Upgrade Your Drupal Skills

We trained 1,000+ Drupal Developers over the last decade.

See Advanced Courses NAH, I know Enough
Jan 15 2020
Jan 15

Read our Roadmap to understand how this work falls into priorities set by the Drupal Association with direction and collaboration from the Board and community.

Project News

Get Ready for Drupal 9

The next minor release of Drupal will be 8.9 - to be released simultaneously with Drupal 9.0. The first target window for the release is this coming June, so now is the best time to get ready for the release.

As it turns out, many contributed or even custom modules only need a one-line change to be ready for Drupal 9. Check yours using: the upgrade status module, or the Drupal Check command line tool.

DrupalCon Minneapolis 2020

DrupalCon MinneapolisSpeaking of Drupal 9, DrupalCon Minneapolis is coming up from May 18-20. We expect their to be a large amount of programming and contribution focused on the upcoming release of Drupal 9. Minneapolis will be a great opportunity to get help with checking your module compatibility, or to find someone who can help you get your Drupal 7 or 8 site ready for the upgrade. Get your tickets now, before prices go up!

DrupalCon Europe 2020

Did you hear the news? DrupalCon Europe 2020 has been announced - and DrupalCon is coming back to Barcelona from Sep 14-17th.

Our partnership with Kuoni Congress continues, and we're excited to join you in beautiful Spain to celebrate Drupal 9 together.

Kuoni Congress

Mark your calendars, and bookmark the site - more info coming soon!

Drupal.org Update

Have you unwrapped automatic updates yet?

In November we finished the primary engineering work to support Phase 1 of the Automatic Updates initiative. In December we completed validation and testing, and launched the first stable release of the Automatic Updates module.

In its current form, Automatic Updates is available as a contributed module for both Drupal 7 and Drupal 8. After installing the module you'll be able to take advantage of three new features: 

  • When the Drupal Security Team identifies a critical release, they'll be able to publish a PSA that will be directly displayed in your admin interface. 
  • The module will run automated readiness checks to make sure your site is ready for the update, or to let you know if there are errors you need to fix.
  • The module will automatically apply Drupal core updates. 

What about automatic updates for contributed modules and composer dependencies?

The next phase of work on the Automatic Updates initiative is to support updates for contributed modules, and for sites managing Composer dependencies.

This is where we need your help! We're looking for organizational sponsors to help move this work forward. If you're interested in helping us move the initiative into the next phase, please contact the Association.

We want to thank: The European Commission, Acquia, Tag1, Mtech, and Pantheon for their support of Phase 1.

Expanding Drupal Solution content with Feature pages

About two years ago we decided to start featuring Drupal Solutions on Drupal.org. These Solutions are examples of Drupal being used in the real world in specific use cases. Our first series of this content was the Drupal Industry pages, highlighting the power for Drupal in specific industry verticals.

In December, we've just launched our next set of content, this time focusing on specific features of Drupal that set it apart from the competition. These Feature pages talk about the specific Drupal Solutions that are built around key features of the software.

Updating our packaging pipeline

Do you know what goes into a packaged release of Drupal? It's not just a git clone - and as of Drupal 8.8.0 the package you download from Drupal.org also includes Composer scaffold files.  As Drupal evolves, the way we deliver the software to users has to evolve along with it.

To support the increasingly sophisticated packaging process for Drupal, we started work on overhauling our packaging pipeline for Drupal releases. This work continues into January.

Preparing for contrib Semver

As part of Drupal 9's release we are working to migrate all of the projects on Drupal.org to properly use semantic versioning. Right now, contributed modules typically use a version format like: 7.x-1.6 or 8.x-1.7. The first part of this is just the platform version (D7 vs. D8), and the second part is the Major version and the Patch version.

We'll be migrating this version schema so that the current Major version remains the Major version, the current Patch version becomes the Minor version, and we'll add the ability to define new patch versions.

This enables several improvements. Firstly, contrib maintainers can now follow backwards compatibility policies similar to core, i.e: Major versions with backwards compatibility breaking changes, minor version with new features, and patch versions for bug fixes and security releases.  Secondly, because contributed modules can now be compatible with both Drupal 8 and Drupal 9, contrib semver will be an important part of keeping version management sane.

We've made some initial progress in that direction, and have a roadmap for completing this support.


As always, we’d like to say thanks to all the volunteers who work with us, and to the Drupal Association Supporters, who make it possible for us to work on these projects. In particular, we want to thank:

If you would like to support our work as an individual or an organization, consider becoming a member of the Drupal Association.

Follow us on Twitter for regular updates: @drupal_org, @drupal_infra

Skip hooks during a Drupal 8 migration

Jan 15 2020
Jan 15

What is digital accessibility?

Jan 15 2020
Jan 15
Jan 15 2020
Jan 15

The word accessibility is used to describe whether something can be used by everyone, regardless of ability. Digital accessibility is referring to websites and apps ensuring that people with disabilities (permanent, temporary or situational) find them easy to use. 

At least 15% of the world’s population - one billion people - have a recognised disability. There are many ways in which a person’s disability may affect the way they perceive information online, and how they navigate within pages. 

The World Wide Web Consortium (W3C) is the main international standards organisation for the Web. One of the standards created by the W3C is the Web Content Accessibility Guidelines (WCAG). Now in version 2.1, WCAG is a set of recommendations for making Web content more accessible. 

Why is it important?

As the W3C state:

“Businesses that integrate accessibility are more likely to be innovative, inclusive enterprises that reach more people with positive brand messaging that meets emerging global legal requirements.”

Having become a staple within business strategy, disability inclusion is increasingly becoming a key component of an organisation’s digital strategy. Accessibility is good for business for many reasons, including: 

  • For every ethical and socially responsible organisation, it’s simply the right thing to do
  • In the UK alone the disability market, the so-called Purple Pound, is worth an estimated £249 billion every year
  • To maximise your website’s traffic and user base - if there are fewer barriers to accessing content, it’s likely that more people will use your website
  • Many accessibility guidelines coincide with UX and SEO best practices and so making a site accessible for people with disabilities will also make it easier to find and better to use for everyone
  • And last but not least, for public sector websites and apps, it’s not a choice - it’s a legal requirement

More information on this can be found in the W3C’s article, The Business Case for Digital Accessibility.

How do we create an accessible digital experience?

How can we tell whether a website or an app is accessible? The answer is by checking it against international accessibility standards - Web Content Accessibility Guidelines (WCAG) 2.1. While it is easier to build a fresh site adhering to the guidelines, remediation can also be done to improve the accessibility of an existing site. 

Assessing the accessibility of your website can be done in two ways: by using automated testing tools or carrying out a manual audit. Read more about the Pros and cons of a manual vs automated accessibility audit.

Accessibility isn’t a one-off task, but an ongoing commitment.  An audit can help you both establish your current state of accessibility, and then can be used as a tool to check in as your site grows and evolves. 

Following an automated and manual audit, you could look at usability testing with people with disabilities so that further improvements can be made to your site. Regular automated testing, manual testing and training sessions for content authors and developers contributing to the site will help maintain its high level of accessibility and prevent new issues.

Your next steps

Online services are a critical part of modern life. Building accessibility into your digital strategy is ensuring that all people can access the information they need. 

Get in touch with us today to find out how you can embark upon your accessibility journey. 

Jan 14 2020
Jan 14

How can more maintainable custom code in Drupal be written? Refactor it to follow SOLID software design principles. As long SOLID purity isn't pursued into an endless rabbit hole, SOLID principles can improve project maintainability. When a project has low complexity, it is worthwhile to respect these principles because they're simple to implement. When a project is complex, it is worthwhile to respect these principles to make the project more maintainable.

Wrapped entities are custom classes around existing entities that will allow custom Drupal code to be more SOLID. This is achieved in three steps:

  1. Hide the entities from all custom code.
  2. Expose meaningful interaction methods in the wrapped entity.
  3. Implement the wrapped entities with the SOLID principles in mind.

Finally, many of the common operational challenges when implementing this pattern are solved when using the Typed Entity module.

SOLID Principles

More information can be found about the SOLID principles in the Wikipedia article, but here’s a quick summary:

Single responsibility principle: A class should only have a single responsibility, that is, only changes to one part of the software's specification should be able to affect the specification of the class.

Open–closed principle: Software entities should be open for extension, but closed for modification.

Liskov substitution principle: Objects in a program should be replaceable with instances of their subtypes without altering the correctness of that program. This is often referred to as design by contract.

Interface segregation principle: Many client-specific interfaces are better than one general-purpose interface.

Dependency inversion principle: One should "depend upon abstractions, [not] concretions."

Here, the focus will be on the wrapped entity pattern. In this pattern, it's discovered that PHP classes can be created that wrap Drupal entities to encode a project's business logic and make the code more SOLID. This is the logic that makes a project unique in the world and requires custom code to be written in the first place because it’s not completely abstracted by libraries and contributed modules.

First, understand the theory, and then look at the actual code.

Building a Library Catalog

To help exemplify this pattern, imagine being tasked with building the catalog for a local library. Some of these examples may be solved using a particular contrib module. However, this exercise focuses on custom code.

Entities Are Now Private Objects

Business logic in Drupal revolves around entities and the relationships between them. Often, the business logic is scattered in myriad hooks across different modules. The maintainability of custom code can be improved by containing all this custom logic in a single place. Then, the myriad of hooks can make simple calls to this central place.

The business logic is often contained around entities. However, entities are very complex objects in Drupal 8. They’re already associated with many features; they can be moderated, rendered, checked for custom access rules, part of lists, extended via modules, and more. How can the complexity be managed with the business logic when already starting with such a complex object? The answer is by hiding the entity from the custom code behind a facade. These objects are called wrapped entities.

In this scenario, only the facade can interact directly with the entity at any given time. The entity itself becomes a hidden object that only the facade communicates with. If $entity->field_foo appears anywhere in the code, that means that the wrapped entity needs a new method (or object) that describes what's being done.

Wrapped Entities

In the future, it may be possible to specify a custom class for entities of a given bundle. In that scenario, Node::load(12) will yield an object of type \Drupal\physical_media\Entity\Book, or a \Drupal\my_module\Entity\Building. Nowadays, it always returns a \Drupal\node\Entity\Node. While this is a step forward, it’s better to hide the implementation details of entities. Adding the business logic to entity classes increases the API surface and is bad for maintenance. This approach also creates a chance of naming collisions between custom methods and other added-to entities in the future.

A wrapped entity is a class that can access the underlying entity (also known as "the model") and exposes some public methods based on it. The wrapper is not returned from a Node::load call, but created on demand. Something like \Drupal::service(RepositoryManager::class)->wrap($entity) will return the appropriate object Book, Movie, etc. In general, a WrappedEntityInterface.

A wrapped entity combines some well known OOP design patterns:

In this catalog example, the class could be (excuse the code abridged for readability):

    interface BookInterface extends
      FindableInterface {}

    class Book extends WrappedEntityBase implements BookInterface {

      private const FIELD_NAME_ISBN = 'field_isbn';

      // From LoanableInterface.
      public function loan(Account $account, DateTimeInterval $interval): LoanableInterface { /* … */ }
      // From PhysicalMediaInterface.
      public function isbn(): string {
        return $this->entity->get(static::FIELD_NAME_ISBN)->value;
      // From FindableInterface.
      public static function getLocation(): Location { /* … */ }


More complete and detailed code will follow. For now, this snippet shows that using this pattern can turn a general-purpose object (the entity) into a more focused one. This is the S in SOLID. There are commonalities that group methods together when considering the semantics of each method written. Those groups become interfaces, and all of a sudden, it's apparent interface segregation has been implemented. SOLID. With those granular interfaces, things like the following can be done:

  function (LoanableInterface $loanable) { /* … */ },
  $loanable_repository->findOverdue(new \DateTime('now'))

Instead of:

  function ($loanable) {
    assert($loanable instanceof Book || $loanable instanceof Movie);
    /* … */
  $loanable_repository->findOverdue(new \DateTime('now'))

Coding to the object's capabilities and not to the object class is an example of dependency inversion. SOLID.

Entity Repositories

Wrapped entity repositories are services that retrieve and persist wrapped entities. In this case, they're also used as factories to create the wrapped entity objects, even if that is not very SOLID. This design decision was made to avoid yet another service when working with wrapped entities. The aim is to improve DX.

While a wrapped entity Movie deals with the logic of a particular node, the MovieRepository deals with logic around movies that applies to more than one movie instance (like MovieRepository::findByCategory), and the mapping of Movie to database storage.

Further Refinements

Sometimes, it's preferred to not have only one type per bundle. It would be reasonable that books tagged with the Fantasy category upcast to \Drupal\physical_media\Entity\FantasyBook. This technique allows for staying open for extension (add that new fantasy refinement) while staying closed for change (Book stays the same). This takes O into account. SOLID. Since FantasyBook is just a subtype of Book, this new extension can be used anywhere where a book can be used. This is called the Liskov substitution principle, our last letter. SOLID.

Of course, the same applies to heterogeneous repositories like LoanableRepository::findOverdue.

Working On The Code

This section shows several code samples on how to implement the library catalog. To better illustrate these principles, the feature requirements have been simplified. While reading, try to imagine complex requirements and how they fit into this pattern.

Typed Entity Module

I ported the Typed Entity module to Drupal 8 to better support this article, and it has helped a lot with my Drupal 7 projects. I decided to do a full rewrite of the code because I have refined my understanding of the problem during the past four years.

The code samples leverage the base classes in Typed Entity and its infrastructure. The full code samples can be accessed in this repository. This repo contains the latest code and corrections.


