Agrégateur de flux

Drop Guard: Sneak Peek: Drop Guard's revamped project creation process

Planet Drupal - jeu, 04/02/2016 - 19:30
Sneak Peek: Drop Guard's revamped project creation process Manuel Pistner Thu, 02/04/2016 - 18:30

We are working tirelessly to make Drop Guard better, faster and more friendly for developer. In this blog post we present you a "sneak peek" of our revamped project creation process, with this end in mind to please you with greater usability for getting started with your project in Drop Guard!

So let's get more detailed: the creation process will be split into 3 independent configuration screens.

1. On the first screen you will be able to quickly connect Drop Guard to your repository and enjoy it's updates monitoring capabilities - even without installing a Drop Guard module.

2. Second screen will be for those who immediately want to integrate Drop Guard in their daily maintenance routine. It's about telling Drop Guard what to do when the update of a certain type is detected.

3. Third screen will be all about events - sending e-mails, running SSH commands, pinging your favourite CI tool or merging branches based on certain conditions.

So below we share the preview of the new "Updates setup" wizard. As opposed to the "accordion-like" endless form, we now have the sleek step-by-step configurator, which allows you to quickly instruct Drop Guard what to do when updates are detected (embracing best update practices and being able to set a single configuration for different types of updates). 

This is a screenshot of  the update types configuration in the old project creation process:


And here you can enjoy the sneak peek of the new process:

 

 

If you're a Drop Guard user or just curious - don't hesitate and leave your feedback on it. We'd love to optimize Drop Guard for every workflow and we can't do it without your voice! You prefer a personal contact? Find our data here: About Drupal Drupal Planet Project Process
Catégories: Elsewhere

Promet Source: The Drupal Developers' Essential Guide to Automated Testing

Planet Drupal - jeu, 04/02/2016 - 18:54
Read our Automated Testing eBook

 

Our Drupal development experts compiled their best advice for running effective automated tests that will save time and money. Complex development projects are likely to have many releases and have much to gain from implementing an automated test framework. Read this guide for advice on how your team should approach writing test cases, choosing the right tools to execute tests, and how to emphasize visibility in sharing the test results.

Catégories: Elsewhere

Jeff Geerling's Blog: Set up a hierarchical taxonomy term Facet using Facet API with Search API Solr

Planet Drupal - jeu, 04/02/2016 - 18:28

I wanted to document this here just because it took me a little while to get all the bits working just right so I could have a hierarchical taxonomy display inside a Facet API search facet, rather than a flat display of only the taxonomy terms directly related to the nodes in the current search.

Basically, I had a search facet on a search page that allowed users to filter search results by a taxonomy term, and I wanted it to show the taxonomy's hierarchy:

To do this, you need to do two main things:

  1. Make sure your taxonomy field is being indexed with taxonomy hierarchy data intact.
  2. Set up the Facet API facet for this taxonomy term so it will display the full hierarchy.

Let's first start by making sure the taxonomy information is being indexed (refer to the image below):

Catégories: Elsewhere

LevelTen Interactive: The First Ever Statewide DrupalCamp in Texas! TexasCamp 2016

Planet Drupal - jeu, 04/02/2016 - 16:49

LevelTen Interactive is proud to present TexasCamp 2016 on April 1 - 2 at the Addison Conference and Theatre Centre in Dallas, Texas.

TexasCamp is two days of DrupalCamp, intended for Drupal admins and users, sitebuilders, themers and developers. Expect sessions from beginner to expert level, with the brightest minds in the Drupal world attending and presenting.

You can attend TexasCamp for only ...Read more

Catégories: Elsewhere

Petter Reinholdtsen: Using appstream in Debian to locate packages with firmware and mime type support

Planet Debian - jeu, 04/02/2016 - 16:40

The appstream system is taking shape in Debian, and one feature set that is very convenient is its ability to tell you want package to install to get a given firmware file. This can be done using apt-file too, but that is for someone else to blog about. :)

Here is a small recipe to find the package with a given firmware file, in this example I am looking for ctfw-3.2.3.0.bin, randomly picked from the set of firmware announced using appstream in Debian unstable. In general you would be looking for the firmware requested by the kernel during kernel module loading. To find the package providing the example file, do like this:

% apt install appstream [...] % apt update [...] % appstreamcli what-provides firmware:runtime ctfw-3.2.3.0.bin | \ awk '/Package:/ {print $2}' firmware-qlogic %

See the appstream wiki page to learn how to embed the package metadata in a way appstream can use.

