Feed aggregator

Drupal.org blog: What’s new on Drupal.org? - June 2016

Planet Drupal - Fri, 15/07/2016 - 17:20

Read our Roadmap to understand how this work falls into priorities set by the Drupal Association with direction and collaboration from the Board and community.

In June the Drupal Association had our annual staff retreat, where the remote team members joined the Portland, OR team for a three day retreat. This year's retreat was particularly important as we found our feet as a smaller, leaner team, and focused on our organizational roadmap for the next twelve months.

For the engineering team in particular, our focus will be on maintaining the critical systems that make project successful: issue queues, updates, testing, packaging, etc, while at the same time finding new ways to support and enable Drupal's evolution.

These were some heady days, but even as we worked through the best ways to continue serving the Drupal community on a strategic level in June, we also found the time to keep making Drupal.org a better home.

Drupal.org updates Documentation Migration

A long running initiative this year has been the creation of a new Documentation system for Drupal.org, a topic we've touched on in many prior updates as it has begun to come online. We are very happy to say that we are moving to the next stage of the documentation project: moving from development to migration.

In June tvn recruited several volunteers to join our documentation migration team, and to become some of the first maintainers for the new Documentation Guides. General documentation, such as Understanding Drupal, Structure Guide, etc. will be migrated first. Documentation for contributed projects will follow in the coming weeks.

Maintainers of contributed projects, who currently have their documentation on Drupal.org, will be added as maintainers to respective documentation guides and are encouraged to clean/tidy up their documentation post-migration.

if you are interested in helping, or sign up as a maintainer for some of the new documentation guides.

Composer Repositories are now in Beta

Drupal.org's Composer repositories allow developers building sites with Drupal to use the Composer command line tool for dependency management. In June we collected feedback from a variety of users, as well as the community volunteers who assisted us with the Composer Community Initiative.

We spent the month iterating quickly on the alpha implementation: fixing bugs and rebuilding the meta data to ensure that users get consistent and expected results. Because of those fixes, and after gathering yet more feedback from the community, we were able to move the Drupal.org Composer repositories to beta.

We encourage you to begin transitioning your composer based workflows to use Drupal.org's composer facade. Package names are stable, and downtimes will be planned and announced. For more information on how to use Drupal.org's Composer repositories, read our documentation.

Better issue credit tools for maintainers

The Drupal.org issue credit system is a unique innovation of our community. By allowing users to attribute their contributions as volunteers, to their employers, or to client customers, we have an insight into the contribution ecosystem for Drupal that is unparalleled among open source projects. We've also already seen the impact of incentivizing organizations to give back to Drupal, by using the credit system as the basis for organization rankings in the marketplace.

In June we added two new tools for maintainers to improve how they grant credit to users. Firstly, maintainers can now deselect the automatic credit attribution for users who have submitted patches. This change was important to prevent gaming the credit system. Secondly, we've given the maintainers the ability to credit users who have not commented in the issue. Whether that help was provided in IRC, Slack, on a video call, or in a sprint room, maintainers can now ensure that those users who helped resolve an issue receive credit for their contributions. Any user who is credited this way can edit their credit attribution if they want to extend that attribution to a supporting organization or customer.

Friendly path aliases for release nodes

We also made a relatively small change that will have a big impact. Path auto is now enabled for project releases, so you for any project a specific release can now be found at:
drupal.org/project/[project_name]/[version]
And you can also find a list of all the releases for a project at:
drupal.org/project/[project_name]/[version]

Take, for example, the Token module:
https://drupal.org/project/token/

You can find the complete index of releases for this project at: https://www.drupal.org/project/token/releases and individual releases now have friendly urls, like this one: https://www.drupal.org/project/token/releases/8.x-1.0-alpha2

Spam Fighting Improvements

Fighting spam on Drupal.org is a never ending battle, but in June we deployed a refinement to our spam fighting tools that helps us to find patterns in registration behavior and prevent spam registrations before they've even started. After flipping on our latest iteration of this spam fighting tool we saw an immediate and dramatic drop-off in suspicious account registrations. With the additional data we've been able to collect we already see ways to improve this even further, so we hope to continue make Drupal.org a cleaner home for the community.

Highlighting Supporting Technologies

Drupal is many things to many different people, but one central function of Drupal is to be the hub of interconnected and complementary technologies. Several of the companies that build these technologies have chosen to support the Drupal project by becoming supporters. To better highlight some of these supporting technologies that work well with Drupal, we've added a supporting technologies listing to the marketplace.

