Web Design and Development
Drupal 8.0.4, Drupal 7.43, and Drupal 6.38, maintenance releases which contain fixes for security vulnerabilities, are now available for download.Download Drupal 8.0.4
Download Drupal 7.43
Download Drupal 6.38
Upgrading your existing Drupal 8, 7, and 6 sites is strongly recommended. There are no new features nor non-security-related bug fixes in these releases. For more information about the Drupal 8.0.x release series, consult the Drupal 8 overview. More information on the Drupal 7.x release series can be found in the Drupal 7.0 release announcement, and more information on the Drupal 6.x release series can be found in the Drupal 6.0 release announcement.Security information
We have a security announcement mailing list and a history of all security advisories, as well as an RSS feed with the most recent security advisories. We strongly advise Drupal administrators to sign up for the list.
Drupal 8 and 7 include the built-in Update Manager module, which informs you about important updates to your modules and themes. Drupal 6 has reached its end of life (EOL) and will not get further updates.Bug reports
Drupal 6 has reached its end of life (EOL), so it will not receive further bug fixes or official releases.Change log
Drupal 8.0.4, 7.43, and 6.38 were released in response to the discovery of security vulnerabilities. Details can be found in the official security advisories:
To fix the security problem, please upgrade to either Drupal 8.0.4, Drupal 7.43, or Drupal 6.38.Update notes Planet DrupalDrupal version: Drupal 6.xDrupal 7.xDrupal 8.x
Drupal.org, the home of the Drupal community, has grown organically for many years. At some point it grew so large that a clear decision making structure became a necessity. The Drupal Association staff was not in the place to provide it at that time: our entire technology team for Drupal.org, including all its sub-sites and services, consisted of only two people, myself and Neil Drumm—so we turned to community for help.
In the summer of 2013, the three Drupal.org Working Groups were announced. Governance committees, consisting of community members and staff, created to act as a collective 'product owner' for the website. In the following two and a half years, with their guidance and feedback, we implemented many new features, performed user research, developed content strategy, and drastically improved the infrastructure behind Drupal.org.
At the same time the Drupal Association staff kept growing. We hired our first full-time infrastructure staff member, brought in the CTO and customer service coordinator a few months later, then a developer and two more infrastructure team members. And finally, we hired a project manager, a web designer, and one more Drupal developer. Our communications team grew, too: over the last two years, the Drupal Association brought in a content strategist and a dedicated writer. Overall, our capacity increased and a lot of gaps in skills and experience were filled.
Having skilled staff working full-time on Drupal.org, we were finally able to provide product direction, set a roadmap, and execute on it. We adopted Scrum as our project management methodology, with a new sprint starting every two weeks. This encourages iteration and pivoting based on the situation, instead of working against a 'set in stone' year long plan. As our staffing situation changed, we started to realize that the valuable time of dedicated community volunteers can be spent more efficiently than making them sit in countless planning and update meetings with staff.
At the end of last year, the Drupal Association Board, with the input of several Working Group members, made a decision that it is time for staff to work on Drupal.org improvements directly with the community. This means that the Drupal.org Working Groups will transition into an advisory group, with former Drupal.org Working Groups members available as advisors to provide feedback and input on specific initiatives the team is working on, relevant to their own skills and expertise.
The only requirement the Board and Drupal.org Working Groups themselves put out before the transition could happen is this: they asked that the Association staff create a clear process for community members to be able to suggest items on the Drupal.org roadmap, and provide a path for those community members to volunteer to help with implementation. With the input from the Working Groups and the Board, we created such a process. It was
launched last week.
As we reach the end of an era, I'd like to personally thank each member who served at various times on Drupal.org Working Groups over the past three years. Your time, skills, and experience you shared with us has been invaluable.
Gerhard Killesreiter / killes
Narayan Newton / nnewton
Melissa Anderson / eliza411
Angela Byron / webchick
Kim Pepper / kim.pepper
George DeMet / gdemet
Jeff Eaton / eaton
Roy Scholten / yoroy
David Hernandez / davidhernandez
Cathy Theys / YesCT
Thank you! It's been a pleasure to share all those moments, conversations, ideas, debates, and workshops.
While the role of these wonderful people is shifting to a less formal advisory one, we will still be calling on their expertise and help as we continue our work on making Drupal.org a better place.
Image by Roy Scholten.
There has been a lot of discussion around the future of the Drupal front end both on Drupal.org (#2645250, #2645666, #2651660, #2655556) and on my blog posts about the future of decoupled Drupal, why a standard framework in core is a good idea, and the process of evaluating frameworks. These all relate to my concept of "progressive decoupling", in which some portions of the page are handed over to client-side logic after Drupal renders the initial page (not to be confused with "full decoupling").
My blog posts have drawn a variety of reactions. Members of the Drupal community, including Lewis Nyman, Théodore Biadala and Campbell Vertesi, have written blog posts with their opinions, as well as Ed Faulkner of the Ember community. Last but not least, in response to my last blog post, Google changed Angular 2's license from Apache to MIT for better compatibility with Drupal. I read all the posts and comments with great interest and wanted to thank everyone for all the feedback; the open discussion around this is nothing short of amazing. This is exactly what I hoped for: community members from around the world brainstorming about the proposal based on their experience, because only with the combined constructive criticism will we arrive at the best solution possible.