This same approach can be used to find any package supporting a given MIME type. This is very useful when you get a file you do not know how to handle. First find the mime type using file --mime-type, and next look up the package providing support for it. Lets say you got an SVG file. Its MIME type is image/svg+xml, and you can find all packages handling this type like this:

% apt install appstream [...] % apt update [...] % appstreamcli what-provides mimetype image/svg+xml | \ awk '/Package:/ {print $2}' bkchem phototonic inkscape shutter tetzle geeqie xia pinta gthumb karbon comix mirage viewnior postr ristretto kolourpaint4 eog eom gimagereader midori %

I believe the MIME types are fetched from the desktop file for packages providing appstream metadata.

Catégories: Elsewhere

Ritesh Raj Sarraf: Lenovo Yoga 2 13 running Debian with GNOME Converged Interface

Planet Debian - jeu, 04/02/2016 - 16:33

I've wanted to blog about this for a while. So, though I'm terrible at creating video reviews, I'm still going to do it, rather than procrastinate every day.

 

In this video, the emphasis is on using Free Software (GNOME in particular) tools, with which soon you should be able serve the needs for Desktop/Laptop, and as well as a Tablet.

The video also touches a bit on Touchpad Gestures.

 

Categories: Keywords: Like: 
Catégories: Elsewhere

Martin-Éric Racine: xf86-video-geode 2.11.18

Planet Debian - jeu, 04/02/2016 - 15:27

Yesterday, I pushed out version 2.11.18 of the Geode X.Org driver. This is the driver used by the OLPC XO-1 and by a plethora of low-power desktops, micro notebooks and thin clients. This release mostly includes maintenance fixes of all sorts. Of noticeable interest is a fix for the long-standing issue that switching between X and a VT would result in a blank screen (this should probably be cherry-picked for distributions running earlier releases of this driver). Many thanks to Connor Behan for the fix!


Unfortunately, this driver still doesn't work with GNOME. On my testing host, launching GDM produces a blank screen. 'ps' and other tools show that GDM is running but there's no screen content; the screen remains pitch black. This issue doesn't happen with other display managers e.g. LightDM. Bug reports have been filed, additional information was provided, but the issue still hasn't been resolved.


Additionally, X server flat out crashes on Geode hosts running Linux kernels 4.2 or newer. 'xkbcomp' repeatedly fails to launch and X exits with a fatal error. Bug reports have been filed, but not reacted to. However, interestingly enough, X launches fine if my testing host is booted with earliers kernels, which might suggest what the actual cause of this particular bug might be:


Since kernel 4.2 entered Debian, the base level i386 kernel on Debian is now compiled for i686 (without PAE). Until now, the base level was i586. This essentially makes it pointless to build the Geode driver with GX2 support. It also means that older GX1 hardware won't be able to run Debian either, starting with the next stable release.

Catégories: Elsewhere

Acquia Developer Center Blog: Drupal 8 Module of the Week: Admin Toolbar

Planet Drupal - jeu, 04/02/2016 - 13:35
Jeffrey A. "jam" McGuire

Each day, more Drupal 7 modules are being migrated over to Drupal 8 and new ones are being created for the Drupal community’s latest major release. In this series, the Acquia Developer Center is profiling some of the most prominent, useful modules available for Drupal 8. This week: Admin Toolbar.

Tags: acquia drupal planetadmin toolbardrupal 8Drupal modules
Catégories: Elsewhere

Daniel Pocock: Australians stuck abroad and alleged sex crimes

Planet Debian - jeu, 04/02/2016 - 11:30

Two Australians have achieved prominence (or notoriety, depending on your perspective) for the difficulty in questioning them about their knowledge of alleged sex crimes.

One is Julian Assange, holed up in the embassy of Ecuador in London. He is back in the news again today thanks to a UN panel finding that the UK is effectively detaining him, unlawfully, in the Ecuadorian embassy. The effort made to discredit and pursue Assange and other disruptive technologists, such as Aaron Swartz, has an eerie resemblance to the way the Spanish Inquisition hunted witches in the middle ages.