Sustaining support and maintenance DrupalCon

DrupalCon Dublin is coming up soon, from September 26 - 30th. This year we smashed all our previous records for session submissions, and the caliber of speakers and topics is higher than ever before.

In June we opened registration for the event. We encourage you to buy your tickets now! Early bird registration will end soon.

Infrastructure

Infrastructure is the bedrock of Drupal.org - and we're continuing to tune the infrastructure for efficiency, economy, and performance. Alongside the launch of registration for DrupalCon Dublin, we implemented APDQC to improve the performance of the Events website under heavy load.

We've also been upgrading our configuration management from Puppet 3 to Puppet 4, and continuing to standardize our configuration across all of our environments to make our infrastructure durable, consistent, and portable.

———

As always, we’d like to say thanks to all the volunteers who work with us, and to the Drupal Association Supporters, who made it possible for us to work on these projects.

If you would like to support our work as an individual or an organization, consider becoming a member of the Drupal Association.

Follow us on Twitter for regular updates: @drupal_org, @drupal_infra

Categories: Elsewhere

InternetDevels: The BigPipe Drupal 8 module for your website performance optimization

Planet Drupal - Fri, 15/07/2016 - 15:46

We once told you about some great new features of Drupal 8
(in part 1 and part 2). Now it’s time to have a closer look at one
of the most exciting innovations for Drupal 8: the BigPipe Module.

Read more
Categories: Elsewhere

Zivtech: Foster a Culture of Training

Planet Drupal - Fri, 15/07/2016 - 15:00
What Are Your Values? What really matters? People. I see our staff get married, have children, buy houses, enjoy their lives, their coworkers, and their working environment, and I know that I was part of that. They also created our value.
What You Gain Early on we adopted this idea that we were going to train up our people, and that we weren't going to just expect them to come in all ready to go. We were going to bring people in at all different levels including having no experience at all. Over the years we found that we gained a lot from doing that, so we have much better employee retention than most of our peers. A lot of our people have been here almost since our start.

Our team is very close, and communicates very well. Think of a team as neurons in your brain. The more connections that they have, the better they communicate, the stronger the team.

They are harmonious because they've all been trained in the same way. We don't have a lot of strong conflicts about how we do things. All of our projects are done in the same way.

We're not undoing old opinions, and we also have a lot of generosity towards each other. People give you retention, loyalty, and generosity because you gave them something. You took a chance on them when they didn't have a lot of opportunities, and you invested a lot in them. We also have a lot of developers with other strengths. They are more well-rounded. Our staff includes people with many outside skills, including musicians, artists, writers, and polyglots. Their diverse cognitive frameworks help solve problems creatively.

In a culture of training, everyone values the idea of working together to teach each other. That extends not just to our own team, but to how we interact with our clients. Ultimately I find that clients often value being taught more than they value the end product.

We have this whole team of great communicators who value teaching. Whether they're the project manager, the developer, or the QA person, they're always finding that chance to teach the client something.



Download the full Grow Your Own white paper for free.
Categories: Elsewhere

Lars Wirzenius: Two-factor auth for local logins in Debian using U2F keys

Planet Debian - Fri, 15/07/2016 - 13:19

Warning: This blog post includes instructions for a procedure that can lead you to lock yourself out of your computer. Even if everything goes well, you'll be hunted by dragons. Keep backups, have a rescue system on a USB stick, and wear flameproof clothing. Also, have fun, and tell your loved ones you love them.

I've recently gotten two U2F keys. U2F is a open standard for authentication using hardware tokens. It's probably mostly meant for website logins, but I wanted to have it for local logins on my laptop running Debian. (I also offer a line of stylish aluminium foil hats.)

Having two-factor authentication (2FA) for local logins improves security if you need to log in (or unlock a screen lock) in a public or potentially hostile place, such as a cafe, a train, or a meeting room at a client. If they have video cameras, they can film you typing your password, and get the password that way.

If you set up 2FA using a hardware token, your enemies will also need to lure you into a cave, where a dragon will use a precision flame to incinerate you in a way that leaves the U2F key intact, after which your enemies steal the key, log into your laptop and leak your cat GIF collection.

Looking up information for how to set this up, I found a blog post by Sean Brewer, for Ubuntu 14.04. That got me started. Here's what I understand:

  • PAM is the technology in Debian for handling authentication for logins and similar things. It has a plugin architecture.

  • Yubico (maker of Yubikeys) have written a PAM plugin for U2F. It is packaged in Debian as libpam-u2f. The package includes documentation in /usr/share/doc/libpam-u2f/README.gz.