The first focus will be to create a wrapped entity for a book. This facade will live under \Drupal\physical_media\WrappedEntities\Book. The class looks like this (for now):

namespace Drupal\physical_media\WrappedEntities;

use Drupal\physical_media\Location;
use Drupal\typed_entity\WrappedEntities\WrappedEntityBase;

class Book extends WrappedEntityBase implements LoanableInterface, PhysicalMediaInterface, FindableInterface {

  const FIELD_NAME_ISBN = 'field_isbn';
  const FIELD_NAME_LOCATION = 'field_physical_location';

  // From PhysicalMediaInterface.
  public function isbn(): string {
    return $this->getEntity()->get(static::FIELD_NAME_ISBN)->value;

  // From FindableInterface.
  public function getLocation(): Location {
    $location = $this->getEntity()->get(static::FIELD_NAME_LOCATION)->value;
    return new Location(


Then, the repository will be registered in the service container. The physical_media.services.yml contains:

    # If you don't have custom logic for your repository you can use the base
    # class and save yourself from writing another empty class.
    # class: Drupal\typed_entity\TypedRepositories\TypedEntityRepositoryBase
    class: Drupal\physical_media\TypedEntityRepositories\BookRepository
    parent: Drupal\typed_entity\TypedRepositories\TypedEntityRepositoryBase
    public: true
        name: typed_entity_repository
        entity_type_id: node
        bundle: book
        wrapper_class: Drupal\physical_media\WrappedEntities\Book

Important bits are:

  • Specify the parent key to inherit additional service configuration from the contrib module.
  • If there's no reason to have a custom repository, the base class under the class key can be used.
  • Add the service tag with all the required properties:
    • name: this should always be typed_entity_repository.
    • entity_type_id: the entity type ID of the entities that will be wrapped. In this case, books are nodes.
    • bundle: the bundle. The bundle can be omitted only if the entity type has no bundles, like the user entity.
    • wrapper_class: the class that contains the business logic for the entity. This is the default class to use if no other variant is specified. Variants will be covered later.

Once these are done, the wrapped entity can begin integration into the hook system (or wherever it pertains). An integration example that restricts access to books based on their physical location could be:

use Drupal\Core\Access\AccessResult;
use Drupal\Core\Session\AccountInterface;
use Drupal\node\NodeInterface;
use Drupal\physical_media\WrappedEntities\FindableInterface;
use Drupal\typed_entity\RepositoryManager;

 * Implements hook_node_access().
function physical_media_node_access(NodeInterface $node, $op, AccountInterface $account) {
  if ($node->getType() !== 'book') {
  $book = \Drupal::service(RepositoryManager::class)->wrap($node);
  assert($book instanceof FindableInterface);
  $location = $book->getLocation();
  if ($location->getBuilding() === 'area51') {
    return AccessResult::forbidden('Nothing to see.');
  return AccessResult::neutral();

Better yet, the Book could be refactored and that leaking business logic (the one checking for specific buildings) could be put into it, and then a reasonable interface could be implemented for it (favor existing ones) like Book … implements \Drupal\Core\Access\AccessibleInterface.

use Drupal\Core\Access\AccessibleInterface;
use Drupal\Core\Access\AccessResult;

class Book … implements …, AccessibleInterface {
  // From AccessibleInterface.
  public function access($operation, AccountInterface $account = NULL, $return_as_object = FALSE) {
    $location = $this->getLocation();
    if ($location->getBuilding() === 'area51') {
      return AccessResult::forbidden('Nothing to see.');
    return AccessResult::neutral();


While evolving the hook into:

function physical_media_node_access($node, $op, $account) {
  return $node->getType() === 'book' ?
      ->access($op, $account, TRUE)
    : AccessResult::neutral();

The code can still be improved to remove the check on 'book'. Books are checked for access because of knowledge about the business logic. That leak can be avoided by trying to code to object capabilities instead (D in SOLID).

function physical_media_node_access($node, $op, $account) {
  try {
    $wrapped_node = \Drupal::service(RepositoryManager::class)->wrap($node);
  catch (RepositoryNotFoundException $exception) {
    return AccessResult::neutral();
  return $wrapped_node instanceof AccessibleInterface
    ? $wrapped_node->access($op, $account, TRUE)
    : AccessResult::neutral();

After that, the hook can remain the same when access control is implemented in movies. Not having to trace the whole codebase for potential changes when new features are added or existing ones are changed is a big win for maintainability.

Handling Complexity

As code grows in complexity, making it maintainable becomes more difficult. This is a natural consequence of complexity so it's best to be pragmatic and not take the SOLID principles as a hard rule. They exist to serve a purpose, not the other way around.

There are some ways to contain complexity. One is to avoid passing other entities into the wrapper methods by using wrapped entities instead. This creates more discipline in making the business logic explicit. This example gets the wrapped user entity as the author of an article.

public function owner(): ?WrappedEntityInterface {
  $owner_key = $this->getEntity()->getEntityType()->getKey('owner');
  if (!$owner_key) {
    return NULL;
  $owner = $this->getEntity()->{$owner_key}->entity;
  if (!$owner instanceof EntityInterface) {
    return NULL;
  $manager = \Drupal::service(RepositoryManager::class);
  assert($manager instanceof RepositoryManager);
  return $manager->wrap($owner);

Another way to contain complexity is by splitting wrapped entities into sub-classes. If having several methods that don’t apply to some books, variants can be beneficial. Variants are wrappers for a given bundle that are specific to a subgroup.

The Typed Entity Examples submodule contains an example on how to create a variant. In that example, the repository for articles hosts variant conditions. Calls to RepositoryManager::wrap($node) with article nodes now yield Article or BakingArticle depending on whether or not the node is tagged with the term 'baking'. The contrib module comes with a configurable condition to create a variant based on the content of a field. That is the most common use case, but any condition can be written. If having a different wrapper is preferred for Wednesday articles, that (odd) condition can be written implementing VariantConditionInterface.


Decades-old principles were highlighted as still being relevant to today’s Drupal projects. SOLID principles can guide the way custom code is written and result in much more maintainable software.

Given that entities are one of the central points for custom business logic, the wrapped entities pattern was covered. This facade enables making the business logic explicit in a single place while hiding the implementation details of the underlying entity.

Finally, the Typed Entity module as a means of standardization across projects when implementing this pattern was explored. This tool can only do so much because ultimately, the project’s idiosyncrasies cannot be generalized; each project is different. However, it is a good tool to help promote more maintainable patterns.

The EU Web Accessibility Directive: A practical guide for the public sector 

Jan 14 2020
Jan 14
Jan 14 2020
Jan 14

New legislation from the EU means that public sector websites must comply with the EU Web Accessibility Directive if they are launched after 23rd September 2019. For existing websites, public sector organisations have slightly longer to make their services accessible to everyone. With the next deadline for existing sites in September 2020, not too far away, this guide explores the practical steps organisations can take to comply. 

What is the EU Web Accessibility Directive?

An estimated 80 million people in the EU live with a disability, making it more necessary than ever to ensure everyone has equal access to digital products and services. The EU Web Accessibility Directive is a new piece of legislation which aims to consolidate accessibility standards, making web accessibility a legal requirement.

The Directive requires that member states have processes in place to “ensure that public sector bodies take the necessary measures to make their websites and mobile applications more accessible”. 

As with most legislation, there are some exclusions which apply. These include broadcasters, some schools and nurseries, and private organisations, along with non-government organisations (such as charities) which “provide services that are not essential to the public or services that do not specifically address the needs of persons with disabilities”.

Unlike the Web Content Accessibility Guidelines (WCAG), the Directive does not include rules about how to make websites and mobile applications accessible. However, the four WCAG principles which provide the foundation for accessibility (perceivable, operable, understandable and robust) are present throughout. This begins to unify the digital accessibility standards for EU member states, by putting WCAG at the core.

How does this affect public sector organisations?

Any new websites launched after 23rd September 2019 must meet accessibility standards and must have an accessibility statement.

If a public sector organisation launched a website before 23rd September 2019, the website must meet the accessibility standards by 23rd September 2020. Improving accessibility for an existing website is notoriously more difficult than building with accessibility in mind from the beginning. Organisations with older sites therefore have slightly longer to meet the required standards.

Accessibility standards also apply to mobile apps, however, organisations have until 23rd June 2021 to meet that deadline.

While organisations are progressing in their efforts to make services more accessible, it’s clear there is a lot more to do for existing websites and apps - and they are running out of time. With the next deadline approaching rapidly, what practical steps can public sector bodies take to raise their accessibility game?

Audit your websites

A recent survey revealed that 40% of local authority homepages aren’t accessible to people with disabilities. Organisations must therefore first understand how an existing website is performing in terms of accessibility.

Common issues include: failing to provide a good heading structure and links with sufficient context, not using visible indicators to show where the keyboard focus is, not adding skip links to jump over repetitive page content and not having sufficient contrast between text and its background. 

Completing an accessibility audit will help find where there are barriers for people with disabilities and help plan in any remediation work necessary to meet the standards.

Add an accessibility statement

The Directive set a deadline of 23rd December 2018 for public sector organisations to add an accessibility statement to their websites. 

When an accessibility audit or accessibility evaluation has taken place, the results from the audit can be used to help write an accessibility statement. The accessibility statement should be regularly updated and the W3C suggests including the following as a minimum:

  • A commitment to accessibility for people with disabilities
  • The accessibility standard applied, such as WCAG 2.1
  • Contact information in case people encounter problems
  • Any known limitations of the website, to avoid frustrating your visitors
  • Measures taken by your organization to ensure accessibility

Make the content as accessible as possible

The most difficult stage for any organisation is making the content as accessible as possible. While building accessibility in from the start of a web development project is always the best route to ensure your services are accessible to everyone, it is vital the team responsible for planning, updating and writing content are also committed to high accessibility standards.  

Web accessibility isn’t a one-time task, it’s an on-going commitment. Website content and development work needs to be constantly monitored and updated to achieve ongoing compliance. Performing regular audits or evaluations and asking people with disabilities to test products and services ensures websites and apps are as accessible as possible.

This article originally appeared on Open Access Government published on the 10th December 2019. 

Can we help you on your accessibility journey with an healthcheck, audit or consultancy? Get in touch

Jan 13 2020
Jan 13

[embedded content]

My journey with Drupal contributions started in Oct 2019 and I started by understanding basic issues and reviewing  patches created by the experienced contributors.  

As we start a New year, I am proud that my contribution has played an important part in moving Unimity to Page one of the Service Providers list. I wish to share in this blog my learnings and I hope that this will inspire organizations and developers to contribute in the new year! 

Five aspects I have learnt through my contributions are:

  1. Understanding of  how Drupal software is built

  2. Connecting  with core contributors

  3. Improving my Technical knowledge

  4. Staying up to date with Drupal

  5. Mentoring  others

Understanding of  how Drupal software is built:-

Drupal is built from community contributions from all over the world. Lot of hard work by core contributors results with the successful implementation of this open source software. Other aspects about Drupal and the issue queues include:

  1. Understanding the  issue workflow from how an issue starts from active to needs work, needs work to needs review and needs review to reviewed & tested by community, RTBC to fixed.
  2. The different ingredients of this software include: modules/components, issue queues, core contributors, patches, tags, version control, credits, commits
  3. Understanding Drupal’s roadmap and the features mapped to each of the releases
  4. Initiative leads & initiative meetings

Connecting  with core contributors:- 

Had the privilege of interacting with top 10 core contributors:  Kjamlaluno, Jrockowitz, RajabNatshah, VolkswagenchickBojanz, Alonaoneill, Thalles, Wim Leers, Webchick, Lauri, Jhodgdon, Xjm and few others.

It was a truly wonderful experience to get appreciated by core Drupal maintainers for my work .

Recognized by Alexpott


Recognized by Webchick


Improving my Technical knowledge:-

Drupal Contributions also helped me in gaining the technical knowledge in many areas such as :

  1. Drupal’s folder structure
  2. Concepts such as Layout Builder, View modes, JSON API, Help topics
  3. Front end CSS, JS and TWIG implementations
  4. Writing Test Cases
  5. Documentations

Staying Up to date with Drupal:-

Drupal Contributions introduced me to Drupal roadmap. Following the roadmap helped me to stay updated with  new features. When Drupal 8.8 was rolled out, I knew about the New Administration Theme Claro and Media Library. I also follow core maintainers on twitter and have recently started working on the new Olivero Theme that Dries spoke at length during his session at DrupalCon Amsterdam.

Mentoring  others:-

Contributions improved my role as Drupal Trainer at Unimity. I started being a mentor to all those willing to contribute and give back to Drupal. 

It has been an exciting journey and I thank Unimity for sponsoring the time to contribute. I also want to share few other members at Unimity who have Contributed to Drupal in 2019 are:

  1. Gayathri: Contributed in various areas as :- Help Topics , Media Library Documentation, Umami Profile 
  2. Madhura: Contributed in areas such as :- Migration, Help_topics
  3. Vinodhini:- Contributed in Claro new Admin Theme, Deprecated code
  4. Gnanagowthaman:- 
  5. Tarun: Contributed in Olivero New Front end theme
  6. Iyyappan:- Contributed in Migration
  7. Punam:- Contributed in Migration 

Together Unimity contributed: 13 core patches, 3 olivero patches, 1 Claro patches, 38 contributed patches.
I welcome more users from the Drupal community to join and benefit from the contributions.

Are you looking for help to climb the Drupal Contribution ladder? Just reach out to  me "Shimpy" on drupal_ contribute slack channel! Happy to help :) 

Issues adding new deprecations (for removal in Drupal 10) should be moved to 9.1.x

Jan 10 2020
Jan 10
Jan 10 2020
Jan 10

When you download and install the Drupal core, it is by default English, as you may know. Our Drupal themes on Symphony Themes are also in English by default. In many cases, I receive requests from customers on how to quickly translate Drupal to their languages (not English, ofcourse).

Here is the guide. It applies to translate Drupal in a non-multilanguage site. If you need more than one language in the same site, you will need to do a lot more stuffs, which can be found on another article.

1. Enable neccessary modules

Please go to admin/modules and enable Locale and Content translation.

2. Add your language

Go to admin/config/regional/language to add your language, please choose it as default language

3. Download the translation manually

Go to http://localize.drupal.org/translate/downloads?project=drupal to download translation package for your language.

Then import the translation. Go to admin/config/regional/translate/import to import the package you have just downloaded.

4. Automate the process with Localize Update

You can automate the translation update process for the Drupal core and all of your installed modules as well by using the Localize Update module.

It is very useful. When you install new modules, this Localize Update module automatically pulls the translations for the new modules from localize.drupal.org.

5. Translate manually

The site is now translated to your language. If you find any untranslated strings, please go to admin/config/regional/translate/translate to search and translate them

That's quite simple, isn't it? If you find this article helpful, please subsrcibe to our mailing list to get notified on latest news and tutorials.