Improving Drupal's user experience is a topic near and dear to my heart. Drupal's user experience challenges led to my invitation to Mark Boulton to redesign Drupal 7, the creation of the Spark initiative to improve the authoring experience for Drupal 8, and continued support for usability-related initiatives. In fact, the impetus behind progressive decoupling and adopting a client-side framework is the need to improve Drupal's user experience.
To date, much of our UX improvements have been based on an iterative process, meaning it converges on a more refined end state by removing problems in the current state. However, we also require disruptive thinking, which is about introducing entirely new ideas, for true innovation to happen. It's essentially removing all constraints and imagining what an ideal result would look like.
I think we need to recognize that while some of the documented usability problems coming out of the Drupal 8 usability study can be addressed by making incremental changes to Drupal's user experience (e.g. our terminology), other well-known usability problems most likely require a more disruptive approach (e.g. our complex mental model). I also believe that we must acknowledge that disruptive improvements are possibly more impactful in keeping Drupal relevant and widening Drupal's adoption.
At this point, to get ahead and lead, I believe we have to do both. We have to iterate and disrupt.From inside-out to outside-in
Let's forget about Drupal for a second and observe the world around us. Think of all the web applications you use on a regular basis, and consider the interaction patterns you find in them. In popular applications like Slack, the user can perform any number of operations to edit preferences (such as color scheme) and modify content (such as in-place editing) without incurring a single full page refresh. Many elements of the page can be changed without the user's flow being interrupted. Another example is Trello, in which users can create new lists on the fly and then add cards to them without ever having to wait for a server response.
Contrast this with Drupal's approach, where any complex operation requires the user to have detailed prior knowledge about the system. In our current mental model, everything begins in the administration layer at the most granular level and requires an unmapped process of bottom-up assembly. A user has to make a content type, add fields, create some content, configure a view mode, build a view, and possibly make the view the front page. If each individual step is already this involved, consider how much more difficult it becomes to traverse them in the right order to finally see an end result. While very powerful, the problem is that Drupal's current model is "inside-out". This is why it would be disruptive to move Drupal towards an "outside-in" mental model. In this model, I should be able to start entering content, click anything on the page, seamlessly edit any aspect of its configuration in-place, and see the change take effect immediately.
Drupal 8's in-place editing feature is actually a good start at this; it enables the user to edit what they see without an interrupted workflow, with faster previews and without needing to find what thing it is before they can start editing.Making it real with content modeling
Eight years ago in 2007, I wrote about a database product called DabbleDB. I shared my belief that it was important to move CCK and Views into Drupal's core and learn from DabbleDB's integrated approach. DabbleDB was acquired by Twitter in 2010 but you can still find an eight-year-old demo video on YouTube. While the focus of DabbleDB is different, and the UX is obsolete, there is still a lot we can learn from it today: (1) it shows a more integrated experience between content creation, content modeling, and creating views of content, (2) it takes more of an outside-in approach, (3) it uses a lot less intimidating terminology while offering very powerful capabilities, and (4) it uses a lot of in-place editing. At a minimum, DabbleDB could give us some inspiration for what a better, integrated content modeling experience could look like, with the caveat that the UX should be as effortless as possible to match modern standards.
This sort of vision was not possible in 2007 when CCK was a contributed module for Drupal 6. It still wasn't possible in Drupal 7 when Views existed as a separate contributed module. But now that both CCK and Views are in Drupal 8 core, we can finally start to think about how we can more deeply integrate the two. This kind of integration would be nontrivial but could dramatically simplify Drupal's UX. This should be really exciting because so many people are attracted to Drupal exactly because of features like CCK and Views. Taking an integrated approach like DabbleDB, paired with a seamless and easy-to-use experience like Slack, Trello and Backand, is exactly the kind of disruptive thinking we should do.
We shouldn't limit ourselves to this one example, as there are a multitude of Drupal interfaces that could all benefit from both big and small changes. We all want to improve Drupal's user experience — and we have to. To do so, we have to constantly iterate and disrupt. I hope we can all collaborate on figuring out what that looks like.Drupal NewsDrupal version: Drupal 8.x
Look at our Roadmap highlighting how this work falls into our priorities set by the Drupal Association staff with the direction from the Board and collaboration with the community.Drupal.org Updates Following the Conversation
One of the most requested features from a wide swath of the community has been a better way to follow content on Drupal.org and receive email notifications. The issue queues have had this follow functionality for some time, but the implementation was quite specific to issues, and not easily extensible to the rest of the site.
Because of the volume of content on Drupal.org we have to be careful that our implementation will scale well. We now use a notification system based on the Message stack which functions much more generically and therefore can be applied to many content types on Drupal.org.
Follow functionality is now available for comments on Forum topics, Posts (like this one), Case Studies, and documentation Book Pages.
