16 packages have become reproducible due to changes in their build-dependencies: apertium-dan-nor apertium-swe-nor asterisk-prompt-fr-armelle blktrace canl-c code-saturne coinor-symphony dsc-statistics frobby libphp-jpgraph paje.app proxycheck pybit spip tircd xbs

The following 5 packages are new in Debian and appear to be reproducible so far: golang-github-bowery-prompt golang-github-pkg-errors golang-gopkg-dancannon-gorethink.v2 libtask-kensho-perl sspace

The following packages had older versions which were reproducible, and their latest versions are now reproducible again after being fixed:

The following packages have become reproducible after being fixed:

Some uploads have fixed some reproducibility issues, but not all of them:

Patches submitted that have not made their way to the archive yet:

  • #806331 against xz-utils by Ximin Luo: make the selected POSIX shell stable accross build environments
  • #806494 against gnupg by intrigeri: Make man pages not embed a build-time dependent timestamp
  • #806945 against bash by Reiner Herrmann and Ximin Luo: Use the system man2html, and set PGRP_PIPE unconditionally.
  • #825857 against python-setuptools by Anton Gladky: sort libs in native_libs.txt
  • #826408 against brainparty by Reiner Herrmann: Sort object files for deterministic linking order
  • #826416 against blockout2 by Reiner Herrmann: Sort the list of source files
  • #826418 against xgalaga++ by Reiner Herrmann: Sort source files to get a deterministic linking order
  • #826423 against kraptor by Reiner Herrmann: Sort source files for deterministic linking order
  • #826431 against traceroute by Reiner Herrmann: Sort lists of libraries/source/object files
  • #826544 against doc-debian by intrigeri: make the created files stable regardless of the locale
  • #826676 against python-openstackclient by Chris Lamb: make the build reproducible
  • #826677 against cadencii by Chris Lamb: make the build reproducible
  • #826760 against dctrl-tools by Reiner Herrmann: Sort object files for deterministic linking order
  • #826951 against slicot by Alexis Bienvenüe: please make the build reproducible (fileordering)
  • #826982 against hoichess by Reiner Herrmann: Sort object files for deterministic linking order
Package reviews

68 reviews have been added, 19 have been updated and 28 have been removed in this week. New and updated issues:

26 FTBFS bugs have been reported by Chris Lamb, 1 by Santiago Vila and 1 by Sascha Steinbiss.

diffoscope development
  • Mattia Rizzolo uploaded diffoscope/54 to jessie-backports.
strip-nondeterminism development
  • Mattia uploaded strip-nondeterminism/0.018-1 to jessie-backports, to support a debhelper backport.
  • Andrew Ayer uploaded strip-nondeterminism/0.018-2 fixing #826700, a packaging improvement for Multi-Arch to ease cross-build situations.
  • 2 days later Andrew released strip-nondeterminism/0.019; now strip-nondeterminism is able to:
    • recursively normalize JAR files embedded within JAR files (#823917)
    • clamp the timestamp, the same way tar >=1.28-2.2 can (for now available only for gzip archives)
disorderfs development
  • Andrew Ayer released disorderfs/0.4.3, fixing a issue with umask handling (#826891)
tests.reproducible-builds.org
  • Valerie Young namespaced the Debian-specific pages to /debian/ namespace, with redirects to for the previous URLs.
  • Holger Levsen improved the reliability of build jobs: the availability of both build nodes (for a given build) is now being tested when a build job is started, to better cope when one of the 25 build nodes go down for some reason.
  • Ximin Luo improved the index of identified issues to include the total popcon scores of each issue, which is now also used for sorting that page.
Misc.

Steven Chamberlain submitted a patch to FreeBSD's makefs to allow reproducible builds of the kfreebsd installer.

Ed Maste committed a patch to FreeBSD's binutils to enable determinstic archives by default in GNU ar.

Helmut Grohne experimented with cross+native reproductions of dash with some success, using rebootstrap.

This week's edition was written by Ximin Luo, Chris Lamb, Holger Levsen, Mattia Rizzolo and reviewed by a bunch of Reproducible builds folks on IRC.

Categories: Elsewhere

Drupal Association News: Acknowledging the Drupal Association's Supporting Partners - Q2

Planet Drupal - Thu, 16/06/2016 - 00:20

There are so many amazing companies in the Drupal universe contributing their time and resources to the community and project right now. They’re taking the initiative to encourage their employees to contribute code. They’re sharing what they've learned while trying to provide clients with superior digital experiences. They’re donating their time to provide educational content to the community. And they’re doing a lot of it through their own internal operations.

Some of these businesses are also members of our Supporter Programs, which fund Drupal.org’s maintenance and improvements. And for that, we can’t thank them enough.

"Supporting Partners help us make Drupal.org a better home for our community. Their financial support is directly responsible for DrupalCI, the Issue Credits system, and all the other initiatives we've undertaken as a team. Take the Drupal 8 landing page as one example. Funding from Supporting Partners let us promote the release of Drupal 8 with a level of professionalism and finesse that no Drupal release has had before. Work like that builds a stronger ecosystem for our Supporters and for the wider community." - Tim Lehnen (hestenet), Drupal Association Project Manager

In this quarter alone, with financial support from the Supporting Partners, the Drupal.org tech team has been able to:

  • Launch the Alpha of their Composer façade
  • Update the Git Twisted daemon, which serves as the backend for the Drupal.org Git repositories and packaging process
  • Launch a new staging environment that more closely matches the production environment, optimizing the development workflow
  • Improve performance of the DrupalCon Events website
  • Deploy CKEditor to Drupal.org's Section, Page, and Post content types, which brings a more impressive editorial experience to Drupal.org
  • Bring PhantomJS testing to DrupalCI, so the Drupal project can now test at the JavaScript level

All of this happened while ensuring DrupalCI ran smoothly for DrupalCon New Orleans sprints, successfully launching registration for DrupalCon Dublin (get your tickets now!), and launching the DrupalCon Baltimore splash page. Needless to say, the Drupal.org team has been busy, and it wouldn’t have been possible without our Supporting Partners financial contributions.