Jan 10 2020
Jan 10

Between a quarter and about a third of the content on the World Wide Web repeats itself. According to Google's head of search spam, Matt Cutts, around 25-30% of web content is duplicate. Your website is also likely to have duplicate content, even if it follows web content writing rules. In this post, we will touch upon the reasons and risks of duplication, as well as review useful modules that fix duplicate content in Drupal.

What is duplicate content?

Duplicate content is defined as identical or similar one found at different web addresses. These URLs can be within the same domain or across different ones.

Common reasons for duplicate content

Reasons for duplicate content in Drupal are pretty much the same as in other CMSs. They vary from unintentional to malicious, and from purely technical to human-created. Among the most common ones are:

  • scraped content (copied without permission)
  • syndicated content (shared by agreement)
  • HTTP and HTTPS versions of pages
  • WWW and non-WWW versions of pages
  • printer-friendly versions of pages
  • different user session IDs generating different URLs
  • almost identical product descriptions in e-commerce stores (for example, Drupal Commerce)
  • identical pieces of site-wide content (for example, in the footer)

What are the risks of duplicate content?

Duplicate content may result in losing your Google rankings. Google can’t show all duplicate results but only one from the “cluster” of duplicates. 

In addition, Google rewards uniqueness as added value. Sites with no unique content will find it harder to get good rankings.

SEO experts always take care to keep their websites from being penalized algorithmically by Google for low-quality content, including copied content. That’s why they try to keep their sites unique.

Google admits there may be strict penalties in cases when the behavior of a website with many duplicates is found to be manipulative. 

Modules that deal with duplicate content in Drupal

Getting rid of duplicates completely is neither possible nor necessary. However, there are contributed modules to deal with duplicate content  in Drupal that will make your website much cleaner from copies.

The Taxonomy Unique module

By default, Drupal allows for creating taxonomy terms with the same names within the same vocabulary. As part of measures to avoid duplicate content in Drupal 7 and 8, the Taxonomy Unique module can prohibit that.

Whenever someone tries to create a term that already exists, Drupal shows an error message saying the term name already exists. The feature can be individually enabled for each vocabulary. The error message is also customizable.

Taxonomy Unique module to fix duplicate content in Drupal

The Unique Content Title module

Thanks to the Unique Content Title module, you can require unique titles for each node of a content type. You will need to check the “Unique title” option in the “Submission form settings” of a content type. The module is only available for Drupal 7. 

The Suggest Similar Titles module

Here is another module to avoid duplication on node titles. This Drupal 7 module is at the pre-release stage for Drupal 8. 

During node creation, the Suggest Similar Titles module compares the new node titles to existing ones, and informs you if they match. The module settings allow to you:

  • decide on which content types to use the feature
  • add keywords to ignore
  • specify the allowed percentage of text matching
  • ask to check node permissions
  • limit the number of titles to show in suggestions

The Copy Prevention module

The Copy Prevention module helps you protect your texts and images from being copied on the Internet. Among the ways to do it are:

  • disabling text selection
  • disabling copy to clipboard
  • disabling right-click context menu on all content or on images
  • placing transparent image above your images
  • hiding your images from indexing 
Copy Prevention module to fix duplicate content in Drupal

The Intelligent Content Tools module

Here is an interesting module to fix duplicate content in Drupal, although it is in the development version. 

The Intelligent Content Tools module consists of three submodules. It offers auto tagging, text summarization, and duplicate content identification for your website. 

The module tells you when some duplicates have been found. Its work is based on Natural Language Processing.

Intelligent Content Tools module to fix duplicate content in Drupal

The Redirect module

The Redirect is a complex module that offers a user interface to redirect your URLs to new paths. It inherits the capabilities of the Global Redirect and the Path Redirect modules. 

Since 301 redirects and canonical URLs are among the ways to fix duplicates, the module is helpful in this sphere. It lets you:

  • manually create redirects
  • automatically redirect to canonical URLs (taking care of trailing slashes, language prefixes, and so on)
  • automatically create redirects in case of URL alias change
Redirect module to fix duplicate content in Drupal Redirect module to fix duplicate content in Drupal

The Redirect module for Drupal 8 comes with two submodules: Redirect 404 and Redirect Domain. They help you, respectively:

  • track and fix 404 errors
  • create cross-domain redirects

A bunch of other modules are recommended to use in cooperation with the Redirect:

  • Multi-path autocomplete as help with entering paths
  • Pathologic for transforming relative links in content to absolute URLs
  • Match Redirect for redirecting according to path patterns with wildcards
  • Pathauto for automatic generation of path redirects, which we will now look at more closely

The PathAuto module

The purpose of the PathAuto module is generating human-readable and SEO-friendly URLs according to chosen patterns. By default, URL aliases in Drupal look like this: /node/123. The Pathauto module can automatically change them to something like /category/my-node-title. 

The module will play an important part in website clean-up from duplicates. The Pathauto module quietly and reliably redirects URLs to the new paths based on the pattern, with no confusion for search engines or broken links for users.

Let’s fix duplicate content on your Drupal website

Each of the above modules will add a helpful touch to fixing duplicate content in Drupal. If you need help using them, or doing a comprehensive website check and clean-up with a variety of tools, feel free to contact our Drupal team. Stay unique — and both search engines and users appreciate that!

Jan 10 2020
Jan 10

Senior Drupal Engineer at MTech LLC. In his spare time, he is a frequent core contributor, core contribution mentor, project application reviewer, and general nice guy. He's from the Midwest in the US but now lives in Nicaragua where he splits his time between his family, clients and running a largely Nicaraguan-based Drupal services business.

Save the Date, Old Sport!

Jan 10 2020
Jan 10
Jan 10 2020
Jan 10

“But I don’t want to think about Drupal 9 yet!”

Adulting sometimes means doing things we don’t want to do, like thinking about CMS version upgrades. 

We can help.

For now, here’s what you need to know about Drupal 9.

1. Drupal 9 is targeted for a June 2020 release.  

Eighteen months following the release of Drupal 9, in November of 2021, Drupal 7 and 8 will both hit EOL status. This means that you will have a little more than a year to move your site from Drupal 7 or 8, following the June 2020 release date of Drupal 9. 

The normal schedule would dictate that Drupal 7 hit EOL shortly after the Drupal 9 launch. However, because so many sites are still on D7, and at this point, many may just skip D8 completely, the decision has been made to extend D7 support for an additional year. As a result, D7 and D8 will both lose support at the same time.

The November 2021 date is significant because that is also when Symfony 3, which is a major dependency for Drupal 8, will lose support.

What this means for you as a D7 or D8 site owner is that you should have a plan to be on Drupal 9 by the summer of 2021.

2. The transition from Drupal 8 will not be painful.

Unlike Drupal 8, which for practical purposes was a new CMS sharing the Drupal name, Drupal 9 is being developed on Drupal 8. That means if you are up to date with Drupal 8.9 the move to Drupal 9 should be relatively easy. It probably won’t be Drupal 8.4 to 8.5 easy, but it should be nothing close to the level of effort of moving from Drupal 7 to Drupal 8. In a lot of ways, Drupal 9 is just the next six-month update that comes after Drupal 8.9, with the added complication of being the version that we use move depreciated code and APIs out of the codebase.

My recommendation if you are still on Drupal 7: migrate to Drupal 8 when it's convenient. As stated above Drupal 9 is really just Drupal 8.10.1. So you kind of are migrating to Drupal 8, even it’s called Drupal 9 at that point. You won’t save any effort by waiting until Drupal 9 is out, you’ll just be on the outdated D7 codebase longer.

Concerning modules: as long as modules aren’t depending on any APIs that are being depreciated in D9, contributed modules should continue to work with both D8 and D9. 

3. Promet Source can help with a readiness audit

The good news if you are on an updated version of D8 the transition to D9 should be smooth. If you are on D7 you are essentially doing the same thing whether you migrate to Drupal 8 or Drupal 9.

We’re here to help! If you want to talk in more depth about what Drupal 9 has in store, and start to make a plan for the transition, contact us for information on our Drupal 9 readiness audit.

Jan 09 2020
Jan 09

Creating time and space to do the work

DropSolid in Belgium are the first organisation to sponsor some of my time to work on Drupal core.

It is very liberating to set apart dedicated time for tackling bigger chunks of Drupal core work instead of sneaking in bits and pieces at the edges of the day.

In the time available I was able to:

Many thanks to Nick Veenhof for reaching out and to DropSolid for supporting my work to help design a better Drupal!

I’m open to more organisations sponsoring me to work on the ux and product side of Drupal core. If that is something you are interested in, let me know.

Jan 09 2020
Jan 09

By default, Drupal 8 has two methods for building the breadcrumb trail. For content, this method is based on the URL of the page, and for taxonomy terms this method is based on the vocabulary hierarchy.

The default construction of a breadcrumb

Let's explore in more detail the construction of the breadcrumb for content.

Let's take an example of a content page with the following URL:


The last part of the URL (webfactory-drupal) corresponds to the title of the page. Drupal will then inspect the rest of the URL and for each part look for if a content matches that URL.

So, Drupal will inspect this URL, to see if it matches existing content.


If so (let's imagine that a content whose title is Drupal Specialist has this URL), the title of the page is added to the breadcrumb trail.

Then, he inspects this URL, to see if it matches existing content.


If so (the content title is Freelance Drupal for example), the page title is added to the breadcrumb trail.

And finally Drupal inspects the last part of the URL, to see if it still matches existing content.


The page title (Services) is then added to the breadcrumb trail.

So for this example, if each part of the path corresponds to an existing content page, the breadcrumb trail generated for this URL will be the following.

Home > Services > Freelance Drupal > Drupal specialist > Web factory Drupal

It is thus possible to build a custom-made, relevant breadcrumb trail using this detection by parent path, either by using a manual alias for listing pages, pivot pages or landing pages, or by using the Pathauto module to automatically build a relevant alias for content to be automatically placed in a section of a site (typical example, news, events, services, etc.). 

Note that the generation of the last part of the breadcrumb trail, namely the title of the current page, Web factory Drupal in our example, is the responsibility of the theme. As a general rule, you will find an option in any correct theme that allows you to display or not the title of the current page in the breadcrumb trail. Or it can be done with a simple hook.

 * Implements hook_preprocess_HOOK().
function MY_THEME_preprocess_breadcrumb(&$variables) {
  $request = \Drupal::request();
  $route_match = \Drupal::routeMatch();
  $page_title = \Drupal::service('title_resolver')->getTitle($request, $route_match->getRouteObject());

  $variables['#cache']['contexts'][] = 'url';
  if (count($variables['breadcrumb']) <= 1) {
    $variables['breadcrumb'] = [];
  else {
    $breadcrumb_title = theme_get_setting('breadcrumb_title');
    if ($breadcrumb_title) {
      $variables['breadcrumb'][] = array(
        'text' => $page_title

The breadcrumb trail for the pages of taxonomy terms is built according to a different logic: according to the hierarchy of terms and this regardless of the alias used for the pages of terms.

These two methods of breadcrumb generation are the default methods included in Drupal Core. It is of course possible to modify this default behavior by means of contributed modules, such as Breadcrumb Menu for example which generates the breadcrumb depending on the position of the page in the main menu and which in the absence of the page in the menu switches to the default Drupal Core generation, or by means of a custom module.

Customize the breadcrumb trail with a module

Altering the construction of the breadcrumb is done by means of a service tagged with the breadcrumb_builder tag. For example, for example

  class: Drupal\my_module\MyModuleTermBreadcrumbBuilder
  arguments: ['@entity_type.manager', '@entity.repository', '@config.factory', '@path.validator', '@path.alias_manager']
  - { name: breadcrumb_builder, priority: 1010 }

The priority given to a service of this type makes it possible to order which rules to apply first, the highest priorities being those applied first.

The MyModuleTermBreadcrumbBuilder Class must implement two methods

  • The applies() method that will allow us to indicate when to apply this rule of construction of the breadcrumb
  • The build() method that will build the breadcrumb itself.

So if we want to add a parent to the breadcrumb trail of taxonomy terms pages, for example, our class will look like this.

 * Provides a custom taxonomy breadcrumb builder that uses the term hierarchy.
class MyModuleTermBreadcrumbBuilder implements BreadcrumbBuilderInterface {
  use StringTranslationTrait;

   * The entity type manager.
   * @var \Drupal\Core\Entity\EntityTypeManager
  protected $entityTypeManager;

   * The entity repository.
   * @var \Drupal\Core\Entity\EntityRepositoryInterface
  protected $entityRepository;

   * Drupal\Core\Config\ConfigFactoryInterface definition.
   * @var \Drupal\Core\Config\ConfigFactoryInterface
  protected  $configFactory;

   * The taxonomy storage.
   * @var \Drupal\Taxonomy\TermStorageInterface
  protected $termStorage;

   * The settings of my module taxonomy configuration.
   * @var \Drupal\Core\Config\Config
  protected $taxonomySettings;

   * The path validator service.
   * @var \\Drupal\Core\Path\PathValidatorInterface
  protected $pathValidator;

   * The alias manager.
   * @var \Drupal\Core\Path\AliasManagerInterface
  protected $aliasManager;

   * MyModuleTermBreadcrumbBuilder constructor.
   * @param \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager
   * @param \Drupal\Core\Entity\EntityRepositoryInterface $entity_repository
   * @param \Drupal\Core\Config\ConfigFactoryInterface $config_factory
   * @param \Drupal\Core\Path\PathValidatorInterface $path_validator
   * @param \Drupal\Core\Path\AliasManagerInterface $alias_manager
   * @throws \Drupal\Component\Plugin\Exception\InvalidPluginDefinitionException
   * @throws \Drupal\Component\Plugin\Exception\PluginNotFoundException
  public function __construct(EntityTypeManagerInterface $entity_type_manager, EntityRepositoryInterface $entity_repository, ConfigFactoryInterface $config_factory, PathValidatorInterface $path_validator, AliasManagerInterface $alias_manager) {
    $this->entityTypeManager = $entity_type_manager;
    $this->entityRepository = $entity_repository;
    $this->configFactory = $config_factory;
    $this->pathValidator = $path_validator;
    $this->aliasManager = $alias_manager;
    $this->termStorage = $this->entityTypeManager->getStorage('taxonomy_term');
    $this->taxonomySettings = $this->configFactory->get('my_module.taxonomy_settings');

   * {@inheritdoc}
  public function applies(RouteMatchInterface $route_match) {
    return $route_match->getRouteName() == 'entity.taxonomy_term.canonical'
      && $route_match->getParameter('taxonomy_term') instanceof TermInterface;