  • By configuring PAM to use libpam-u2f, you can require both password and the hardware token for logging into your machine.

Here are the detailed steps for Debian stretch, with minute differences from those for Ubuntu 14.04. If you follow these, and lock yourself out of your system, it wasn't my fault, you can't blame me, and look, squirrels! Also not my fault if you don't wear sufficient protection against dragons.

  1. Install pamu2fcfg and libpam-u2f.
  2. As your normal user, mkdir ~/.config/Yubico. The list of allowed U2F keys will be put there.
  3. Insert your U2F key and run pamu2fcfg -u$USER > ~/.config/Yubico/u2f_keys, and press the button on your U2F key when the key is blinking.
  4. Edit /etc/pam.d/common-auth and append the line auth required pam_u2f.so cue.
  5. Reboot (or at least log out and back in again).
  6. Log in, type in your password, and when prompted and the U2F key is blinking, press its button to complete the login.

pamu2fcfg reads the hardware token and writes out its identifying data in a form that the PAM module understands; see the pam-u2f documentation for details. The data can be stored in the user's home directory (my preference) or in /etc/u2f_mappings.

Once this is set up, anything that uses PAM for local authentication (console login, GUI login, sudo, desktop screen lock) will need to use the U2F key as well. ssh logins won't.

Next, add a second key to your u2f_keys. This is important, because if you lose your first key, or it's damaged, you'll otherwise have no way to log in.

  1. Insert your second U2F key and run pamu2fcfg -n > second, and press the second key's button when prompted.
  2. Edit ~/.config/Yubico/u2f_keys and append the output of second to the line with your username.
  3. Verify that you can log in using your second key as well as the first key. Note that you should have only one of the keys plugged in at the same time when logging in: the PAM module wants the first key it finds so you can't test both keys plugged in at once.

This is not too difficult, but rather fiddly, and it'd be nice if someone wrote at least a way to manage the list of U2F keys in a nicer way.

Categories: Elsewhere

Miloš Bovan: Post comments via email

Planet Drupal - Fri, 15/07/2016 - 13:08
Post comments via email

The overall test coverage of Mailhandler module has been improved in the week 7 of Google Summer of Code. The plan for the week 8 was to implement feature for posting comments by sending an email.

Similarly to MailhandlerNode (handler for nodes), we had to create a new config entity: inmail.handler.mailhandler_comment and a handler plugin class. Since comments will have limited support, during the last weekly meeting with my mentors (Miro and Primoz), we decided not to add more analyzers as proposed first, but rather to move comment specific business logic to MailhandlerComment Inmail handler plugin.

In order to simplify the logic in the comment handler, EntityTypeAnalyzer was updated to support partial entity type matching. The entity type was extracted from the subject independently of the second part, which can be bundle or entity ID in case of comments.

The current steps in the comment handler are:

  • Assert we are dealing with comments (the identified entity type is comment)

  • Parse the referenced entity ID from the mail subject: [comment][#entity_id]

  • Validate (authenticate and authorize) a user

  • Create a comment entity if all previous conditions are met

The pull request on Github was already created and it will request additional updates after it received some nice suggestions from my mentor.

The Inmail issue Lack of standard result in collaboration of analyzers progressed well during the last week. After several feedbacks and broad discussion, it is currently in “Needs review” state. In my opinion, it is quite close to be fixed and we will be able to implement the standard analyzer result object into Mailhandler module very soon.

Also, last week I made a few UX improvements in the module.
Inmail demo now supports sample mail messages from mailhandler_d8_demo module. As a related issue, PGP-signed sample mails were added to the demo.

The Mailhandler Demo is our focus for the following week. It will be extended with a sample Mailhandler user with already preconfigured Inmail settings, PGP keys and relevant form and display updates. The goal is to provide an easy start for new Mailhandler users. The progress made on the module so far, will be presented as a short (video) demo. Stay tuned!

 

 

Milos Fri, 07/15/2016 - 13:08 Tags Drupal Open source Google Summer of Code Drupal Planet Add new comment
Categories: Elsewhere

Ritesh Raj Sarraf: Fully SSL for my website

Planet Debian - Fri, 15/07/2016 - 12:24

I finally made full switch to SSL for my website. Thanks to this simple howto on Let's Encrypt. I had to use the upstream git repo though. The Debian packaged tool, letsencrypt.sh, did not have enough documentation/pointers in place. And finally, thanks to the Let's Encrypt project as a whole.