The other Australian stuck abroad is Cardinal George Pell, the most senior figure in the Catholic Church in Australia. The inquiry into child sex abuse by priests has heard serious allegations claiming the the Cardinal knew about and covered up abuse. This would appear far more sinister than anything Mr Assange is accused of. Like Mr Assange, the Cardinal has been unable to travel to attend questioning in person. News reports suggest he is ill and can't leave Rome, although he is being accommodated in significantly more comfort than Mr Assange.

If you had to choose, which would you prefer to leave your child alone with?

Catégories: Elsewhere

Russell Coker: Unikernels

Planet Debian - jeu, 04/02/2016 - 10:48

At LCA I attended a talk about Unikernels. Here are the reasons why I think that they are a bad idea:

Single Address Space

According to the Unikernel Wikipedia page [1] a significant criteria for a Unikernel system is that it has a single address space. This gives performance benefits as there is no need to change CPU memory mappings when making system calls. But the disadvantage is that any code in the application/kernel can access any other code directly.

In a typical modern OS (Linux, BSD, Windows, etc) every application has a separate address space and there are separate memory regions for code and data. While an application can request the ability to modify it’s own executable code in some situations (if the OS is configured to allow that) it won’t happen by default. In MS-DOS and in a Unikernel system all code has read/write/execute access to all memory. MS-DOS was the least reliable OS that I ever used. It was unreliable because it performed tasks that were more complex than CP/M but had no memory protection so any bug in any code was likely to cause a system crash. The crash could be delayed by some time (EG corrupting data structures that are only rarely accessed) and was very difficult to fix. It would be possible to have a Unikernel system with non-modifyable executable areas and non-executable data areas and it is conceivable that a virtual machine system like Xen could enforce that. But that still wouldn’t solve the problem of all code being able to write to all data.

On a Linux system when an application writes to the wrong address there is a reasonable probability that it will not have write access and you will immediately get a SEGV which is logged and informs the sysadmin of the address of the crash.

When Linux applications have bugs that are difficult to diagnose (EG buffer overruns that happen in production and can’t be reproduced in a test environment) there are a variety of ways of debugging them. Tools such as Valgrind can analyse memory access and tell the developers which code had a bug and what the bug does. It’s theoretically possible to link something like Valgrind into a Unikernel, but the lack of multiple processes would make it difficult to manage.

Debugging

A full Unix environment has a rich array of debugging tools, strace, ltrace, gdb, valgrind and more. If there are performance problems then tools like sysstat, sar, iostat, top, iotop, and more. I don’t know which of those tools I might need to debug problems at some future time.

I don’t think that any Internet facing service can be expected to be reliable enough that it will never need any sort of debugging.

Service Complexity

It’s very rare for a server to have only a single process performing the essential tasks. It’s not uncommon to have a web server running CGI-BIN scripts or calling shell scripts from PHP code as part of the essential service. Also many Unix daemons are not written to run as a single process, at least threading is required and many daemons require multiple processes.

It’s also very common for the design of a daemon to rely on a cron job to clean up temporary files etc. It is possible to build the functionality of cron into a Unikernel, but that means more potential bugs and more time spent not actually developing the core application.

One could argue that there are design benefits to writing simple servers that don’t require multiple programs. But most programmers aren’t used to doing that and in many cases it would result in a less efficient result.

One can also argue that a Finite State Machine design is the best way to deal with many problems that are usually solved by multi-threading or multiple processes. But most programmers are better at writing threaded code so forcing programmers to use a FSM design doesn’t seem like a good idea for security.

Management

The typical server programs rely on cron jobs to rotate log files and monitoring software to inspect the state of the system for the purposes of graphing performance and flagging potential problems.

It would be possible to compile the functionality of something like the Nagios NRPE into a Unikernel if you want to have your monitoring code running in the kernel. I’ve seen something very similar implemented in the past, the CA Unicenter monitoring system on Solaris used to have a kernel module for monitoring (I don’t know why). My experience was that Unicenter caused many kernel panics and more downtime than all other problems combined. It would not be difficult to write better code than the typical CA employee, but writing code that is good enough to have a monitoring system running in the kernel on a single-threaded system is asking a lot.