   * {@inheritdoc}
  public function build(RouteMatchInterface $route_match) {
    $breadcrumb = new Breadcrumb();
    $breadcrumb->addLink(Link::createFromRoute($this->t('Home'), '<front>'));
    /** @var \Drupal\taxonomy\TermInterface $term */
    $term = $route_match->getParameter('taxonomy_term');
    $breadcrumb_parent = $this->taxonomySettings->get('vocabularies.' . $term->bundle() . '.breadcrumb_parent');
    if ($breadcrumb_parent) {
      $url = $this->pathValidator->getUrlIfValid($breadcrumb_parent);
      if ($this->pathValidator->isValid($breadcrumb_parent)) {
        $path = $this->aliasManager->getPathByAlias($breadcrumb_parent);
        if(preg_match('/node\/(\d+)/', $path, $matches)) {
          $node = Node::load($matches[1]);
          if ($node instanceof NodeInterface) {
            $node = $this->entityRepository->getTranslationFromContext($node);
            $breadcrumb->addLink(Link::createFromRoute($node->label(), 'entity.node.canonical', ['node' => $node->id()]));

    // Breadcrumb needs to have terms cacheable metadata as a cacheable
    // dependency even though it is not shown in the breadcrumb because e.g. its
    // parent might have changed.
    // @todo This overrides any other possible breadcrumb and is a pure
    //   hard-coded presumption. Make this behavior configurable per
    //   vocabulary or term.
    $parents = $this->termStorage->loadAllParents($term->id());
    // Remove current term being accessed.
    foreach (array_reverse($parents) as $term) {
      $term = $this->entityRepository->getTranslationFromContext($term);
      $breadcrumb->addLink(Link::createFromRoute($term->getName(), 'entity.taxonomy_term.canonical', ['taxonomy_term' => $term->id()]));

    // This breadcrumb builder is based on a route parameter, and hence it
    // depends on the 'route' cache context.

    return $breadcrumb;


This class largely follows the breadcrumb construction logic provided by Drupal Core, and only adds a parent to the breadcrumb built according to a configuration parameter. This same logic can also be applied to the breadcrumb trail of content pages, in case you want a view for example in the breadcrumb trail, or any other page that is not a content page.

In the end, customizing a breadcrumb trail can be done in many ways, as is often the case with Drupal, but I must admit that finally the default pattern responds to many use cases and is very often sufficient with a configuration zest at the level of generating aliases of the pages of a Drupal 8 project. Finally, we can also note the Custom Menu Breadcrumbs module which allows us to configure a main parent from a menu item for content of a certain type.

Jan 08 2020
Jan 08

Your browser does not support the audio element. TEN7-Podcast-Ep-079-Best-of-2019.mp3


2019 comes to a close, and with it, another year of fascinating podcast guests that taught and inspired us. We’ve selected some of our favorite clips from this year’s guests for you to enjoy. Listen to the full podcasts if you like what you hear.

Guest Clips

  • Episode 50: Dries Buytaert, Founder of Drupal, on his evolving role in the Drupal community
  • Episode 74: Rob Harr, VP at Sparkbox, on how Sparkbox alums are still part of their story
  • Episode 56: Lynn Winter of Manage Digital on burnout
  • Episode 66: Jeff Archibald of Paper Leaf on the “false hustle”
  • Episode 67: Alison Paris of Parisleaf on G-RICE, their five values
  • Episode 63: Carl Smith of Bureau of Digital on scaling intimacy
  • Episode 53: Heather Schrock of Bonneville Environmental Foundation on their water stewardship business engagements
  • Episode 64: Hans Bjordahl of Culture Foundry on Conscious Capitalism
  • Episode 77: Jeff Geerling, Software Developer and Creator of the Pi Dramble on writing books on LeanPub
  • Episode 78: Gareth van Onselen, South African Journalist, Political Analyst, Author on the similar narratives of Jacob Zuma and Donald Trump


IVAN STEGIC: Hey, everyone. You’re listening to The TEN7 Podcast, where we get together every fortnight, and sometimes more often, to talk about technology, business and the humans in it. I’m your host Ivan Stegic. We’re starting off the new year with a retrospective.

We published 29 episodes last year, which is slightly more than once every two weeks, or as we say it here, every fortnight. That’s a great deal of content, all of which was created by an amazing team here at TEN7. So, let me begin with some thanks. I’d like to thank our transcriptionist Roxanne, who works tirelessly transcribing the audio for every episode, so that we can publish the text online. Thank you! To Charlene, who edits each of the transcripts and comes up with the summaries, links and social media posts, thank you! And of course, to Jonathan, the producer of the show, who masterfully records, edits, mixes, schedules, uploads and makes my life magically easy to record this show. Thank you! None of the almost 30 episodes of 2019 would be possible without you.

So we’re going to look back and play some of our favorite excerpts of the year. Before each clip, I’ll tell you who the guest is, what episode it came from and I’ll try to set it up with additional context. And don’t worry, today’s podcast webpage has links to the episodes, so you can always go back and listen to them all.

We started off 2019 with our 50th episode, and who better to have as a guest than the founder of Drupal himself, Dries Buytaert. I asked him about how his role and how it had changed over the years, since starting the project and writing the initial code in his dorm room in Belgium.

DRIES BUYTAERT: I think my role has evolved a lot over time. I mean, in the early days I would write 100% of the code, and I would spend a lot of my time building Drupal.org. I would help run the servers behind Drupal.org. I would organize the DrupalCon events or help organize them, like intensively. And over time I’ve scaled more and more. Drupal Association would be one example of that, as a step in evolving my role, which put in place an entity, a non-profit entity specifically, that could take over the organization of DrupalCon which now is a serious event. It costs a few million dollars to put on and takes a whole team of people to organize. Same thing with managing our website and the underlying hardware infrastructure.

It’s now being managed professionally by people at the Drupal Association and again, also with the help of people in the community, just like DrupalCon. But these are examples of how I’ve scaled my role. Obviously on the technical side, I went from being the sort of single core committer, to now having teams of core committers for each of the major releases, having committees and task forces around different aspects of the project, like a technical working group that defines coding standards. We have release managers and product managers and framework managers, all these kinds of roles to subsystem maintainers that are responsible for different aspects of Drupal core. And so, these are all examples of me scaling my role over time, and we continue to make governance changes all the time and to scale the project as needed.

I think that’s the right thing to do. As projects or organizations get bigger, you need to put the kind of organizational structure in place. You also need to scale the culture of the project and so, I try to help with that through my keynotes. Actually, last year at this time, I helped write Drupal’s Values and Principles document, that’s a way to help scale our culture. So, it takes a lot of effort and different people to maintain and run the Drupal project today.

IVAN: After I had been to the ManageDigital conference, I was enamored with Rob Harr’s keynote and his leadership of a company called Sparkbox. His style is squarely focused on all the people that are connected to his company, whether that’s current employees, clients, partners or even former employees. In Episode 74, that published in November of 2019, I asked him about this focus.

IVAN: I love the friendly disposition you have, and how inviting you are, and it doesn’t just extend to clients and partners and current team members. It also extends to Sparkbox alums. When you gave your keynote at Manage Digital, I was really impressed with how you talked about the wider Sparkbox community, not just the people that are working there right now, but people who have worked and humans that have been with you in the past. What’s your philosophy around that and how do you get those people together, if you do?

ROB HARR: My philosophy around all of this is I got into this for the humans, and I believe that we have to treat them well. I think that your former employees are the ones that actually control your reputation. I want to make sure everybody leaves well, and things end well for people. I think so much of how people view a relationship, and that’s really what employment is, it’s defined by how it ends. A perfectly good, even successful relationship, if it ends poorly, can feel horrible and can color the whole thing, and that’s not at all what I want to do. I think that what we look for is for people who, during at least a season—because there’s seasons for all things—where our seasons line up and we can kick a bunch of butt together on projects, and that season will probably end, and that’s okay.

And I think that’s really healthy to think about life that way that, “Hey, our goals lined up and we did a bunch of great work together, and now our goals don’t and we’re going to go our own ways.” That doesn’t remove that person or alum from our story. It doesn’t take us out of their story. There’s a lot of good stuff that happened. And why not respect that by throwing a party on the way out?

I think the other part that is so fundamental is, I can’t talk about caring for humans the way that I do and believe what I believe and then only live that when it benefits me, when they’re employees. I think that’s fundamental. If you really care about the people, then it has to transcend when it makes sense, when it’s convenient. I invite people to come in and talk to me about what they want to do next, and I’ve written letters of recommendation to help people find new jobs when they’re current employees.

That’s all good stuff. Sometimes people grow. Well, all the times we hope people grow. That should be a common thing that we want out of people. Our alums are part of our story. I still talk to them. If I end up in a city where there’s a Sparkbox alumni and I haven’t seen that person in a while, doing dinner or taking them out, or just saying “thank you” is totally commonplace.

IVAN: Why do you call your company a “studio?” It’s a subtle distinction from being an agency or a firm or a dev shop. I think it’s worth explaining and exploring.

ROB: I hate the word “agency.”

IVAN: Yeah, I do too. [laughing]

ROB: It makes me think of Don Draper, with the brown liquor sitting in his office, smoking, and the whole power dynamic that comes with that. I think the word “agency” has been overloaded a lot and doesn’t make clients think of partnership they have. It thinks like, “Hey, we’re going to throw some work over the wall and it’s going to come back and you’re going to be our agency of record.” It’s everywhere. I like the word “studio” because I think it speaks better to the creative problem-solving work that we want to do in partnership with our clients, and it invokes the right feeling of that.

IVAN: Rob was one of the keynote speakers at Manage Digital, that’s the annual project managers conference in Minneapolis put on by our good friend Lynn Winter. She was on the show as part of Episode 56, in March. And at the conference, she was giving a mini-keynote about burnout, so I asked her about it. She had some wise words to share with us.

IVAN: Let’s talk about burnout. How prevalent do you see that? Do you have any data to show? What have you noticed and what are you hoping to achieve with your mininote?

LYNN WINTER: In general, stats, if you start looking at people across the industry, or working people, and then specifically, across the industry, there’s so much pressure and change of environment from, where is the line between home and work, from working at home or having technology accessible all the time? It’s really blurred the line of when do you go home? When do you put things down? When do you turn off? And it’s becoming a problem, and honestly this talk came out of my own personal challenges with burnout, but as I started talking about it with people, I heard these stories over, and over and over. I’d be speaking at conferences and people would talk to me about, “How do you deal with this?” and “How do you deal with that?” and it was all about boundaries, and all about taking ownership of the path that you actually want to go on, versus letting the path take you.

I think it’s a thing that PMs deal with more in this industry, because of maybe the role and how it’s often positioned at agencies. So, what I mean by that is, a lot of times it’s not as valued as a developer, for instance. Like, when you’re going to hire, “Oh, we can get any old PM, they don’t really need to be a PM, they can be anyone, they can do that, they’re just scheduling meetings,” but hire a developer, it’s, “We’ll get a recruiter and it’s going to be harder.” And, it’s hard for different reasons, to hire different roles, but there’s just oftentimes that situation setup or less responsibility or value placed on it.

Some PMs aren’t even allowed to talk to clients. They have to go through account managers, they’re not given the responsibility or the value in that role. And so, there’s some positioning at certain places, and then there’s also that impact of how you personally come to your role and for me, I personally have an issue, balancing, l like, don’t take on too much, and stop running the hamster wheel kind of situation.

So, I had a kind of career change back in 2017, and I’ve been really trying to force myself to step back and try to realign what are my goals in my career and what are my personal goals, and things like that. So, since I’ve started talking to people about it, I’ve gotten, honestly, a lot of feedback that has been positive, as well as a lot of sad stories. So, it’s something we need to talk about.

IVAN: In Episode 66, from the end of July, I talked to Jeff Archibald, CEO of Paper Leaf, about two articles he wrote, one about the false hustle and the other about the 60-hour work week. I asked him about what motivated him to write them.

IVAN: It segues into this article you wrote on Fast Company about the false hustle, how keeping busy is just a way of not getting things done.


IVAN: And you’ve also written about humble bragging, about how a 60-hour workweek is actually symptomatic of larger problems that you might have as a company. I’ve talked to Lynn Winter in a previous episode about burnout, and it just seems to come up more and more. Like we are trying to be cognizant of what we’re doing, of what our employees are doing, so that we’re not detrimental to our own mental health, and so that we’re happy in the work we do, so that we have careful focus in work and life and home. So, the question is, what motivated you to write those two articles? The false hustle one and the one about the 60-hour work week?

JEFF: The 60-hour workweek one was just a bit of a direct response to what I was exposed to, and what I’m sure virtually every listener and yourself has been exposed to as well, through social media, and just is that humble bragging, right? “Oh, man. Crazy week. Finally shutting the laptop down. It’s 10 p.m. on Friday.” It’s indirectly talking about how important we are—and I’m totally guilty of this in the past as well—how important we are, how busy we are and how successful we are. But in reality, that’s not sustainable. It’s symptomatic of not having enough process in place, or not having enough revenue coming in, or just symptomatic of a host of potential flaws with the business model.

So, instead of bragging about it, it’d be great if we were bragging about how everybody in our shop worked a 25-hour work week and it was super stoked, and we’re hitting 30% profit margins, and everyone is getting paid properly. Those are the things we should be bragging about. And I get that, especially when you’re starting a business, a start-up or an agency or whatever, there is an inordinate amount of time that needs to be put in to get to the point where you have enough clients and you can support bringing on somebody to help ease that workload. I understand that. But, if it’s continually what we’re toting as success, then I think we have it totally backwards.

The false hustle article, that was more just like, I suppose, a moment in self-awareness for myself. I’m a productive person, I can get a lot of stuff done very quickly, but I have a tendency to overvalue the volume of tasks I complete, versus the importance of those tasks. I could sit down and crank out 12 things in a day, but did it actually move the needle anywhere? I was working really hard and I was being really busy, but it’s the equivalent on some level of, in that article the analogy I drew to Sammy Sosa’s sprinting from the dugout to the outfield, in between innings, but then jogging after a fly ball. [laughing] It’s the same kind of thing.

