Articles tagged with "contributing"

Over the last year or so, I've got quite engaged with Drupal slack. I've loitered in channels like #d9readiness and #config, discussed issues with members of the security team, and asked questions to module maintainers (and received answers!). But most of all, I've helped people out in the #support channel. This has been an interesting experience in many ways, so I thought I'd share my reflections. The Drupal slack workspace is intended for the community, so if you're reading this - it's probably for you too. Hopefully my thoughts might help prepare you to use it as an effective tool.

Ultimately, I've got...

So we challenged ourselves to contribute back to the Drupal community this year. How are we doing? Here's a simple update on what each of us has done so far. Hopefully we'll see other ComputerMinds team members join this list by the end of the year.

We've been busy recently, but that doesn't stop us at ComputerMinds contributing back to the Drupal community! For our latest multilingual website, we needed an XML sitemap with alternate links and hreflang attributes. This site uses separate domains for each language - for example, www.example.se (??) and www.example.no (??). Search engines need these alternate links to help them understand how to match up each translation of a page, which are distributed across these different domains. But this site is built on our existing Drupal 7 e-commerce platform that uses the XML sitemap project, which has no support for alternate links (nor entity translation...

In case you're not aware, this year a bunch of us at CM are taking on a Drupal contribution challenge. Do go read about it! I managed to squeeze in this contribution BEFORE the challenge started ? What a way to start the year! We have a site that uses a large number of features to manage a large number of taxonomies, and I was tasked with rabbit-holing them all. That is, to make sure that if a user tries to visit any of their term pages, they just get a 404 page. Rabbit Hole is the answer, and lets...

We love making great websites, standing on the shoulders of the giants that have gone before us to make Drupal what it is today. Thousands of working hours from fantastic people around the world have gone into producing this digital experience platform. Many of those gave voluntarily for free, while many were directed by paying customers who gave back so the rest of us could benefit. Everyone stands to gain when innovation, graft and capacity are pooled together. All that functionality in your Drupal site has been written by a real person at some point, who considered it worth sharing...

Do you want to reach more markets and people? Do you want to tailor your content for clients from a range of locations around the world, without having to manage every single translation? Then the Language Hierarchy project could be for you! I wrote a while ago about how this module gives editors more power and flexibility without the extra effort that can come with each translation added to a site. Now Drupal 8 sites can use the project with confidence, as I produced its first stable release candidate for Drupal 8 last month! 

Thank you to all those that contributed...

Last night saw the popular EU Cookie Compliance module fall from grace, as the Drupal community discovered that numerous inputs in the admin form were not being sanitised. To me, this shows some serious failings in how our community is handling security awareness. Let's do some fixing :)

1) We need to make this OBVIOUS, with clear examples

One of the most important things when trying to get people to write secure code is making them aware of the issues. We need Drupalers of all levels of experience to know and understand the risks posed by unsanitised input, where...

After reading this from Ars Technica, which describes how a developer offered to 'help' the maintainer of an NPM module - and then slowly introduced malicious code to it - I can't help but wonder if the Drupal community is vulnerable to the exact same issue. Let's discuss!

Please, don't touch my package

NPM modules have been hacked at before, and it's not pretty when it happens. Because of the way we use packages, it's a lot easier for nasty code to get sucked in to a LOT of applications before anyone notices. Attacks on the code 'supply chain', therefore...

So at DrupalCon Austin I had a great time at the contribution sprints. I worked on some issues affecting Drupal.org, it was great fun! The issues we worked on over the week range from simple things through to some pretty difficult issues. Although Drupal core can always use more contributors, I would suggest that Drupal.org is also desperately short of contributors too. One of the issues I worked on related to the tracker page for individual users, the bug-fix was already written, but we needed to write a test. Also, note that this issue was for Drupal core, not specific...