In the future we intend to extend this follow functionality to include notification of new revisions (for relevant content types, particularly documentation).Community Elections for the Board
Nominations for the position of At-Large Director from the community are now open. There are two of these positions on the board, each elected on alternating years. For this year's elections process we've made several small refinements:
- Candidates are now no longer required to display their real names on their candidate profile. We will now default to the Drupal.org username.
- Candidates do not have to provide a photo, we will default to a generic avatar.
- There is now an elections landing page with complete details about the elections process.
We encourage members of the community to nominate themselves!Drupal.org Enhancements
A number of smaller enhancements made it into the January sprints as well. One of the key ones was the ability to configure an arbitrary one-off test in the issue queues against a custom branch. This is a small step towards ensuring that the DrupalCI testing framework will support the wider testing matrix required for feature branching, so that Drupal can always be shippable.
We also spent some time in January reviewing the results of the documentation survey that was placed on all existing documentation pages on the site. This information is helping to inform the next big item on the roadmap - improved Documentation section on Drupal.org.
Finally, we've continued our battle against spam with the help of Technology Supporter, Distil Networks. We've seen some very promising results in initial trials to prevent spam account registrations from happening in the first place, and will continue to work on refining our integration.Sustaining support and maintenance DrupalCon New Orleans Full -Site Launched!
In January we also launched the full -site for DrupalCon New Orleans with registration and the call for papers. As part of this launch, Events.drupal.org now supports multiple, simultaneous event registrations with multiple currencies, payment processors, and invoice formats. This was a significant engineering lift, but has made Events.drupal.org even more robust.
DrupalCon New Orleans is happening from May 9-13th, and will be the first North American DrupalCon after the release of Drupal 8!DrupalCon Dublin
The next European DrupalCon will also be here before you know it, and we've been working with the local community and our designer to update the DrupalCon Dublin splash page with a new logo that we will carry through into the design for the full-site once that is ready to launch.Permissions for Elevated Users
In January we also focused on auditing the users with elevated privileges on Drupal.org, both to ensure that they had the permissions they needed, and to enforce our principle of least-access. Users at various levels of elevated privileges were contacted to see if they were still needed, and if not those privileged roles were removed.
The following privileges were also fixed or updated: webmasters can now view a user's' public ssh keys; content moderators can administer comments and block spam users without user profile editing privileges. We also fixed taxonomy vocabulary access and now both content moderators and webmasters have access to edit tags in various vocabularies such as Issue tags, giving more community members access to clean those up and fight duplicates or unused tags.Updates traffic now redirects to HTTPS
SSL is now the default for FTP traffic from Drupal.org and for Updates.drupal.org itself. This helps to enforce a best practice of using SSL wherever possible, and helps to address an oblique attack surface where a man-in-the-middle could potentially hijack an update for someone running their Drupal installation on an unprotected network (i.e. development environments on a personal laptop in a coffee shop).Devwww2 Recovery
Drupal.org pre-production environments were affected by some instability in January, particulary the devwww2 server. A combination of a hard restart due to losing a NIC on the machine and some file-system level optimizations in the database containers lead to corruption on the dev site databases. Drupal.org infrastructure engineers restored the system and recovered the critical dev sites, and while some instability continues the system has been recovering more cleanly as they work to resolve the issue permanently.
As always, we’d like to say thanks to all the volunteers who work with us, and to the Drupal Association Supporters, who made it possible for us to work on these projects.
Drupal 8.0.3 and Drupal 7.42, maintenance releases with numerous bug fixes (no security fixes), are now available for download.Download Drupal 8.0.3
Download Drupal 7.42
Upgrading your existing Drupal 8 and 7 sites is recommended. There are no major nor non-backwards-compatible features in these releases. For more information about the Drupal 8.x release series, consult the Drupal 8 overview. More information on the Drupal 7.x release series can be found in the Drupal 7.0 release announcement.Security information
We have a security announcement mailing list and a history of all security advisories, as well as an RSS feed with the most recent security advisories. We strongly advise Drupal administrators to sign up for the list.
Drupal 8 includes the built-in Update Manager module, which informs you about important updates to your modules and themes.
There are no security fixes in these releases of Drupal core.Bug reports
Drupal 8.0.x and 7.x actively maintained, so more maintenance releases will be made available, according to our monthly release cycle.Change log
Drupal 8.0.3 contains bug fixes and documentation and testing improvements only. The full list of changes between the last 8.0.x patch release and the 8.0.3 release can be found by reading the 8.0.3 release notes. A complete list of all changes in the stable 8.0.x branch can be found in the git commit log.
Drupal 7.42 contains bug fixes and minor new features. The full list of changes between the last 7.x patch release and the 7.42 release can be found by reading the 7.42 release notes. A complete list of all changes in the stable 7.x branch can be found in the git commit log.Update notes Planet DrupalDrupal version: Drupal 7.xDrupal 8.x
One of the most important lessons of 2015 for the Engineering Team here at the Drupal Association is that we need better ways to engage with you, the community. We realized we need better tools and ways to communicate with you about our current priorities, how you can influence those priorities, and how you can help make Drupal.org and the Drupal project better than ever.