For me I just wrote that more to remind myself that I need to make sure and understand what I really need to be working on. What’s truly important. And apply tools like the Eisenhower Matrix to understand what needs to be done now versus what can be delegated and plan my week out a little bit better. Or else you can get to the end of the week and think that you’ve moved the needle because you did a lot of stuff. But it doesn’t mean you actually have moved the needle.

IVAN: How do you keep yourself on track for that? It sounds like a great idealistic way of living, and I would love to do it myself, but how do I actually do it? How do you do it?

JEFF: It’s relatively straightforward, to be honest. It is, I suppose, a series of processes. So, we use OKRs here: objectives of key results. I set one or two objectives for sales and marketing, which is primarily my focus here for every quarter, and then I list out the key results. If you’re a listener and you’re wondering what that means, just google OKRs and you’ll find a whole bunch of really interesting methods and information about it. But I set up those results and those are the things that I really try to focus on. Those are the things that are going to move the needle.

So, I map those out. So if I have an objective to increase revenue for the next quarter, then some of my key results might be to pitch three new projects every month. It might be bid on $1.5 million of work. Just key results like that. So that’s where I start, and then at the start of every week, I have a reminder in my calendar and about a 30-minute window to actually plan and block out my week, and it says right in there, review your OKRs, figure out what you should be working on, and then I’ll go through my calendar and I’ll see what time I have available, that hasn’t been booked for meetings or whatever else.

And I’ll block in time to focus on this particular sales objective, or this key result. Or, this particular proposal that I know was due by the end of the week. So, for me, those OKRs ultimately are making sure I’m working on the really, really important stuff that’ll move the needle, and then that weekly calendar reminder and the subsequent blocking out of my time on a weekly basis, is how I make sure that stuff actually gets done.

IVAN: How many companies have you worked for that have gone to the trouble of figuring out your own personal love language? Well, Alison and Chad Paris, who run Paris Leaf, were my guests in Episode 67, and in this clip Alison talks about their company’s values: gratitude, responsibility, integrity, candor and excellence.

IVAN: Ali, what is G-RICE?

ALISON PARIS: G-RICE stands for our five values. And I do want to expand on that a little bit, what Chad was saying, because I think it’s important to talk about using your purpose and ambition statement and also your core values, to make strategic hiring—and sadly, firing—decisions, I think by evolving our core, kind of brand messaging, and really owning it and metabolizing it for ourselves, it strengthened our ability to make really strategic decisions about who we bring on our team, and as a result, the conversations are so much easier, making decisions as a collective are so much easier because we just bounce it off of our values, which are gratitude, responsibility, integrity, candor and excellence. So, that’s where the G-RICE comes from.

IVAN: How do you know when you’re not living up to those standards and who’s policing them?

ALISON: I think we’re quite a self-policing team. We are very open with one another, and we really turn to one another to hold each other accountable, so if we feel like one another is kind of out of line with our values, we’re very quick to bring that up, in a really kind and empowered way. So, there’s not necessarily one person with the policing badge on, making sure we’re having these as our core values. I think it’s somewhat easy.

And I’ll knock on wood as I’m saying it, it’s easy when you hire and fire for your core values, because the teammates who are ultimately on your team end up embodying those values. So, it’s not as much as a policing as it is like We’re a team doing this together.

IVAN: I met Carl Smith at Owner Camp in Bend, Oregon in the Spring. I went to this Bureau of Digital event not knowing anyone, but came home feeling like I had a new, intimate set of friends and peers I could talk to. In Episode 63, I asked Carl how he planned to scale this wonderful thing he was in charge of.

IVAN: So, I’m going to ask you what your daughter asked. How do you scale that good feeling? How do you make it even bigger?

CARL SMITH: It’s tough right? Because in a way you’re scaling intimacy. Lori Gold Patterson said that to me. Lori Gold Patterson runs Pixo out of Urbana, Illinois and we were at Owner Summit in San Diego a few years back, and she came up to me. She goes, “You’ve got a huge challenge.” I was like, “What is it?” She goes, “How do you scale intimacy?” She was like, “Most of these people know each other because they’ve met, but there are going to be so many people that want in, and you’re not going to be able to do events for everybody,” and all this sort of stuff.

So now, the goal is to find ways to do more stuff online in smaller groups. To have opportunities for people who have met in person to reconnect. And for us to be the facilitator and the organizer and handle the logistics of that.

Because we can do so much more online, that as long as there is some level of in-person connection once a year, maybe twice a year, then the online supplements really well. So, that’s a lot of it. We can’t just have events get bigger, and we can’t just put on more events. It’s going to have to be finding ways, using the means that we have—and a lot of it’s technology—to make sure that everybody’s feeling connected, more frequently. And, even voice over just pixels, right?

Even just like you said, “It’s so good to hear your voice.” So, having that happen. So, we’re working on an idea called Bureau Circles. We’ll see how it can play out. We don’t want to overcommit and then blow it. But the idea of eight to ten people that we help coordinate to get together once a month, it’s kind of like a NEO, kind of like a Mastermind, but it’s super focused on what they do and their role. We called them role calls in the past when there were more people, but this idea is getting it down to a smaller group that is there for each other all the time.

And one of the things, Ivan, that spurred this was we have a Biz Dev Camp. So many camps, dude! I can’t even remember them to list them. But Biz Dev Camp, everybody said don’t do it. Nobody is going to share. Nobody’s going to be willing to share. And we said it when we brought people in.

The thing was, it sold out with seven on the waiting list. And I told them, “We’re going to have an optional show and tell on the final day, where if you show up you have to show. You have to show your pitch deck, or you have to show a presentation, you have to show something.” But what was amazing is when we left that first Biz Dev Camp, monthly calls started.

And it was just hilarious, they started their own monthly call. They called it an “accountability” call. It is just unbelievable. So in a lot of ways, that’s become the model for us as we’re looking at how do we move forward to scale the intimacy, and it becomes, people have said, compared to AIGA or things like this, “I like the grass roots feel,” and, “I like the idea that in those circles there is somebody who connects with us,” but they’re also at liberty to make sure that they’re doing what the group needs, so that we’re continuing to support, but we don’t have to participate in every single thing.

IVAN: In 2019, TEN7 started to purchase renewable energy certificates, called RECs and water restoration credits, called WRCs for every full-time employee. It’s our way of trying to offset the carbon footprint that the company creates by being in business. In February, for Episode 53, Heather Schrock from the Bonneville Environmental Foundation joined me on the show. In this clip, she talks about the projects they’re involved in and how they come about.

HEATHER SCHROCK: Yeah, so I’ll just start with water, because that is, again, our more in-house piece. Because the water projects that we support are all directly—you know, if we’re going to create WRCs it’s from a project that we, as an organization, personally support and are putting some energy behind. Whereas with offsets and RECs, we’re on the retailer side of that relationship. So, we do vet and choose the projects carefully.

For RECs there’s Green-e, the certification for RECs, and then for offsets there’s several certifications that we mainly work with four or five of them, third-party verifiers, and we just like to have a nice array of those projects that we think people would be interested in. Currently in our offset portfolio we have various things from landfill gas to forestry projects. We have an interesting marine project, where it’s a project that makes marine shipping vessels more efficient and also protects some of the sea life. So, always some interesting stuff there.

But the water projects—and I’ll send you the link later—we have a project bank on our businessforwater.org website. So, we have a separate website that we send people to, that really, specifically talks about our water stewardship business engagements, and there’s a project bank, which we started because we were finding with water projects it was getting a little more difficult, whereas with carbon offsets and RECs, there’s almost an infinite supply.

But with water projects, it’s a little more difficult to match the needs of the funder or the person who wants to buy those water WRCs or invest in that type of water project. Trying to matchmake between the funder and the project can be quite difficult, trying to get something in their region, something where they have an impact, something that aligns with their goals and their ideals around what a water stewardship project should look like. So, we started this project bank and there’s now, just scrolling through it, several, maybe dozens of water projects that are in various stages of development.

So, some of them are done, some of them are in the middle, some of them still need funding, have funding gaps, but there’s some great—if you go to that link, again, which I’ll send you later—you can see examples of all these amazing water projects. And, again, we started this bank so that we could solicit water projects from other organizations who have projects that need funding, and then, so we can come in and help matchmake the funders to these projects.

IVAN: That’s wonderful. That’s businessforwater.org and we’ll link to that in the transcripts on our website. Is there one particular project that sticks out for you? Do you have a favorite?

HEATHER: A favorite water project?

IVAN: Yeah.

HEATHER: Oh gosh, there’s some really cool ones. Let me think about that. So, most of our water projects, historically, have been very much your traditional type water leasing type projects, where we’re buying water leasing rights to keep the water in the stream, instead of having it all go to irrigation. Those are very common types of water restoration projects, irrigation upgrades, things like that. We’ve recently branched out into more urban and green infrastructure-type projects, so there’s one we’re undertaking in Los Angeles, which is a green infrastructure project that’s a collaboration with Los Angeles City Council.

There’s a neighborhood association and also an organization called Heal the Bay, and we’re all working together to create this park that will have also an impact on the neighborhood. It will be a safe place for people to play and move, and there will be fitness stations, but the park itself will serve as a water quality improvement project in the Los Angeles River Watershed. So, that’s really exciting, that we’re going to be able to save hundreds of gallons of potable water that will serve this neighborhood, but also creating this safe and fun space for them to interact with. It’s turning what was just a block that had nothing on it, that was not a safe place to be, into something that will be a neighborhood gathering spot.

IVAN: When Hans Bjordahl, CEO of Culture Foundry, attended a talk on conscious capitalism at SXSW, little did he know it would make him question everything he’d been taught about doing business. You can’t just tack conscious capitalism onto a company, it must be baked into the leadership. In this clip from Episode 64, I’ve asked Hans to give us a definition of conscious capitalism. Listen.

HANS BJORDAHL: Conscious capitalism is a model that seeks to unlock the potential for social good and humanistic good in business. Not just do that as a feel good, let’s have a corporate giving program when we’re done counting our money,

but baking that concept right into the core of your company, and doing it in a structured way that actually yields better financial results at the end of the day. When I was first exposed to this system, I was at SXSW. John Mackey, who is one of the founders of this organization and an early champion and ongoing champion, was giving a talk about a book he wrote called Conscious Capitalism, and I’m like, This is interesting. It’s a fairly aggressive assertion that the way we’ve been doing business in this country is wrong, and that we need to evolve it to fit this different, and frankly, more difficult model of how business should work.

But it’s not just profit and loss. It’s things about core purpose and things about stakeholder orientation, conscious culture, conscious leadership. That these things can be defined. That they can be, to some degree, quantified, and that they can, through research, be shown to have not just an incrementally better return on investment, but an exponentially better return on investment. The research around it is still emerging, still evolving. The ideas have really caught fire because the hunger for this in business is acute. And everywhere I come across it, people who feel they have to be one person at home, and bring a different person to work, that they can’t integrate who they are with what they do, that’s a fundamentally unhealthy place to be.

And creating business environments where you can bring your entire genuine self to work and do that, hopefully, where there’s some social good that comes out of that, that’s a very compelling thing. That idea’s been around a long time, but it hasn’t been super structured. Now it’s getting more structured, and it’s getting more structured through conscious capitalism, through B-Corporations, through some of the work that Nick Hanauer is doing. He’s a Seattle billionaire who is making a very aggressive run at redefining what successful economics look like.

So, a lot of people are approaching this idea from slightly different directions. Conscious Capitalism was my introduction into that approach to business. Some of those tenets from the book I picked up directly and plugged them right into Culture Foundry. It’s been very useful to us in terms of how we want Culture Foundry to be, but I also think there’s an imperative worldwide, I won’t even stop at the borders of the U.S., but worldwide, to really think about business in this way, and very aggressively counter the traditional model that you only have an obligation to your shareholders and everyone else can take a hike, that everything else is a commodity.

This model is a broader stakeholder model where you need to accommodate clients, employees, partners, environment, community, and shareholders, but we’re going to slice this pie up many different ways, not just give everything to the shareholders and leave everyone else holding the bag.

IVAN: In my head, Jeff Geerling is the Pi Dramble guy. So, getting a chance to sit down with him and talk about Raspberry Pis and how he’s automated them, clustered them and bent them to his will was a lot of fun for me. In addition to being a lover of software and all things open source, he’s also an author. In Episode 77, I asked him about his latest book and what he’s currently working on.

IVAN: Now, in addition to all the hobbies you have, side projects, and so on, you are also an author, and I would love to hear about your latest book and the book that you’ve written on Kubernetes. What are you working on right now?

JEFF GEERLING: I love writing. I don’t know how many million words I’ve written in my life, on my blog and on other blogs and things, but I love writing. In 2013 or so, I think that’s when I started, I’ve always wanted to write a book my whole life, I want to write a book sometime. I think part of that was jealousy because my brother, when he was a kid, wrote a book and his book, you know, the 15 minutes of fame, his book caught fire and was a local very popular book. He sold maybe 15,000 copies or something. It was pretty cool being the little brother to the brother who wrote that cool book.

But I was also a little jealous, like, I want to do that too. But I also just love writing. I’ve always loved English and literature growing up, and I love reading and I love writing. So I put that together with the fact that Ansible didn’t have a book in 2014. I started in 2013, but in 2014 I’m like, There’s still no book for Ansible, and it’s really popular.

So I decided to start writing it with a goal that I would write 100 pages and sell 200 copies. And it was funny because I started writing it on a platform called Leanpub where you can publish it while you’re writing it and sell it while you’re writing it. And by the time I had written about 40 pages I already had sold 200 copies [laughing]. And then fast forward these many years later, it’s 2019, so it’s been in print for five years now, and I now sell it on Amazon and other places and it’s called Ansible for DevOps. And that book has sold over 22,000 copies and it’s now 480 pages, including a chapter on Kubernetes and a chapter on Docker and a couple examples that do Drupal.

One of them was inspired by the Raspberry Pi Dramble cluster. So, that was my first book effort, and it went incredibly well, and I was floored. There’s no word to describe, when you're like, I want to do this thing my whole life, and this is my goal. And then your goal is surpassed by 50 times over, and you get to meet awesome people because of it. It’s just so many cool things happened because of that book. It also helped my family.

We’ve wanted to remodel our kitchen and after writing the book and making some profit off of it, I was able to remodel the kitchen four years earlier than we thought we might be able to. That’s a huge change for our life, because our old kitchen was kind of hard with three kids, and the way that we live our life and stuff at home, especially since I work remote. And I’m at home all the time. We had an old cramped little kitchen, and we were able to get it better.