PS: http is now redirected to https. I hope nothing really breaks externally.

Categories: Keywords: Like: 
Categories: Elsewhere

Andrew Cater: Who wrote Hello world

Planet Debian - Fri, 15/07/2016 - 00:43
Who wrote "Hello, world" ?Rereading Kernighan and Ritchie's classic book on C - https://en.wikipedia.org/wiki/The_C_Programming_Language - almost the first thing you find is the listing for hello world. The comments make it clear that this is a commonplace - the sort of program that every programmer writes as a first test - the new computer works, the compiler / interpreter produces useful output and so on. It' s the classic, canonical thing to do.
A long time back, I got asked whether programming was an art or a science: it's both, but most of all it's only good insofar as it's shared and built on. I used hello world as an example: you can write hello world. You decide to add different text - a greeting (Hej! / ni hao / Bonjour tout le monde! )for friends. 
You discover at / cron / anacron - now you can schedule reminders "It's midnight - do you know where your code is?" "Go to bed, you have school tomorrow"
You can discover how to code for a graphical environment: how to build a test framework around it to check that it _only_ prints hello world and doesn't corrupt other memory ... the uses are endless if it sparks creativity.
If you feel like it, you can share your version - and learn from others. Write it in different languages - there's the analogous 99 bottles of beer site showing how to count and use different languages at www.99-bottles-of-beer.net
Not everyone will get it: not everyone will see it but everyone needs the opportunity 
Everyone needs the chance to share and make use of the commons, needs to be able to feel part of this 
Needs to be included: needs to feel that this is part of common heritage. If you work for an employer: get them to contribute code / money / resources - even if it's as a charitable donation or to offset against taxes
If you work for a government: get them to use Free/Libre/Open Source products
If you work for a hosting company / ISP - get them to donate bandwidth for schools/coding clubs.
Give your time, effort, expertise to help: you gained from others, help others gain
If you work for an IT manufacturer - get them to think of FLOSS as the norm, not the exception

 

 
Categories: Elsewhere

Janez Urevc: Presentations about various Drupal 8 media modules

Planet Drupal - Thu, 14/07/2016 - 22:34
Presentations about various Drupal 8 media modules slashrsm Thu, 14.07.2016 - 22:34

In the past few months I gave many talks about the modules that we created as part od Drupal 8 media initiative.

Slide decks for all sessions are available on GitHub and are released under Attribution-NonCommercial-ShareAlike 4.0 International License. This basically means that anyone is free to change and use them for non-commercial purposes. The only thing I ask is to give attribution to the original authors.

If you'd like to give a similar talk at your local meetup or camp feel you are encouraged to do so.

What are the topics that you can cover?

Entity embed

Embedding solution for Drupal 8: https://github.com/slashrsm/entity-embed-session.

Entity browser

Entity browsing and selecting tool for Drupal 8: https://github.com/slashrsm/entity-browser-session.

Drupal 8 cropping

Cropping solutions for Drupal 8: https://github.com/slashrsm/d8-cropping-session.

I co-authored and co-presented this session with Alexander Ross.

NP8 enterprise media distribution

Enterprise media distribution built on Drupal 8: https://github.com/slashrsm/np8-session.

Categories: Elsewhere

Sune Vuorela: Leaky lambdas and self referencing shared pointers

Planet Debian - Thu, 14/07/2016 - 22:27

After a bit of a debugging session, I ended up looking at some code in a large project

m_foo = std::make_shared<SomeQObject>(); /* plenty of lines and function boundaries left out */ (void)connect(m_foo.get(), &SomeQObject::someSignal, [m_foo]() { /* */ });

The connection gets removed when the pointer inside m_foo gets de-allocated by the shared_ptr.
But the connection target is a lambda that has captured a copy of the shared_ptr…

There is at least a couple of solutions.

  • Keep the connection object (QMetaObject::Connection) around and call disconnect in your destructor. That way the connection gets removed and the lamda object should get removed
  • Capture the shared pointer by (const) reference. Capture the shared pointer as a weak pointer. Or as a raw pointer. All of this is safe because whenever the shared pointer gets a refcount of zero, the connection gets taken down with the object.

I guess the lesson learnt is be careful when capturing shared pointers.

Categories: Elsewhere

ImageX Media: Higher Education Notes and Trends for the Week of July 11, 2016

Planet Drupal - Thu, 14/07/2016 - 22:10

There’s never a dull moment in the higher education sector. This week, we had our eyes on a dozen interesting articles across higher education. As always, you’ll find an undercurrent of themes that generally revolve around revenue and student demographics. This week’s higher education notes and trends has topics ranging from wealth distribution amongst North American post-secondary institutions, “over-education” of millennials and enrollment staff becoming the next generation of corporate headhunters.