All of the work we do stems from the mission of the Drupal Association. It's our duty and responsibility to unite a global open source community to build and promote Drupal. As the home of that community, and the codebase, Drupal.org is perhaps the most critical piece of that mission, and at the most basic level all of the initiatives we prioritize must support that goal.
As part of reviewing our work in 2015, and in the interests of being transparent with the Drupal Community, we revamped the Drupal.org Roadmap. As you can see, we chose to focus on the few, most important initiatives that we have the capacity to execute on in the near term. We're also including upcoming initiatives that we will move into as the active work is completed, but not as many as we had previously displayed. An important lesson of the past year is that we have to be Agile on the macro scale as well as on the micro. The needs of the community can change rapidly and we need to be able to respond.Current
These are the initiatives the Drupal Association technology staff is focused on now.Issues 1. #2551607: [meta] Path forward for Composer support 2. #2533684: Create 'Documentation' Section 3. Update content style guide 4. Create Bluecheese pattern library 5. #2559711: [meta] Drupal.org (websites/infra) blockers to Drupal 8.0.0, 8.1.0, etc. 6. Make ads served through DfP contextual Planned
These are the initiatives the Association will work on once the Current initiatives are completed. The order of these initiatives may change.Issues 1. #1487662: Create 'Develop with Drupal' Section 2. #2533804: Create 'Support' Section 3. #1288470: Create 'Community' Section 4. #1414988: Create 'Contribute' Section
We've also added some new iconography to indicate where some of these initiatives come from.
Initiatives with the tools ( ) icon represent essential support and maintenance work. This can mean paying down technical debt in the Drupal.org codebase, performing server maintenance, or implementing cost saving measures to help fund the rest of our mission driven work.
Initiatives with the community ( ) icon represent initiatives that were directly proposed by members of the community and/or are being supported by volunteer work from the community.Don't all the initiatives come from the community?
Yes, all of our priorities come from the needs of the community - but the community is a loose collective of many different groups of people with many different needs and priorities.
The needs of Drupal newcomers are vastly different from those of the Drupal Core Maintainers. The needs of our documentation editors are different from the needs of those providing support on the forums. And all of these needs must cohere with a larger product and design vision for Drupal.org to make this home of the community a cohesive, efficient, and beautiful place to be.
The Drupal Association Engineering Team can be thought of as the maintainers for Drupal.org and the sub-sites. It's our duty to synthesize these diverse needs and to prioritize the major initiatives that will have the highest impact for the community. It's also our job to make the architectural decisions for Drupal.org to ensure that every aspect of the site is functional/useable, consistent, and maintainable.
Most of our priorities, therefore, we set ourselves by bringing all of these factors together and doing the best we can to have the biggest impact, not just on the most vocal parts of the community, but also on those parts that are sometimes siloed or overlooked.
All that said, the community is absolutely a vital part of creating our initiatives. The maintainers for any other project on Drupal.org do not act alone - they accept feedback and contributions from other contributors, while at the same time making key architectural decisions, reviewing patches, and ultimately deploying that work in the form of new releases. We do the same with our initiatives.Community Volunteers and Community Initiatives
There are two ways that members of the community can have a direct influence on the Roadmap for Drupal.org. These methods have existed informally in the past, but in 2016 we'd like to beta test some new ideas to make these processes more formal, consistent, and transparent.
The first way is simply to volunteer your expertise to help with one of the existing initiatives we already have prioritized, or even to offer your expertise without a particular contribution in mind. There is a strong record of community volunteers helping to improve Drupal.org, just a few examples from the last year include: u/mlhess and u/nnewton helping with infrastructure; to u/michelle helping to clean up spam; to u/dddave and others in the webmasters queue; or u/mshmsh5000 who helped with Drupal Jobs feature development.
If you have expertise (and not just in code!) and are ready for guidance from the Drupal Association engineering team as to how you can help, you can offer your assistance as a volunteer.
I should also note - we strongly encourage most volunteers to first consider giving back to the Drupal project itself, but we are certainly happy for help with Drupal.org
The second way to influence the Drupal.org roadmap is to develop a community initiative. If you (and perhaps a small team of others in the community) have some expertise in a particular area, and have a particular initiative in mind that you would like to work on, you can propose a community initiative.
Community initiatives come in all shapes in sizes: from documentation audits with the help of u/dead_arm; to adding two factor authentication to Drupal.org with u/coltrane; to a much larger task like building and deploying DrupalCI with the help of u/jthorson, u/nickscuch, u/ricardoamaro, u/bastianwidmer and several others. Some initiatives affect a subset of the community, project maintainers, for example, whereas others may affect almost every user.Why this new process?
The hard lesson we've learned over the course of the past year is that we need to be involved early. Even in cases where the community volunteers driving an initiative forward are experts in their area - if Association staff are not involved early in the architectural and planning decisions then what should be a positive, collaborative effort is often slowed down by architectural refactoring and design decision backtracks. That is not fun for anybody, and our immense respect for our community collaborators requires that we set them up for success by getting involved early.
As such, our new community initiatives process has several steps:
- Community members plan their contribution in an issue, and identify who (if anyone) is able to volunteer some time to make the contribution.