So, the book was just awesome. I don’t expect to have the same level of success, but who knows. You never know where it's going to lead. But I’m working on another book. I actually just finished the first chapter a few nights ago, and I have a structure for the rest of it, and I’m working on examples and chapters.

The next book is going to be called Ansible for Kubernetes, and maybe if Ansible is around in five years and there’s another game-changing cloud infrastructure thing, it’ll be Ansible for that and I’ll have a whole series out. But I’m working on that book. I haven’t published it yet. I probably will pretty soon. Even though it’s not finished, I’ll publish in-progress updates on Leanpub, but both of those books, if you go to ansiblefordevops.com or ansibleforkubernetes.com, those are the book sites. I love writing them.

And one of the best things about writing them in progress is for both books I’ve had a lot of interaction with the people who read it, and they can help me. If they’re interested in something, I can write about that. Or if they are like, “Your example didn’t work on my computer,” I can improve it before I actually make a published printed version that people will buy.

IVAN: As some of you may know, I grew up in South Africa only to immigrate to the United States at the turn of the millennium. As a result, my childhood friends are South African, and I was able to interview at least one of them for the show. Gareth van Onselen is a South African journalist, political analyst and author who joined me for Episode 78, right at the end of the year.

We try to stay clear from politics, but in this episode, I was all in. We mostly talked about South African politics, but in this clip, Gareth talks about former South African president Jacob Zuma and the parallels to politics in the United States.

IVAN: I’m glad now that I didn’t read it [van Onselen’s book on Jacob Zuma] back in 2014, because I don’t think I would’ve appreciated it as much as I do now. And mostly it shocks me how much of a parallel there is between Zuma and the current president here in the United States. At some points I was reading the book, and I wasn’t sure if I was reading something that was directed at Zuma, or something that was directed at Trump.

There’s this one place in the book where you say, “He can fill a vacuum with empty rhetoric, but once it is all done, you’re left wondering whether he has said anything at all.” Then you also go on to describe him as something of an ethical black hole. How did such a man become elected? Not once, but twice?

GARETH VAN ONSELEN: I would agree with you 100%. I think Jacob Zuma’s tenure is a brilliant template for what’s happening in the U.S. with Donald Trump. I think they are very similar in a lot of key respects. Not just in terms of the way in which they use or abuse popular sentiment to serve what is essentially an entirely personal political agenda, but in terms of the grand narrative of the entire tenure in office, and how these demagogues tend to affect the way in which society responds to them.

What actually happened with Jacob Zuma—and I think it’s not absolute but in a lot of ways very similar is happening in the United States—is essentially you get elected on a wave of popular appeal, which takes various different forms and has various different causes, but that’s the outcome. There’s some kind of populist zeitgeist that manifests, and you’re swept along by it if you’re this demagogic leader.

There’s then a process of the shattering of the illusion. And that shattering doesn’t happen to the opposition who never had any doubt as to your unsuitability for office. It happens to sections of your own support base. The nature of public office starts to reveal who you are, the demands of making hard, often neutral and magnanimous decisions which you’re kind of incapable of doing, because you’re demagogic, and biased in a certain way, start to reveal your true character.

Then there’s some fundamental problem, either a case of corruption or unethical behavior onto which your opponents then latch as a means to remove you from office. And it becomes a defining battleground along that particular issue. In the case of Jacob Zuma, it was his homestead in Nkandla, this abuse of taxpayers’ money. In the case of Trump, it’s Russia and impeachment and the various things that go about it. But that becomes the mobilizing point.

You then suck in all of civil society and independent institutions to help you deliver the outcome you want, the judiciary and so on and so forth. And how that plays out is yet to be known in the U.S., but that’s the way in which the narrative tends to unfold. As I’m saying all this, I’m realizing I’m going slightly sideways from the original question you asked.

IVAN: No, please keep going.

GARETH: You triggered a thought with regard to the overlap between the two, and I think Jacob Zuma is a real case study for democrats and conservatives in the U.S. to look at, because the narrative is playing out in hugely similar ways on a lot of different levels.

IVAN: Well, that’s it for 2019. Thank you for listening to our little podcast. We’re so glad that you join us as often as you do. We’ve got more in store for you this year, and hope you’ll join us as we continue to talk to interesting people from around the world. If you have a second, send us a message and tell us what you would like to hear in the coming year. Or, just send an email to say hi! Our email address is [email protected].

Until next time, this is Ivan Stegic. Thanks for listening.

Jan 07 2020
Jan 07

by David Snopek on March 13, 2019 - 1:36pm

As you may know, Drupal 6 has reached End-of-Life (EOL) which means the Drupal Security Team is no longer doing Security Advisories or working on security patches for Drupal 6 core or contrib modules - but the Drupal 6 LTS vendors are and we're one of them!

Today, there is a Less Critical security release for the Views 6.x-3.x module to fix an Cross Site Scripting (XSS) vulnerability.

This module enables you to create customized lists of data.

The module doesn't sufficiently sanitize certain field types, leading to a Cross Site Scripting (XSS) vulnerability.

This vulnerability is mitigated by the fact that a view must display a field with the format "Full data (serialized)" and an attacker must have the ability to store malicious markup in that field.

See the security advisory for Drupal 7 for more information.

Note: There are two other security advisories that were published today for Views on Drupal 7, but they don't affect Drupal 6.

Here you can download the Drupal 6 patch or the full release.

Note: This only affects Views 6.x-3.x -- not 6.x-2.x.

If you have a Drupal 6 site using the Views 6.x-3.x module, we recommend you update immediately! We have already deployed the patch for all of our Drupal 6 Long-Term Support clients. :-)

If you'd like all your Drupal 6 modules to receive security updates and have the fixes deployed the same day they're released, please check out our D6LTS plans.

Note: if you use the myDropWizard module (totally free!), you'll be alerted to these and any future security updates, and will be able to use drush to install them (even though they won't necessarily have a release on Drupal.org).

Jan 07 2020
Jan 07

Running a business is demanding. To be successful requires leadership be equipped with a broad range of skills from financial astuteness to empathy for staff. Whilst developers have ample resources from which to draw reference on best practice, for managers and business leaders knowledge gained is often be deemed competitive advantage and so kept secret or is accessed only through expensive training or courses.

Working in open source brings many benefits including the fostering of knowledge transfer that transcends merely code. It is to the benefit of all that business leaders in Drupal share this openness and are willing to reveal lessons learnt or formulae of success, that in other industries would remain behind closed doors. A fine example of this mindset is DrupalCamp London CXO, this years incarnation was no exception.

Prof. Costas Andriopoulos, Cass Business School, spoke about leadership and innovation in scaling enterprises. He explained that it’s far wiser to sort out your business early, when you are small and well ahead of scaling because what kills businesses is success, age and size.

Prof. Costas Andriopoulos


Success: breeds complacency, overstretching, even arrogance. All of these can be the downfall of your business.

Age: of leadership and team leads to them becoming slower, more stuck in your ways. Andriopoulos stated that curiosity drops with age — a child asks over 400 questions per day. By adulthood and towards later life this drops dramatically.

Size: brings bureaucracy, slowing the pace at which information disseminates. Layers of management become more risk averse. Humans are natural hoarders, it’s normal he says for people add but we hold on to things too long. This slows businesses down.

To maintain momentum in decision making he recommended all meetings and team sizes should be manageable — 4 or five, the best team is 2. There’s nowhere to hide here. You have to participate. In large meetings people repeat one another often or may say nothing at all.

Andriopoulos recommended when facing challenging projects do a pre-mortem. Split the team in two, half of them imagine the plans has been put in motion and failed terribly. Then write a story of what happened. The other half imagine that it succeeded and write their story of how that happened. Doing so equips you with a variety of scenarios to consider before the work beings.

Rasmus Lerdorf founder of the programming language PHP


Rasmus Lerdorf, founder of the programming language PHP, gave a potted history of how the language came to be and prospered. What struck me was how innovation and breaking free of the norm were key drivers. In the early days where hardware and networks were far slower than we know today, Rasmus questioned the merit of querying databases without the ability to reduce verbosity of responses. He introduced the “LIMIT” clause, something we all take for granted now, to introduce efficiency gains in early internet applications.

Upgrading to PHP 7 across the web would remove 7.5 BN Kg carbon dioxide emissions

Rasmus Lerdorf


This ethos remains today. Lerdorf stressed the importance of upgrading to PHP 7 or above as the dramatic performance improvements significantly reduce the physical hardware required to support PHP applications. Since PHP powers >70% internet sites, our efforts combined will contribute to he estimates a 15B KWH energy savings and 7.5 BN Kg less carbon dioxide emissions.

Michel Van Velde, founder of One Shoe agency


Michel Van Velde, founder of One Shoe agency, spoke openly of the challenges his business faced in 2017 and how a combination of reading and hiring a personal coach helped him evolve his approach to leadership, behaviour and in doing so the actions of his staff.

His presentation was a shining example of how business leaders in open source act differently. Whilst on the face of it counterintuitive, by sharing how he overcame adversity in his life with his potential competitors, what Michel was actually doing was helping his peers to avoid these pains meaning we all rise. Doing so he is contributing to a virtuous circle.

Van Velde put his success in 2018 down to a combination of three factors, rooted in knowledge of three leadership models and an appreciation of how to apply them to his circumstances.

The Drama Triangle: defines any conflictual situation to have victim, rescuer, persecutor. An oversimplification is to say a victim typically takes the “poor me!” stance, Rescuers are those who might choose to say “Let me help you!”, Persecutor adopts the “It’s all your fault!” stance.

Radical Candor: is the ability to Challenge Directly and show you Care Personally at the same time. “Radical Candor really just means saying what you think while also giving a damn about the person you’re saying it to”

Transactional Analysis: considers that we each have internal models of parents, children and also adults, and we play these roles with one another in our relationships. If we grow an appreciation in our daily conversations, meetings and conflicts what state we and others are in (parents, children, adults) we can begin to realise how to avoid or deal with conflict.

Van Velde explained that by rewiring how he dealt with his staff not meeting expectation, dealing with situations in such a way to offer his team the opportunity to realise their shortcomings themselves, providing opportunities to address their behaviour he was creating a positive environment in which his staff could grow.

Melissa Van Der Hecht’s presenting on “Why we need to be more open about diversity in tech”


Melissa Van Der Hecht’s presentation on “Why we need to be more open about diversity in tech” was a breath of fresh. I can never hear enough on this topic. I found her angle refreshing.

Rather than specifying diversity through gender, race, religion she saw diversity as that which makes us stand out, what makes us special. She talked about the fact that as a female in tech you have to work harder, a lot harder, to convince men you are worthy of respect and have your ideas recognised as having merit. Van Der Hecht said this is unrelenting. At best exhausting and worst leads to burnout, reporting those from minority groups suffer double burnout rates over those in the majority.

Van Der Hecht went on to explain that unconscious bias really hard to adjust. She spoke of the “Surgeon’s dilemma”, a test for unconscious bias and admitted she fell for this riddle. I compel you to take the test, how did you fare?

Watch this short video, as a further example used in the presentation illustrating the point. For me, rather than despair, it actually gave hope that generations soon entering the workplace could bring a tidal wave of impressive minds.

[embedded content]


Van Der Hecht highlighted that diverse teams are more productive, more innovative and creative. There is a strong correlation between diversity and increased innovation.

According to Forbes.com companies with more diverse teams reported 19% higher revenue due to innovation


I always remember Erynn Petersen, Executive Director of Outercurve an OSS foundation, speaking at DrupalCon Austin. She cited data showing that diversity leads to better performance in business. It’s hard to ignore these facts, unwise not to act upon the evidence.

I couldn’t help but notice while Melissa was speaking to an audience of ~100 people, only 3 were female, few of mixed race. True they were from across Europe, but the male dominance alone was striking. The Drupal is committed to diversity, during the weekend event it was striking to me how more diverse the attendee mix was. There is clearly a way to go in terms of fostering diversity in management, agency leadership. We should all consider how in our businesses we create cultures which foster diversity. We all have a lot to benefit from that.

I’ve strived in our business to create a culture which embraces all. It takes time and we are constantly learning, listening and evolving. These things don’t happen overnight and take commitment and a willingness to change.

We are fortunate in Drupal to have a vast community with many inspiring contributors from diverse backgrounds. Next time you are on Slack, at a meetup, DrupalCamp or Con why not take time out to open a conversation with someone quite different to you. It’s quite possible you’ll begin to realise being different is what makes them special. Thanks Melissa!


Jan 07 2020
Jan 07

Happy New Year!!! Our normally scheduled call to chat about all things Drupal and nonprofits will happen Thursday, January 16, at 1pm ET / 10am PT. (Convert to your local time zone.)

This month, in addition to our usual free-for-all, we'll be talking about Drupal and CiviCRM.  Have you got it up and working your Drupal 8 site? For those of us still working in Drupal 7, what can or should we doing to prepare for the inevitable upgrade? What are your favorite resources for working with these two systems?  Come share your experiences!

Feel free to share your thoughts and discussion points ahead of time in our collaborative Google doc: https://nten.org/drupal/notes

We have an hour to chat so bring your best Drupal topics and let's do this thing!

This free call is sponsored by NTEN.org but open to everyone.

REMINDER: New call-in information -- we're on Zoom now!

  • Join the call: https://zoom.us/j/308614035
    • Meeting ID: 308 614 035
    • One tap mobile
      • +16699006833,,308614035# US (San Jose)
      • +16465588656,,308614035# US (New York)
    • Dial by your location
      • +1 669 900 6833 US (San Jose)
      • +1 646 558 8656 US (New York)
  • Follow along on Google Docs: https://nten.org/drupal/notes
  • Follow along on Twitter: #npdrupal

View notes of previous months' calls.

Jan 06 2020
Jan 06

Whether you’ve just recently built a new site, or you are in charge of maintaining an existing one, it’s critical to leverage the most you can out that site on an ongoing basis. As the internet grows and audience needs change, your site needs to be maintained and adapted over time. Sites can also be expensive to upgrade if not properly cared for (think of not performing regular maintenance on your car for several years until finally it breaks in an expensive way).