One of the claimed benefits of a Unikernel was that it’s supposedly risky to allow ssh access. The recent ssh security issue was an attack against the ssh client if it connected to a hostile server. If you had a ssh server only accepting connections from management workstations (a reasonably common configuration for running servers) and only allowed the ssh clients to connect to servers related to work (an uncommon configuration that’s not difficult to implement) then there wouldn’t be any problems in this regard.

I think that I’m a good programmer, but I don’t think that I can write server code that’s likely to be more secure than sshd.

On Designing It Yourself

One thing that everyone who has any experience in security has witnessed is that people who design their own encryption inevitably do it badly. The people who are experts in cryptology don’t design their own custom algorithm because they know that encryption algorithms need significant review before they can be trusted. The people who know how to do it well know that they can’t do it well on their own. The people who know little just go ahead and do it.

I think that the same thing applies to operating systems. I’ve contributed a few patches to the Linux kernel and spent a lot of time working on SE Linux (including maintaining out of tree kernel patches) and know how hard it is to do it properly. Even though I’m a good programmer I know better than to think I could just build my own kernel and expect it to be secure.

I think that the Unikernel people haven’t learned this.

No related posts.

Catégories: Elsewhere

Iustin Pop: X cursor theme

Planet Debian - jeu, 04/02/2016 - 10:46

There's not much to talk about X cursor themes, except when they change behind your back

A while back, after a firefox upgrade, it—and only it—showed a different cursor theme: basically double the size, and (IMHO) uglier. Searched for a while, but couldn't figure what makes firefox special, except that it is a GTK application.

After another round of dist-upgrades, now everything except xterms were showing the big cursors. This annoyed me to no end—as I don't use a high-DPI display, the new cursors are just too damn big. Only to find out two things:

  • thankfully, under Debian, the x-cursor-theme is an alternatives entry, so it can be easily configured
  • sadly, the adwaita-icon-theme package (whose description says "default icon theme of GNOME") installs itself as a very high priority alternatives entry (90), which means it takes over my default X cursor

Sigh, Gnome.

Catégories: Elsewhere

Valuebound: Installing Drupal with Drush, the Basics

Planet Drupal - jeu, 04/02/2016 - 07:37

Drush is a command line interface that help us to speed up administrative and development tasks for Drupal sites. After installing this Drush, we’ll be able to perform useful action simply by typing command into a terminal —actions that would usually take multiple steps in a web browser. Drush runs on Drupal 6, 7 well as 8.

Note:  Drupal 8, works only with Drush 8.

Couple of task which can be be done using Drush easily are :
    Download Drupal
    Download contrib modules
    Install Drupal
    Update Drupal and contrib module versions
    Run updatedb
    Clear the cache
    Run cron
    Run Drupal with a lightweight web server
    Import, export and merge configuration
   …

Catégories: Elsewhere

Benjamin Mako Hill: Welcome Back Poster

Planet Debian - jeu, 04/02/2016 - 07:25

My office door is on the second floor in front the major staircase in my building. I work with my door open so that my colleagues and my students know when I’m in. The only time I consider deviating from this policy is the first week of the quarter when I’m faced with a stream of students, usually lost on their way to class and that, embarrassingly, I am usually unable to help.

I made this poster so that these conversations can, in a way, continue even when I am not in the office.

 

Catégories: Elsewhere

Valuebound: Using the Content Type to manage content consistently

Planet Drupal - jeu, 04/02/2016 - 06:51

In previous blog post we have installed Drupal 8 on our system manually as well as using Drush. Drupal 8 Provides two built in content type Article and Basic page. We can use this to create pages. But most of time we need to either add fields to these content types or we just need to add new content type to organize the content better.

Probably the first change site builders will notice in Drupal 8 are the changes to content types and fields. The field changes affect not only content types, but any entity that can have fields e.g. taxonomy or user profile.

When we edit any content type,…

Catégories: Elsewhere

groups.drupal.org frontpage posts: DrupalCamp @ Stanford

Planet Drupal - jeu, 04/02/2016 - 04:48
Start:  2016-04-01 (All day) - 2016-04-02 (All day) America/Los_Angeles Event type:  User group meeting

https://drupalcamp.stanford.edu/

The Stanford Drupal Camp is a two-day event to discuss and learn about Drupal, an open-source content management system that powers thousands of websites at Stanford, and millions of websites beyond.