- The community members propose their initiative to the Association - so that we can evaluate it for inclusion on our roadmap. This may include a call with the community members proposing the initiative to talk it through in greater detail.
- Association staff evaluate the initiative: prioritize it into the roadmap, postpone it, or--if necessary-- reject initiatives that are not a good fit.
- Prioritized community initiatives are rolled into the larger Drupal.org roadmap, and monthly or bi-monthly community initiative meetings are scheduled to ensure the work moves forward.
- A liaison from the Association engineering team is assigned, to help coordinate architectural decisions, to provide support and access as needed, and to coordinate with the larger team when it is time for the work to be reviewed.
This process is time intensive - and so in general we expect to be able to run only one or maybe two community initiatives at a time, in parallel with our other work. We realize this may be frustrating, but the last year has shown that our most successful initiatives required this close coordination.This process is new, and will evolve
Finding a good process for working closely with such a diverse and passionate community is not easy—and we aren't assuming that this new process will be perfect. We're going to trial this new community initiative process in 2016 with the goal of increasing the transparency of how we prioritize our work, and how the community can help us build a better Drupal.org. We are committed to making this process better.
It’s a great time to be part of the Drupal Association. We’ve done some amazing work in the last few years, and we’re in a great position to work with the community to continue to improve and grow fully into our mission. As a Drupal Association At-Large Director, you’d be in the center of the action. The At-large Director position is specifically designed to ensure community representation on the Drupal Association board and we strongly encourage anyone with an interest to nominate themselves today.Nominate Yourself Today
The Board of Directors of the Drupal Association are responsible for financial oversight and setting the strategic direction of the Drupal Association. New board members will contribute to the strategic direction of the Drupal Association. Board members are advised of, but not responsible for matters related to the day to day operations of the Drupal Association, including program execution, staffing, etc. You can learn more about what’s expected of a board member in this post and presentation.
Directors are expected to contribute around five hours per month and attend two in-person meetings per year (financial assistance is available if required). All board members agree to meet the minimum requirements documented in the board member agreement.
Today we are opening the self-nomination form that allows you to throw your hat in the ring. We're looking to elect one candidate this year to serve a two-year term.How to Nominate Yourself
To nominate yourself, you should be prepared to answer a few questions:
- About Me: Tell us about yourself! Your background, how you got into Drupal, etc.
- Motivation: Why are you applying for a board position? What initiatives do you hope to help drive, or what perspectives are you going to try and represent?
- Experience: What Drupal community contributions have you taken part in (code, camps, etc.)? Do you have experience in financial oversight, developing business strategies, or organization governance?
- Availability: I am able to travel to three in-person board meetings per year (either self-funded, or with financial sponsorship)
- IRC Handle
- Twitter Handle
We've also made a few changes to the process based on community feedback from the 2015 election:
- We now display your username, not your given name, on your candidate profile to address privacy concerns that had been raised. Nominees should note that given names are required on legal documentation such as our 990 IRS filings, but we will do our best to preserve your privacy where we can.
- Updated sidebar block has more information about the elections, making it easier to the information you need.
- When you nominate yourself we will ask if you would like to opt-in to share your election results data. Last year was the first time we published full results from the vote data. Candidates that opt-in will have their name displayed next to their vote counts, as in this example from 2015.
We will also need to know that you are available for the next step in the process, meet the candidate sessions. We are hosting 3 sessions:Meet the Candidate Web Conferences:
Tue 23 Feb 2016 at 16:00 UTC
- 7 AM PST Tue 23 Feb, US and Canada
- 10 AM EST Tue 23 Feb, US and Canada
- 1 PM Tue 23 Feb, Sao Paulo Brasil
- 3 PM Tue 23 Feb, London
- 11 PM Tue 23 Feb, Beijing
Wed 24 Feb 2016 at 21:00 UTC
- 12 PM PST Wed 24 Feb, US and Canada
- 3 PM EST Wed 24 Feb, US and Canada
- 5 PM Wed 24 Feb, Sao Paulo Brasil
- 8 PM Wed 24 Feb, London
- 4 AM Thu 26 Feb, Beijing
- 7 AM Thu 26 Feb, Sydney Australia
Thu 25 Feb 2016 at 01:00 UTC
- 4:00 PM PST Thu 25 Feb, US and Canada
- 7:00 PM EST Thu 25 Feb, US and Canada
- 9:00 PM Thu 25 Feb, Sau Paulo Brasil
- 12:00 AM Fri 26 Feb, London
- 8:00 AM Fri 26 Feb, Beijing
- 11:00 AM Fri 26 Feb, Sydney Australia
The nomination form will be open February 1, 2015 through February 20, 2015 at midnight UTC. For a thorough review of the process, please see our announcement blog post.
If you have any questions, please contact Holly Ross, Drupal Association Executive Director. For the sake of keeping conversational threads in one place, the comments on this news item have been closed. Please comment on the original post on the Drupal Association website.
Flickr photo: Clyde RobinsonFront page news: Drupal News
Without a doubt, 2015 was one of the Drupal community's best years. We continued to grow and change from being on an island to more of a peninsula. We also released the best Drupal version ever.