Check out our recent Drupal.org update for more details on exactly what the team was able to accomplish this past quarter. And to see where the team is headed next, take a look at the Drupal.org team's working roadmap.

As a testament to the relentless support these companies continue to show, here’s a list of new or renewing partners just this quarter:

  1. EPAM Systems
  2. Aten Design Group
  3. Phase2 Technology
  4. Lullabot
  5. Digital Circus
  6. HS2 Solutions
  7. Cybage Software, Inc.
  8. The Cherry Hill Company
  9. Cheeky Monkey Media
  10. Access
  11. Message Agency
  12. Adapt A/S
  13. Unleashed Technologies, LLC
  14. Promet Source
  15. Digital Echidna
  16. ThinkShout Inc.
  17. Amazee Labs
  18. ImageX Media
  19. Four Kitchens
  20. Evolving Web
  21. Acro Media Inc
  22. Aquilent
  23. Facet Interactive
  24. Last Call Media
  25. QED42 Engineering Pvt Ltd.
  26. Bluehost
  27. Blackmesh
  28. OpsGenie
  29. Arvixe
  30. GreenGeeks
  31. JetBrains

If you want to give back to the Project and help fund this important work, please contact our Executive Director, Megan Sanicki, for details. Your participation will be much appreciated and your company will also be able to enjoy great benefits in return!

Categories: Elsewhere

Acquia Developer Center Blog: Drupal 8 Module of the Week: Rules

Planet Drupal - Wed, 15/06/2016 - 22:30

Each day, between migrations and new projects, more and more features are becoming available for Drupal 8, the Drupal community's latest major release. In this series, the Acquia Developer Center is profiling some prominent, useful, and interesting projects--modules, themes, distros, and more--available for Drupal 8. This week: Rules.

Tags: acquia drupal planetRulesworkflowintegration
Categories: Elsewhere

myDropWizard.com: Drupal 6 security update for Views!

Planet Drupal - Wed, 15/06/2016 - 22:29

As you may know, Drupal 6 has reached End-of-Life (EOL) which means the Drupal Security Team is no longer doing Security Advisories or working on security patches for Drupal 6 core or contrib modules - but the Drupal 6 LTS vendors are and we're one of them!

Today, there is a Moderately Critical security release for Views to fix an Access Bypass vulnerability.

An access bypass vulnerability exists in the Views module, where users without the "View content count" permission can see the number of hits collected by the Statistics module for results in the view.

This issue is mitigated by the fact that the view must be configured to show a "Content statistics" field, such as "Total views", "Views today" or "Last visit".

Download the patch for Views 6.x-2.x or 6.x-3.x.

If you have a Drupal 6 site using the Views module, we recommend you update immediately! We have already deployed the patch for all of our Drupal 6 Long-Term Support clients. :-)

If you'd like all your Drupal 6 modules to receive security updates and have the fixes deployed the same day they're released, please check out our D6LTS plans.

Note: if you use the myDropWizard module (totally free!), you'll be alerted to these and any future security updates, and will be able to use drush to install them (even though they won't necessarily have a release on Drupal.org).

Categories: Elsewhere

Enrico Zini: Verifying gpg keys

Planet Debian - Wed, 15/06/2016 - 21:47

Suppose you have a gpg keyid like 9F6C6333 that corresponds to both key 1AE0322EB8F74717BDEABF1D44BB1BA79F6C6333 and 88BB08F633073D7129383EE71EA37A0C9F6C6333, and you don't know which of the two to use.

You go to http://pgp.cs.uu.nl/ and find out that the site uses short key IDs, so the two keys are indistinguishable.

Building on Clint's hopenpgp-tools, I made a script that screenscrapes http://pgp.cs.uu.nl/ for trust paths, downloads all the potentially connecting keys in a temporary keyring, and runs hkt findpaths on it:

$ ./verify-trust-paths 1793D6AB75663E6BF104953A634F4BD1E7AD5568 1AE0322EB8F74717BDEABF1D44BB1BA79F6C6333 hkt (hopenpgp-tools) 0.18 Copyright (C) 2012-2016 Clint Adams hkt comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. (4,[1,4,3,6]) (1,1793D6AB75663E6BF104953A634F4BD1E7AD5568) (3,F8921D3A7404C86E11352215C7197699B29B232A) (4,C331BA3F75FB723B5873785B06EAA066E397832F) (6,1AE0322EB8F74717BDEABF1D44BB1BA79F6C6333) $ ./verify-trust-paths 1793D6AB75663E6BF104953A634F4BD1E7AD5568 88BB08F633073D7129383EE71EA37A0C9F6C6333 hkt (hopenpgp-tools) 0.18 Copyright (C) 2012-2016 Clint Adams hkt comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. (0,[])

This is a start: it could look in the local keyring for all ultimately trusted key finegrprints and use those as starting points. It could just take as an argument a short keyid and automatically check all matching fingerprints.

I'm currently quite busy with https://nm.debian.org and at the moment verify-trust-paths scratches enough of my itch that I can move on with my other things.

Please send patches, or take it over: I'd like to see this grow.

Categories: Elsewhere

Pages

Subscribe to jfhovinne aggregator