This year, the Stanford Drupal Camp emphasizes introductory sessions focused on content strategy as well as thought-provoking sessions for researchers in academia. Those new to Drupal and Content Strategy will be particularly interested in the events on Friday, whereas experienced Drupallers (yes, we spell it with two "L"s at Stanford) may be more interested in Saturday's program.

Catégories: Elsewhere

jmolivas.com: Drupal Console session proposal for DrupalCon New Orleans 2016

Planet Drupal - jeu, 04/02/2016 - 01:07
Drupal Console session proposal for DrupalCon New Orleans 2016

I am planning to propose a session for DrupalCon New Orleans about Drupal 8 development and Drupal Console and currently looking for session name ideas.

Session abstract text:

Drupal is infamous for his learning curve of drupalisms but Drupal 8 simplifies and standardize the development process, unfortunately this comes with a cost. Drupal 8 is more technically advanced compared to its predecessor and managing the increasing complexity of Drupal 8 could be a daunting task. 

The Drupal Console is a CLI tool that helps you manage that complexity allowing you to generate boilerplate code, interact and debug Drupal 8.

The Drupal Console has been designed to increase productivity making Drupal development and interaction efficient and enjoyable.

Come along as we explore this tool that will help you developing by taking advantage of the modern PHP practices introduced into Drupal 8.

jmolivas Thu, 02/04/2016 - 00:07
Catégories: Elsewhere

DrupalCon News: Staying for the Community: (More) Stories From Our Organizers

Planet Drupal - mer, 03/02/2016 - 21:18

Some of our very own DrupalCon Asia organizers are members of the Drupal Association. We spoke to them about why membership is so important to them, and their answers were so great we had to share. Continuing from a previous blog post, we'd like to invite you to read why they support the community and the Drupal project with us.

Catégories: Elsewhere

Drupal.org frontpage posts for the Drupal planet: Drupal 8.0.3 and 7.42 released

Planet Drupal - mer, 03/02/2016 - 20:16

Drupal 8.0.3 and Drupal 7.42, maintenance releases with numerous bug fixes (no security fixes), are now available for download.

See the Drupal 8.0.3 release notes and Drupal 7.42 release notes for full lists of included fixes.

Download Drupal 8.0.3
Download Drupal 7.42

Upgrading your existing Drupal 8 and 7 sites is recommended. There are no major nor non-backwards-compatible features in these releases. For more information about the Drupal 8.x release series, consult the Drupal 8 overview. More information on the Drupal 7.x release series can be found in the Drupal 7.0 release announcement.

Security information

We have a security announcement mailing list and a history of all security advisories, as well as an RSS feed with the most recent security advisories. We strongly advise Drupal administrators to sign up for the list.

Drupal 8 includes the built-in Update Manager module, which informs you about important updates to your modules and themes.

There are no security fixes in these releases of Drupal core.

Bug reports

Drupal 8.0.x and 7.x actively maintained, so more maintenance releases will be made available, according to our monthly release cycle.

Change log

Drupal 8.0.3 contains bug fixes and documentation and testing improvements only. The full list of changes between the last 8.0.x patch release and the 8.0.3 release can be found by reading the 8.0.3 release notes. A complete list of all changes in the stable 8.0.x branch can be found in the git commit log.

Drupal 7.42 contains bug fixes and minor new features. The full list of changes between the last 7.x patch release and the 7.42 release can be found by reading the 7.42 release notes. A complete list of all changes in the stable 7.x branch can be found in the git commit log.

Update notes

See the 8.0.3 release notes and 7.42 release notes for details on important changes in these releases.

Known issues

See the 8.0.3 release notes and 7.42 release notes for known issues.

Front page news: Planet DrupalDrupal version: Drupal 7.xDrupal 8.x
Catégories: Elsewhere

Chapter Three: How markup is safe in Drupal 8

Planet Drupal - mer, 03/02/2016 - 19:30

Nobody wants a website that can be hacked. Drupal has a great security track record and works hard to ensure that core and contributed modules are safe for everyone to use. One of the most common types of security issue is a cross-site scripting attack (XSS). In Drupal 8 we've made extensive changes to the theme system that reduce XSS vulnerabilities.



Catégories: Elsewhere

Pages

Subscribe to jfhovinne agrégateur