If you look back at our predictions for 2015, the Drupal 8 release was one of the most predicted events for the year. Now the question is: what we will be doing in 2016?
Will we have a decoupled Drupal? Will Drupal 9 be released? Will we see a "Drupal 6 Legacy Support" program? It is that time of year when you—yes, you—can predict the future of Drupal; take a look at your crystal ball and describe what you see. Share your deepest thoughts on what will happen for us as a community, what will happen to our code, and the difference our work might make.
On December 29, 2000, I made a code commit that would change my life; it is in this commit that I called my project "Drupal" and added the GPL license to it.
The commit where I dubbed my website project "Drupal" and added the GPL license.
A couple weeks later, on January 15, 2001, exactly 15 years ago from today, I released Drupal 1.0.0 into the world. The early decisions to open-source Drupal and use the GPL license set the cornerstone principles for how our community shares with one another and builds upon each other's achievements to this day.
Drupal is now 15 years old. In internet terms, that is an eternity. In 2001, only 7 percent of the world's population had internet access. The mobile internet had not entered the picture, less than 50% of the people in the United States had a mobile phone, and AT&T had just introduced text messaging. People searched the web with Lycos, Infoseek, AltaVista and Hot Bot. Google -- launched in 1998 as a Stanford University research project -- was still a small, private company just beginning its rise to prominence. Google AdWords, now a $65 billion business, had less than 500 customers when Drupal launched. Chrome, Firefox, and Safari didn't exist yet; most people used Netscape, Opera or Internet Explorer. New ideas for sharing and exchanging content such as "public diaries" and RSS had yet to gain widespread acceptance and Drupal was among the first to support those. Wikipedia was launched on the same day as Drupal and sparked the rise of user-generated content. Facebook and Twitter didn't exist until 4-5 years later. Proprietary software vendors started to feel threathened by open source; most didn't understand how a world-class operating system could coalesce out of part-time hacking by several thousand developers around the world.
Looking back, Drupal has not only survived massive changes in our industry; it has also helped drive them. Over the past decade and a half, I've seen many content management systems emerge and become obsolete: Vignette, Interwoven, PHP-Nuke, and Scoop were all popular at some point in the past but Drupal has outlived them all. A big reason is from the very beginning we have been about constant evolution and reinvention, painful as it is.
Keeping up with the pace of the web is a funny thing. Sometimes you'll look back on choices made years ago and think, "Well, I'm glad that was the right decision!". For example, Drupal introduced "hooks" and "modules" early on, concepts that are commonplace in today's platforms. At some point, you could even find some of my code in WordPress, which Matt Mullenweg started in 2003 with some inspiration from Drupal. Another fortuitous early decision was to focus Drupal on the concept of "nodes" rather than "pages". It wasn't until 10 years later with the rise of mobile that we started to see the web revolve less and less around pages. A node-based approach makes it possible to reuse content in different ways for different devices. In a way, much of the industry is still catching up to that vision. Even though the web is a living, breathing thing, there is a lot of things that we got right.
In the end, I feel fortunate that our community is willing to experiment and break things to stay relevant. Most recently, with the release of Drupal 8, we've made many big changes that will fuel Drupal's continued adoption. I believe we got a lot of things right in Drupal 8 and that we are on the brink of another new and bright era for Drupal.
I've undergone a lot of personal reinvention over the past 15 years too. In the early days, I spent all my time writing code and building Drupal.org. I quickly learned that a successful open source project requires much more than writing code. As Drupal started to grow, I found myself an "accidental leader" and worried about our culture, scaling the project, attracting a strong team of contributors, focusing more and more on Drupal's end-users, growing the commercial ecosystem around Drupal, starting the Drupal Association, and providing vision. Today, I wear a lot of different hats: manager of people and projects, evangelist, fundraiser, sponsor, public speaker, and BDFL. At times, it is difficult and overwhelming, but I would not want it any other way. I want to continue to push Drupal to reach new heights and new goals.
Today we risk losing much of the privacy, serendipity and freedom of the web we know. As the web evolves from a luxury to a basic human right, it's important that we treat it that way. To increase our impact, we have to continue to make Drupal easier to use. I'd love to help build a world where people's privacy is safe and Drupal is more approachable. And as the pace of innovation continues to accelerate, we have to think even more about how to scale the project, remain agile and encourage experimentation. I think about these issues a lot, and am fortunate enough to work with some of the smartest people I know to build the best possible version of the web.
So, here is to another 15 years of evolution, reinvention, and continued growth. No one knows what the web will look like 15 years in the future, but we'll keep doing our best to guide Drupal responsibly.Drupal News
There’s been a lot of positive feedback and a few questions about the recent changes to the marketplace. I want to take a minute and talk about how the marketplace made it to where it is now and mention some plans for the future of the marketplace on Drupal.org.TL;DR
This is a long post. You may not way to read the whole thing, so here is a condensed version.