Categories: Elsewhere

Acquia Developer Center Blog: Accessibility Testing: The Basic Facts You Need to Know

Planet Drupal - Thu, 14/07/2016 - 22:04

As businesses realize the importance of having an accessible website, there is a push to check both content and code to ensure that they are meeting 508 compliance standards and other accessibility standards, such as the Web Content Accessibility Guidelines (WCAG).

Tags: acquia drupal planet
Categories: Elsewhere

Lullabot: Rapidly Iterating with the ELMS Learning Network Drupal Distribution

Planet Drupal - Thu, 14/07/2016 - 22:00
Matt and Mike talk to Bryan Ollendyke and Michael Potter about everything LMS (Learning Management System) and their ELMSLN Drupal distribution that goes a long way into solving problems within that niche.
Categories: Elsewhere

Valuebound: How to define an Event, Dispatcher and Subscriber in Drupal 8?

Planet Drupal - Thu, 14/07/2016 - 21:50

As we all know Symfony Event Components are  included in Drupal8 core. In future versions of Drupal Core, Events are going to play a major role for sure. Let’s see how the Event component is going to help our Drupal Development. 

In one of the recent project, we got a tricky requirement in content authoring and publishing workflow. In specific, the Editor has to get a notification for reviewing, once a content author writes an article and saves it for reviewing. By using Events we can easily achieve this kind of  …

Categories: Elsewhere

Steve Kemp: Adding lua to all the things!

Planet Debian - Thu, 14/07/2016 - 20:00

Recently Antirez made a post documenting a simple editor in 1k of pure C, the post was interesting in itself, and the editor is a cute toy because it doesn't use curses - instead using escape sequences.

The github project became very popular and much interesting discussion took place on hacker news.

My interest was piqued because I've obviously spent a few months working on my own console based program, and so I had to read the code, see what I could learn, and generally have some fun.

As expected Salvatore's code is refreshingly simple, neat in some areas, terse in others, but always a pleasure to read.

Also, as expected, a number of forks appeared adding various features. I figured I could do the same, so I did the obvious thing in adding Lua scripting support to the project. In my fork the core of the editor is mostly left alone, instead code was moved out of it into an external lua script.

The highlight of my lua code is this magic:

-- -- Keymap of bound keys -- local keymap = {} -- -- Default bindings -- keymap['^A'] = sol keymap['^D'] = function() insert( os.date() ) end keymap['^E'] = eol keymap['^H'] = delete keymap['^L'] = eval keymap['^M'] = function() insert("\n") end

I wrote a function invoked on every key-press, and use that to lookup key-bindings. By adding a bunch of primitives to export/manipulate the core of the editor from Lua I simplified the editor's core logic, and allowed interesting facilities:

  • Interactive evaluation of lua.
  • The ability to remap keys on the fly.
  • The ability to insert command output into the buffer.
  • The implementation of copy/past entirely in Lua_.

All in all I had fun, and I continue to think a Lua-scripted editor would be a neat project - I'm just not sure there's a "market" for another editor.

View my fork here, and see the sample kilo.lua config file.

Categories: Elsewhere

Freelock : Ask Freelock: Why haven't you migrated to Drupal 8?

Planet Drupal - Thu, 14/07/2016 - 19:11

Richard asks:

Just a question after reading an article posted here back from January 21, 2016 on Drupal 8, why Freelock.com has not moved to Drupal 8?  Just wondering if there was a particular reason we should avoid before jumping in?  Thanks.

Ha! What a great question!

Three reasons: Time, requirements, priorities.

Drupal PlanetDrupal 8Decision-makingValue
Categories: Elsewhere

Mediacurrent: A Marketer Meets GitHub

Planet Drupal - Thu, 14/07/2016 - 18:20

One of the many perks of working at Mediacurrent is the ability to work in the comfort of your own home or nearby coffee shop.

Categories: Elsewhere

Appnovation Technologies: Appnovators Submit 7 Sessions for DrupalCon Dublin

Planet Drupal - Thu, 14/07/2016 - 18:20

DrupalCon is the heartbeat of the Drupal community, where important connections are made, improvements to the project happen, and cutting edge knowledge is shared.

Categories: Elsewhere

Pages

Subscribe to jfhovinne aggregator