And yet, most organizations don’t have the money to redo a site more than once every three or four years. Sometimes they often don’t have the money to hire someone in-house to maintain the site beyond content updates. Who takes care of your security updates, or changes to modules or plugins so that your site doesn’t break?

That’s where quality website support and maintenance comes in. A good support agency can make your site last a long time past its creation date and keep it fresh until it’s time for the next rebuild and redesign.

Here’s are the top five things to look for when hiring for outside website support:

  1. Make sure they have a dedicated support team or department. Don’t go with an agency that simply pulls people off of regular design or development build projects to do support tickets on the side. Your site won’t get the same attention or care, since they consider support more of a side gig rather than an important part of their business model. Make sure the agency has a dedicated team that is committed to and organized around supporting sites.
  2. Look for transparency in billing. Make sure you understand the billing options. Most companies will offer different levels of packages, each with a set number of hours. If you have a site with a lot of traffic and ecommerce for selling items to customers, you’re going to want immediate service if something goes wrong vs. a site that’s more informational and can wait a few hours before a fix is implemented. Understand the levels of service you’re getting and the differences in costs for the timeliness of the response. Also ask what happens with any unused hours paid for in advance: do they rollover to the next month, or are they “use it or lose it?”
  3. Ask if you can talk to a human if needed. All agencies use (or should use) a ticketing system in order to track support requests. Ticketing systems allow for transparency, accountability, and clarity on what is being addressed and when. While these systems are tremendous for tracking the progress of an issue as it gets fixed, using them exclusively can be frustrating if something is hard to explain via text. Ask the agency if you’re allowed to hop on a call with one of their support staff, or the Project Manager, for advice and guidance. Often you can save time and increase clarity to simply have a conversation with a human. Plus it’s nice to establish a relationship with the person in charge of keeping your site running smoothly.
  4. Check that there’s a diverse range of talent within the team. Most developers can do module, plug in and security updates. But can they do any front-end work? What if the theme breaks, or you need a new page design? You might need more than code updates. Go for a more diverse and creative team that has experience with feature development as well as creative enhancements to cover all the range of items you might need.
  5. Determine how important it is if they work in your time zone. Talented designers and developers are all over the globe, but it can be tough to get fast responses from people in time zones very far off from yours. What happens if you need something right away, but it’s the middle of the night for them? If you’re in Hawaii, for example, you may not want to have an east coast agency handle your support. Ask the agency what their hours are, and try to get serviced in as close to your time zone as possible.

Following these tips will help give you confidence that you are asking the right questions and finding the right support services to fit your organization.

If you’re interested in learning more about Kanopi’s support offerings, contact us. We have dedicated support teams for both Drupal and WordPress, with a diverse staff who can cover anything you need. We also do it very well. Our hours are 9:00 am to 5:00 pm your local time in North America . . . and that counts for Hawaii!

Jan 06 2020
Jan 06

The templating engine of Drupal 8 has seen a massive turnaround. Unlike Drupal 7, there’s Twig in Drupal 8 instead of PHPTemplate. Twig is basically a templating language for PHP i.e a tool used to output variables inside HTML. Fabien Potencier, the creator of the Symfony framework, gave life to Twig. Contrary to Drupal 7, you cannot call the regular PHP functions in your templates in Drupal 8. The way forward, in Drupal 8, is to create filters and functions.

Icon resembling human wearing blue shirt standing in front of a white board explaining Twig Extension in Symfony and Drupal

Twig extension gives more flexibility to process nearly anything inside the twig. Twig can be extended in many ways such as tags, filters, operators, global variables, and functions.

One of the major plus points of creating a twig extension in Drupal 8 is in the view.

Drupal 8 views can often be more challenging in the case where you want to perform operations on the value or need to process the content in the field. When you need to write code often, try to reuse it rather than writing it from scratch every time.

You must use a filter when you want to transform the data you want to display. Imagine you have a title that you always want to be capitalized. For example, twig has the capitalize filter that allows you to transform any text into its equivalent in uppercase.

I came across Twig Extension during one of my E-commerce projects where I had to print dynamic currency name. Drupal Commerce allows only 3 characters long currency code and they have also implemented their own Twig Extension to convert Price object into equivalent price format. So to handle this case where I have to show currency name with more number of characters, I had implemented my own Twig Extension. Similarly, there are several other cases where these Twig Extension can be very handful.

Let’s see an example where we will create a filter that will allow us to count the number of words in the article. The process of creating filters and functions is exactly the same as normal Twig. Also, you can use word count to display the reading time of the article or any other use case as per the requirement.

The main difference between regular Twig and Drupal 8 Twig is that, in Drupal 8, you must create a service definition of the class you are creating and the class must also belong to a namespace, otherwise it will not be registered as a Twig filter in the Drupal environment.

This example assumes you have a module called:


This will be the basic definition of the inn service.

    class: Drupal\twig_word_count_extension\TwigExtension\TwigWordCountExtension
      - { name: twig.extension }

The key tags are also absolutely necessary and that is what Drupal tells you what this class is supposed to do (that is, register it as an extension of Twig).

And now the source code that should be placed in the path defined in the class service definition key.


namespace Drupal\twig_word_count_extension\TwigExtension;

use Twig_Extension;
use Twig_SimpleFilter;

class TwigWordCountExtension extends \Twig_Extension  {
   * This is the same name we used on the services.yml file
  public function getName() {
    return 'twig_word_count_extension.twig_extension';

  // Basic definition of the filter. You can have multiple filters of course.
  public function getFilters() {
    return [
      new Twig_SimpleFilter('word_count', [$this, 'wordCountFilter']),
  // The actual implementation of the filter.
  public function wordCountFilter($context) {
    if(is_string($context)) {
      $context = str_word_count($context);
    return $context;

Clear your caches and now, if everything goes according to plan, you can use the filter in your templates.

{{ "shuffle me!" | word_count }} {# Return 2. #}

Note: If these twig extensions don’t have other service dependencies (i.e. if you don't inject services in them), the performance is not affected. However, if these extensions have lots of complex dependencies, for example, say those making database connections or perform heavy operations, the performance loss can be significant.

To avail help from our experts for your Drupal projects, you can check out our suite of services. You can also talk to us at [email protected].

Remove /web part from a Composer based Drupal site

Jan 03 2020
Jan 03
Jan 02 2020
Jan 02

Site owners and administrators often want to send emails to users telling them about content creation or changes. This sounds basic, but there are a lot of questions. What exactly needs to be accomplished? Some examples could include:

  • Send notifications to authors when their content is published.
  • Send notifications to authors when users comment on it.
  • Send notifications to administrators when content is created or updated.
  • Send notifications to site users when content is commented on.
  • Mail the content of a node to site users when content is created or updated.
  • And the list goes on…

The first step in assessing solutions is to identify the specific need by asking the following questions:

Who needs to be notified? 

  • So many options! It could be an editor, the author, all site users, all site users of a given role, a specific list of users, anyone who commented on the node, or anyone who subscribed to the node.

When should notifications be created?

  • A little simpler, but it could be when the node is created, when it is published, or when it is commented on. A message might be initiated every time the action happens, or postponed and accumulated into a digest of activity that goes out once a day or once a week or once a month.

When should notifications be sent?

  • This could be immediate, sent to a queue and processed on cron, or scheduled for a specific time.

What should deliver the notification?

  • Is it both possible and feasible for the web server to be responsible for delivering the notification? Does a separate server need to deliver the mail, or perhaps a third party mail delivery service needs to be used? 

How should recipients be notified?

What should recipients receive?

  • Notifications could be just messages saying that the node has been created, changed, or published. It might include a summary of the node content, or the entire content of the node could be sent in the email. This could also be a digest of multiple changes over time.

How much system flexibility is required?

  • This could encompass anything from a very simple system, like a fixed list of users or roles who are always notified, all the way to complicated systems that allow users to select which content types they want to be notified about, maybe even allowing them to subscribe and unsubscribe from specific nodes.

Clarifying the answers to these questions will help define the solution you need and which module(s) might be options for your situation. There are dozens of modules that have some sort of ability to send emails to users. While I did not review all of them, below are reviews of a few of the most widely-used solutions.

Note: There are also several ways to use the Rules module (possibly in conjunction with one of these solutions), but I did not investigate Rules-based solutions in this collection of ideas. 

Admin Content Notification

The Admin Content Notification module is designed to notify administrators when new content is created, but it can also be used to notify any group of users, administrators or not. The configuration allows you to choose either a hard-coded list of email recipients or send notifications to all users that have one or more specified roles. Since you can send notifications to users by role, you could create a new ‘email’ role and assign that role to anyone who should be notified.

Some of the capabilities of this module include:

  • Selecting content types that should generate notifications.
  • Choosing whether to send notifications only on node creation or also on updates, and whether to notify about unpublished nodes or only published nodes.
  • Selecting roles that have permissions to generate notifications.
  • Selecting either a hard-coded list of email addresses OR a list of roles that should receive notifications.
  • Creating a notification message to send when content is created or changed.
  • Adding the node content to the message by using tokens.

The settings for this module are in an odd location, in a tab on the content management page.

This module is extremely easy to set up; just download and enable the module and fill out the configuration settings. Because of its simplicity, it has little flexibility. All content types and situations use the same message template, and there is no way for users to opt in or out of the notifications. There is no integration with changes in workflow states, only with the published or unpublished status of a node. This module provides no capability to send notifications when comments are added or changed. If this capability matches what you need, this is a very simple and easy solution.

Workbench Email

Workbench Email is part of the Workbench collection, but it also works just with core Content Moderation. This module adds the ability to send notifications based on changes in workflow states. 

You begin by creating any number of email templates. In each template, you identify which content types it applies to, who should get emailed, and what the email should contain. The template uses tokens, so you can include tokens to display the body and other custom fields on the node in the message.

Once you’ve created templates, you edit workflow transitions and attach the templates to appropriate transitions. The screenshot below is a bit confusing. The place where it says Use the following email templates is actually below the list of available templates, not above the list. In this example, there is only one template available, called Notification, which has been selected for this transition.

Documentation for the Drupal 8 version does not exist and the screenshots on the project page don’t match the way the site pages look. There is, however, good integration with core Workflow and Content Moderation, and there is a certain amount of flexibility provided in that you can create different messages and send messages to different people for different transitions. There is a documented bug when uninstalling this module, so test it on a site where you can recover your original database until you decide if you want to keep it! This module provides no capability to send notifications when comments are added or changed.

Comment Notify

This module fills a gap in many of the other solutions: a way to get notified about comments on a post. It’s a lightweight solution to allow users to be notified about comments on content they authored or commented on. Configuration is at admin/config/people/comment_notify:

The module has some limitations:

  • Only the author can automatically receive notices about all comments on a thread.
  • You won’t receive notices about other comments unless you add a comment first.
  • You can only unsubscribe to comments by adding another comment and changing your selection.
  • There is only one template and it applies to all content types.
  • You can’t automatically subscribe groups of users to notifications. Each user manages their own subscriptions.

With the above restrictions, the module is an easy way to get the most obvious functionality: be notified about comments on content you created, and be notified about replies to any comments you made. This module could be combined with solutions that only provide notifications about changes to nodes for a more comprehensive solution.

Message Stack

The Message Stack is an API that you must implement using custom code. Unlike the above modules, this is absolutely not an out-of-the-box solution. It’s much more complex but highly flexible. Much of the available documentation is for the Drupal 7 version, so I spent quite some time trying to understand how the Drupal 8 version should work. 

The Message module creates a new “Message” entity. Your custom code then generates a new message for whatever actions you want to track—node creation or updates, comment creation or updates—all using Drupal’s hooks. You can create any number of token-enabled templates for messages, and implement whichever template applies for each situation in the appropriate hook. Using a separate module in the stack, Message Notify, you choose notification methods. It comes with email or SMS plugins, and you can create other notification methods by creating custom plugins. A third, separate module, Message Subscribe, is used to allow users to subscribe to content using the Flag module. You then create custom code that implements Drupal hooks (likehook_node_insert()) to create the appropriate message(s) and send the messages to the subscriber list.

One head-scratcher was how to set up the module to populate the email subject and message. You do it by creating two messages in the template. The first contains text that will go into the email subject, the second contains the text for the email body. You’ll see two new view modes on the message, mail_body and mail_subject. The subject is populated with Partial 0 (the first message value), the body with Partial 1 (the second message value).

Another thing that took me a while to get my head around is that you designate who the message should be sent to by making them the author of the message, which feels odd. "Author" is a single value field, so if you want to send a message to multiple people, you create a basic message, clone it for each recipient, and change the author on the cloned version for each person on the list to send them their own copy of the message. This way each recipient gets their own message, making it possible to dynamically tweak the specific message they receive.

The Message Subscribe module does all that work for you, but it’s useful to know that’s what it’s doing. It creates Flag module flags that allow users to select which content they want to be notified about and hooks that allow you to alter the list of subscribers and the messages each receives in any way you like. That means that your custom code only needs to create the right message in the right hook. If you want the message to just go to the list of people who already subscribed to the content, you do something like this:

 * Implements hook_node_update().
function mymodule_node_update(Node $node) {
  $message = Message::create([
    'template' => 'update_node',
    'uid' => $node->getOwnerId(),
  $message->set('field_node_reference', $node);
  $message->set('field_published', $node->isPublished());
  $subscribers = \Drupal::service('message_subscribe.subscribers');
  $subscribers->sendMessage($node, $message);

You can also add to or alter the list of subscribers and/or the specific text you send to each one. To add subscribers, you create a DeliveryCandidate with two arrays. The first is an array of the flags you want them to have, the second is an array of notification methods that should apply. This is very powerful since you don’t have to wait until users go and subscribe to each node. You can “pseudo-subscribe” a group of users this way. This is probably most applicable for admin users since you might want them to automatically be subscribed to all content. Note that this also eliminates any possibility that they can unsubscribe themselves, so you’d want to use this judiciously.

 * Implements hook_message_subscribe_get_subscribers().
function mymodule_message_subscribe_get_subscribers(MessageInterface $message,
array $subscribe_options, array $context) {
  $admin_ids = [/* list of uids goes here */];
  $uids = [];
  foreach ($admin_ids as $uid) {
    $uids[$uid] = new DeliveryCandidate([], ['email'], $uid);
  return $uids;

A lot of configuration is created automatically when you enable the Message Stack modules, but some important pieces will be missing. For instance, message templates and fields might be different in different situations, so you’re on your own to create them.