We want to highlight individuals and organizations that are actively contributing to Drupal. You can now attribute your work in the Drupal.org issue queues to your employer or a customer. Maintainers can award issues credits to people who help resolve issues with code, comments, design, and more. These credits can roll up to service providers listed in the Drupal Marketplace. (And eventually we want to show customers with credits as well.)
Want to know all the details? Read on.A little history
Back at DrupalCon Austin (2014), Dries presented a sketch of an idea for highlighting organizational contributions to Drupal to myself and several business owners in the Drupal community. Later that week, those initial ideas turned into A method for giving credit to organizations that contribute code to Open Source.
The idea was to use commit messages to highlight organizational contribution. The first draft looked something like this:
$ git commit -am "Issue #n by INDIVIDUAL@AGENCY*CUSTOMER: message."
It was simple and intended to be parsable from our Git logs. However, contribution is about more than just code—and while code contributions are a good place to start, we also needed to ensure that tools for providing attribution and credit would be extensible to non-code contributions as well.
That initial conversation turned into an issue that spawned lots of child issues and ideas for how best to collect data that allowed a user on Drupal.org to attribute their work to an organization.
The resulting conversations didn’t have a simple solution, but the participation in these issues was lively and full of great ideas. Determining the format for commit credit is still an active issue.
A commit credit format alone was not going to get the information onto Drupal.org. Eventually, we settled on a couple of different solutions for tracking organization involvement and pulled all of this together into the current state of the Drupal.org Marketplace.Organizations that support modules, themes, and distributions
First, we added a feature to projects on Drupal.org (modules, themes, distributions) that allowed maintainers to reference organizations that were supporting a module—either by providing time to their developers to give back or by directly funding development.Commit credit user interface
The next part of the work was giving maintainers a better way to create their commit message related to a particular issue. A lot of the complexity of deciding who should get credit for work on Drupal.org was simplified into a UI that showed how many people had participated in an issue, how much each person had participated, and whether that person had uploaded files related to the issue. The UI also generated the Git command that would properly tie the resulting code changes to the issue and people involved. The result for a relatively large issue thread looks like the image below:Attribution
While that effort made it a lot easier to create commit credits, it didn’t solve the problem of attributing issues that didn’t result in code change, nor did it allow people to give credit to the organizations that made it possible for them to work on that issue—by giving them time or by paying for the work directly as a customer.
To do that we had to figure out a way to add organization attribution to the work being done on an issue.
Issues and comments are the primary tools for tracking what needs to be built out in Drupal code. This is where we determine the features, report the bugs, plan out the work, and more. Tracking intent at the point of this interaction was the best way for us to cover the widest range of contribution to Drupal core, modules, themes and distributions.
The resulting UI for attributing a comment to an organization is simple and straightforward.
While the instructions for attributing a contribution are documented, there’s still some confusion about when to attribute a comment to an organization versus a customer.Attributions for organizations
These attributions are to allow a person to attribute their participation in a specific issue to a company that allotted time for them to work on the issue. This is typically an employer that pays that person's salary or wage. This organization must be directly tied to the contributor's user profile on Drupal.org as a current or past employer and the organization must have an organization profile on Drupal.org. (Create an organization profile).
When you use this feature, you are highlighting an organization that is contributing code—or other improvements through the issue queues—to the community.Attributions for customers
When you attribute a customer, you are essentially saying that the work was requested by that customer but you are not employed by them. Typically this means one of three possibilities:
- The customer organization paid the contributor's employer
- The customer organization paid the contributor directly
- The contributor was volunteering for the customer organization
You can select any organization as a customer that has an organization profile on Drupal.org.
When you use the customer attribution, you’re highlighting a different way of contributing to the Drupal ecosystem and often showing relationships between organizations to solve a problem.Marking a comment with "I'm a volunteer"
Making it possible to attribute organizations who have supported contribution also helps us to gather data on purely altruistic contributions. We went round and round on this attribution feature, but in the end, we decided to add “I’m a volunteer” as an explicit attribution option in the attribution UI. It’s deliberately not the default. This is because we want to collect the explicit intent of the users making attributions. While we are now collecting this data, we haven’t yet figured out a great way to show this intent on a contributor's profile.
Possible intent on a comment could include:
- I contributed on my own time as a volunteer and community member.
- On this issue, some of my time was paid for by an employer, but some of my time was my own.
- I contributed this work as a volunteer for one or more customer organizations.
The intent of volunteerism is complex, which is why it is hard to add up into neat little data to show on a profile.
Regardless whether they mark "I'm a volunteer" or not, contributors can still be awarded issue credit by a maintainer for their work on an issue.Attribution versus issue credit versus commit credit, what's the difference?
Attribution is the first step of the process to award an issue credit. The contributor attributes their work to one or more organizations and/or as a volunteer. The next step doesn't come until the maintainer of the project (Drupal core, module, theme, distribution) gets involved in the process.Issue credits
Project maintainers may grant issue credits for issues opened against their projects. At any time during the life of the issue, a maintainer can update the credit UI to credit any of the users who have participated in the issue. Any organizations or customers attributed by those users will be credited as well. When the issue is closed fixed, those assigned credits will appear on the appropriate user and organization profiles.
Issue credits are more comprehensive than just code. They can include reviews, designs, prototypes, or just really helpful comments. The maintainer choses what they want to credit even if the issue does not have code associated with it in the form of a patch. This is a great way to help highlight contributions to policy and work to keep Drupal.org running well.Commit credits
Maintainers can grant commit credits. A commit credit gets added to the Git commit message that accompanies a commit by a maintainer of a project on Drupal.org (Drupal Core, modules, themes, distributions, etc.). Sites like drupalcores.com track this information in the public changelog and use it to highlight contribution numbers based on the number of times a user is mentioned in a commit message.
Commit credits currently can’t be easily tied to organizations, the parsing would be cumbersome and require a lot of precision when maintainers entered the information into Git, which is a big reason why we needed a UI on Drupal.org to help make all the connections and store that information into a database for easy retrieval.Showing contributions on Drupal.org
Right now, there are three ways that contributions show up on Drupal.org: the user profile, the organization profile, and the marketplace. (We have some ideas to expand this that I will detail below.)User profiles
Do you log in to Drupal.org? Great! You have a profile.
On every user profile, we show the total number of issues that a contributor has helped fix in the past 90 days.
You can drill into this information and see the specifics. This is a good way to see a facet of how a person is contributing to Drupal. There are other examples on a user's profile that show other ways they are involved.Organization profiles
Any confirmed user can create an organization page on Drupal.org. Organization profiles are currently related to a single user, but we have plans to roll out additional permissions to relate multiple users to an organization.
On the organization profile, we show the number of issues that an organization has contributed to fixing in the last 90 days.
Organization profiles also show a list of modules that have been supported by that organization, whether that organization is a Drupal Association member or Supporting Partner, and additional self-reported information about their involvement in the Drupal community.
We are currently working to automate more methods for collecting data about how organizations are contributing to the community through DrupalCon and Drupal Camp sponsorships as well as hosting user groups to help support meetups, and giving to Global Training Day events. The number of case studies associated with an organization is another indicator of how much they use Drupal and how they are helping get others to use Drupal by sharing their success stories.Marketplace
We recently rolled out some changes to how the Drupal.org Marketplace is ordered in order to better highlight contributing organizations.
Currently, the marketplace is sorted by number of issue credits awarded to an organization in the last 90 days, then whether the organization is a supporter, then by alphabetical order.
Every organization on the marketplace shows counts of its users on Drupal.org, projects (modules, themes, distributions, etc.) supported, issue credits in the last 90 days, and case studies. We also highlight organizations that are funding the ongoing support and development of Drupal.org by being in our supporting partner programs.Questions we have heard
While most people have been excited about the changes to the Marketplace, there have been several questions.Why is it only Drupal Service providers?
The marketplace was originally created to highlight Drupal service providers that are active in the Drupal community.
A "Contributing Organizations" list is the next step to expand the types of organizations we highlight. There are community members that are already working to highlight customers using Drupal that contribute back, community volunteers, and volunteers that are working for organizations that rely on volunteerism (many camps fall into this category).
These are great ideas. Contributing to those issues is a great way to help us figure out the best way forward.What about "x" contribution type?
Yes, there are many ways that organizations contribute. We are definitely hoping to add in contributions that we can objectively verify. There are so many great things that organizations can do to support Drupal, both the local and worldwide community, and Drupal.org, including:
- Sponsor a DrupalCon
- Help plan a DrupalCon
- Sponsor, organize, or host a Drupal Camp
- Host a Global Training Days event
- Host a local user group/meetup
- Post a case study of a successful Drupal project
- Contribute helpful content to Drupal Planet
There are many other phenomenal ways organizations give back. If you know of one that has objective data that can be added to the algorithm we use to highlight organizations, let us know by creating an issue in theDrupal.org Customizations queue.Why is it so hard to create an organization profile?
We definitely want to improve this process. There are over 650 organization profiles on Drupal.org, so we know that people have figured it out, but it could be much more intuitive.
We have also had a several requests to add permissions to organization profiles so that multiple people can be editors of those profiles and help administer who is allowed to be associated with the organization. Our current method of tying users to organization by using an exact text match is a bit clunky. (If you want your organization to list you as an employee, you must exactly enter the title of the organization as it appears on the organization profile and list that organization as "current".)What about more tools for individual contributions?
We have so many thoughts on how to improve the way we highlight individuals on their profile. We already show issue credits, documentation edits, commits, and lots of self-reported information. There is a lot of objective data to pull from including DrupalCon attendance, whether they have been a speaker at a DrupalCon, translation strings submitted to localize.drupal.org, Drupal Association membership, modules maintained, and many more.
Engagement with the community involves a lot of factors and we want to highlight as many as possible while still making the user profile useful and relatively succinct.Help us make Drupal.org better
In addition to the questions that have come up above, we want your feedback to keep improving the user experience on Drupal.org and make it easier to hightlight the companies that are doing so much to make Drupal the leading platform for the web and the individuals that provide their expertise and commitment to the community. Drop your ideas into the Drupal.org Customizations queue.Front page news: Drupal News