I created a patch in the issue queue with a comprehensive example of Message, Message Notify, and Message Subscribe that contains the code I created to review these modules. It’s a heavily-commented example that creates some initial configuration, combines code from all the Message example modules, is updated with information I derived from various issues and documentation that I found after searching the Internet and a bunch of trial and error in my test site. It’s a comprehensive alternative to the other examples, which are pretty basic, and should answer a lot of the most common questions about how to configure the module. I included lots of ideas of things you can do in the custom code, but you’ll probably want to remove some of them and alter others using what’s there as a starting point for your own code. Read the README file included in that patch, visit the configuration pages, and review the example code for more ideas of how to use the stack. 

Note that I ran into several issues with Message Subscribe and submitted potential patches for them. Most of them related to the Message Subscribe Email module, and I ultimately realized I didn’t even need that module and removed it from my example. I found an easier way to email the subscribers using just one line of code in my example module. The remaining issue I ran into was one that created serious problems when I tried to queue the subscription process. I suggest you review and use that patch if you alter the list of recipients and use the queue to send messages.

Which module to use?

That’s it for the modules I reviewed this time. Which one(s) should you use? This is Drupal! Take your pick! There are many ways to solve any problem.

Seriously, it really comes down to whether you want something out-of-the-box that requires little or no code, or whether you need more customization and flexibility than that. 

In summary:

  • If you want an easy, out-of-the-box, solution to notify users about published content and comments, a combination of Admin Content Notification and Comment Notify could work well.
  • If you need to notify users about changes in workflow states, Workbench Email is an easy solution.
  • If you need a highly customized solution and you are comfortable writing code and using Drupal’s APIs, the Message stack has a lot of potential.

For my project, an intranet, I ultimately selected the Message stack. I created a public repository with a custom module,  Message Integration, that integrates the Message stack with Swiftmailer and Diff to automatically subscribe all users to new nodes and email the subscriber list with the node’s content when nodes are published, a diff of the changes when new revisions are created, and the text of new comments on nodes they subscribe to. The code is too opinionated to be a contrib module, but it could be forked and used on other sites as a quick start to a similar solution.

Any of these modules (and probably lots of others) might work for you, depending on the specific needs of your site and your ability and desire to write custom code. Hopefully, this article will help you assess which modules might fit your communication needs, and provide some comparison for any other solutions you investigate.

Introducing the Media Entity File Replace module

Jan 01 2020
Jan 01
Dec 30 2019
Dec 30

Our company is hosting a 2019 Drupal Community DevOps Survey to determine the community’s use of DevOps currently and tracking progress over time. We’re excited to utilize these results in our presentations this year, especially at DrupalCon Seattle this April!

This survey hosted on measure.team created by Last Call Media.

To see some current progress shots of the survey, please visit our DevOps Results blog.

The survey will collect responses until Last Call Media presents at DrupalCon Seattle, but as soon as you take the survey, the results change.

How does your involvement align with the community’s?

Dec 27 2019
Dec 27

Change is the only constant. That’s the lesson we need to adopt when it comes to embracing Drupal 8 and migrating from Drupal 7. Since the launch of Drupal 8 in 2015, many new challenges have emerged among developers and one of them includes forking Drupal.

Three forks and their shadows falling on a green background

Quoting Dries' opinion on embracing change:

“The reason Drupal has been successful is because we always made big, forward-looking changes. It’s a cliché, but change has always been the only constant in Drupal. The result is that Drupal has stayed relevant, unlike nearly every other Open Source CMS over the years. The biggest risk for our project is that we don't embrace change.”

What is Backdrop CMS?

Backdrop CMS logo with the word ‘backdrop’ written on left and black and white coloured square on right

Backdrop is a Content Management System (CMS) which can be put to use when designing a wide variety of websites from a single administrator's personal blog site to an intricate, multi-role business e-commerce site. It is the perfect fit for comprehensive non-profit, educational, corporate, or government websites.

Being a tool for structuring websites, the core Backdrop CMS package aims to include many useful features, but only those that are necessary for the majority of sites using it. Backdrop can be extended with the addition of modules, themes, and layouts which are easy in nature.

In a way, it allows non-technical users to manage a wide variety of content. It is feature-compatible with Drupal 8 (containing things like Configuration Management Initiative(CMI), WYSIWYG & Views in core), but is built on APIs more similar to those found in Drupal 7.

Evolution of Backdrop CMS

Backdrop CMS started its existence as an offshoot of Drupal. Although Backdrop originates from a common codebase with Drupal, its philosophy and organisation are distinct. Backdrop follows a policy of concentrated releases that account feedback from the community. 

Essentially, for the small to medium sized businesses, non-profits, educational institutions, or any other organisations, who are in need of a comprehensive website on a budget, Backdrop CMS is easy to build and extend. 

Advantages of Backdrop CMS

Both, Backdrop and Drupal projects have different end goals, but emerging from the same original code base, there are areas in which collaboration can benefit both projects. 

  • Along with easier updates, Backdrop is backwards compatible. Backdrop attempts to keep API change to a minimum in order for contributed code to be maintained easily, and for existing sites to be updated affordably.
  • Being simple in its structure, backdrop lets you write code for the majority. It aims to be easy to learn and build upon, even for those with a minimal amount of technical knowledge. Direct implementations are chosen over abstraction, and how things work can be immediately clear and easily documentable.
  • The focus is to include features for the majority. Backdrop core only includes features and tools that benefit the majority of sites that are running it. Also, Backdrop aims to include opinions from individuals who attend trainings, meetups, and camps as well as real-world engagements with consumers.
  • Backdrop can be extended. Backdrop aims to provide a powerful core that can be readily extended through custom or publicly available contributed modules. These additional modules provide desired features that are not incorporated in core due to their complexity or use cases that are too specific.
  • Rendering great performance, Backdrop has low system requirements. Backdrop runs on affordable hosting with very basic requirements. This means not chasing popular trends in technology, but instead adopting common, proven, and learnable systems.
  • Backdrop lets you plan and schedule releases. Each release contains a planned set of features, and is released on time. If a feature is not ready in time for a specific release, the feature gets postponed, but the release is delivered on time. 
  • It gives the freedom to remain free and open source. All codes included with Backdrop are under an Open Source license that allows anyone to use it for free, regardless of their beliefs or intentions.

Why fork Drupal?

There are lots of reasons why Drupal was forked to create Backdrop. These are the most notable ones:

Technical Gap

Though many features in Drupal 8 are identical to those in Drupal 7, the code underneath has little to share resemblance with the Drupal of yesteryear. Developers value maintaining the code that has a proven success rate rather than drifting from the track record of the success.

Coding Principles

The Backdrop community may vary from the Drupal community on some issues that they regard higher, and vice versa. As the principles diverge, so does the code. This justifies the existence of Backdrop.

Niche Audience

Backdrop CMS is dedicatedly targeted at small to medium-sized businesses, non-profits, and education. It best serves the kinds of organisations that need complex functionality, but on a budget.

Graphical representation with blue and green coloured regions to show Drupal evolution from Drupal 6 to Drupal 8 and emergence of Backdrop after Drupal 8Source: Quora

Case Studies

The NorCal Hunter Jumper Association is a not-for-profit recreational sports organization that was looking for a better viewing website experience for the membership, mainly on tablets and mobile devices. The new site also needed to be easy for the board and administrators to update and manage. Further, they planned to move board membership nominations, voting, general surveys, and other forms onto the website in the future, including forms that may need credit card processing. Thus, Backdrop was chosen as the medium to integrate all these requirements and following were the results:

  • A finer viewing experience for the members on tablets and mobile devices.
  • Easier updates and management for the board and administrators.
  • Flexible in adding features as the needs of the organization grows.
  • Easy to integrate with other web services.
  • Affordable maintenance and long-term development costs.
A picture of a woman sitting on a horse in the middle of a group of people with tabs on the top of the homepage of NorCal Hunter’s website

BGP Site Solutions is a group of business sites showcasing web publishing experience.

Founded in 2003, BGP Site Solutions has managed nearly 100 web properties with vast experience in performance-based online marketing (Cost per Lead, Cost per Acquisition, Cost per Click), white-hat organic search engine optimization, and web publishing in the marketing verticals of post-secondary education, home services, insurance (auto/health), wine, diet/weight loss/health, financial services, dating, and eldercare/senior services. 

On the other hand, formed in 2011, Authority Media is a leading publisher of career training web properties. The AM goal was to be the most authoritative source of information in each post-secondary education category in which they operate.  

These sites were formerly separate WordPress sites and were hacked multiple times. Thus, security of the website was the need of the hour. 

Since these are both fairly small sites, combining them into a single codebase site offered savings in terms of hosting and maintenance costs. And the multi-site feature offered by Backdrop CMS seemed like the perfect fit.

Two types of services described in two columns below the three hands picking the red coloured screw fittings on the BGP Site Solutions’ website’s homepage

Final Thoughts

Drupal 8 is a huge departure from anything the Drupal community has released in the past and it’s a move towards the enterprise.

Backdrop is not about users but about developers facing challenges in adapting and investing their time to further improve the Drupal platform. That’s where Backdrop aims to fill the gap left and attempting to maintain connectivity and cohesiveness with the larger Drupal community.

Thus, both Drupal 8 and Backdrop are trying to address the problem, in fundamentally different ways.

Still confused? OpenSense Labs provides steadfast solutions and services to empower digital innovation for all enterprises.
Ping us at [email protected] and let us know how we can help you achieve your digital goals.

Guide to the Drupal 8.8 Update

Dec 20 2019
Dec 20
Dec 19 2019
Dec 19

Holiday gift: Automatic Updates

As of today, the Automatic Updates contributed module for Drupal 7 and Drupal 8 has had its first stable release! This represents the completion of Phase 1 of the Automatic Updates Initiative, and the culmination of more than 18 months of work.


Please note: this phase 1 work provides automatic update coverage for many scenarios, but not for every Drupal use case.

With this phase 1 release you can:

  • See Drupal PSAs that the security team determines are highly critical directly in your administrative interface.
  • Run readiness checks to determine if your site is eligible for automatic updates (is the filesystem writable, no custom edits to updated files, etc).
  • Automatically update Drupal 7 and Drupal 8 sites
    • Current limitations
      • Updates Drupal core, but not contributed projects
      • Right now, can update only if the sites are not built or maintained with Composer 
      • Database updates are supported in Drupal 8, but not supported in Drupal 7 (if there are DB updates, an automatic update in D7 will be rolled back)

The Automatic Updates module will not be an official solution until the second phase is complete and the feature becomes part of Drupal Core. However, we believe that even as a contributed module Automatic Updates provides a significant improvement in maintenance and cost of ownership for a broad base of existing Drupal 7 and 8 sites, particularly those managed by small, independent site owners.


The second phase of this initiative will focus on solving the remaining requirements and getting automatic updates ready for inclusion in Drupal core. The outstanding requirements include:

  • Support for Composer-built sites
  • Support for contributed modules and themes
  • Support for a more robust roll-back process
  • More robust support for database updates

We are currently seeking sponsors for the second phase of this initiative, so please reach out to us at the Drupal Association if you'd like to support this work!

Many thanks!

Thank you to these individuals:

And to these organizations:

Dec 18 2019
Dec 18
Project: Drupal coreVersion: 8.8.x-dev8.7.x-dev7.x-devDate: 2019-December-18Security risk: Critical 17∕25 AC:Basic/A:User/CI:All/II:All/E:Proof/TD:UncommonVulnerability: Multiple vulnerabilitiesDescription: 

The Drupal project uses the third-party library Archive_Tar, which has released a security improvement that is needed to protect some Drupal configurations.

Multiple vulnerabilities are possible if Drupal is configured to allow .tar, .tar.gz, .bz2 or .tlz file uploads and processes them.

The latest versions of Drupal update Archive_Tar to 1.4.9 to mitigate the file processing vulnerabilities.

Edited to clarify the nature of the upstream release.


Install the latest version:

Versions of Drupal 8 prior to 8.7.x are end-of-life and do not receive security coverage.

Additional information

All advisories released today:

Updating to the latest Drupal core release will apply the fixes for all the above advisories.

(Note that this SA is the only one in the list that applies to Drupal 7.x)

Reported By: Fixed By: 
Dec 18 2019
Dec 18
Project: Drupal coreVersion: 8.8.x-dev8.7.x-devDate: 2019-December-18Security risk: Moderately critical 10∕25 AC:Basic/A:User/CI:Some/II:None/E:Theoretical/TD:DefaultVulnerability: Access bypassDescription: 

The Media Library module has a security vulnerability whereby it doesn't sufficiently restrict access to media items in certain configurations.

  • If you are using Drupal 8.7.x, you should upgrade to Drupal 8.7.11.
  • If you are using Drupal 8.8.x, you should upgrade to Drupal 8.8.1.

Versions of Drupal 8 prior to 8.7.x are end-of-life and do not receive security coverage.

Alternatively, you may mitigate this vulnerability by unchecking the "Enable advanced UI" checkbox on /admin/config/media/media-library. (This mitigation is not available in 8.7.x.)

Additional information

All advisories released today:

Updating to the latest Drupal core release will apply the fixes for all the above advisories.

Reported By: Fixed By: 
Dec 18 2019
Dec 18
Project: Drupal coreVersion: 8.8.x-dev8.7.x-devDate: 2019-December-18Security risk: Moderately critical 14∕25 AC:Basic/A:Admin/CI:Some/II:All/E:Theoretical/TD:DefaultVulnerability: Multiple vulnerabilitiesDescription: 

Drupal 8 core's file_save_upload() function does not strip the leading and trailing dot ('.') from filenames, like Drupal 7 did.

Users with the ability to upload files with any extension in conjunction with contributed modules may be able to use this to upload system files such as .htaccess in order to bypass protections afforded by Drupal's default .htaccess file.

After this fix, file_save_upload() now trims leading and trailing dots from filenames.


Install the latest version:

  • If you use Drupal core 8.7.x: 8.7.11
  • If you use Drupal core 8.8.x: 8.8.1

Versions of Drupal 8 prior to 8.7.x are end-of-life and do not receive security coverage.

Additional information

All advisories released today:

Updating to the latest Drupal core release will apply the fixes for all the above advisories.

Reported By: Fixed By: 
Dec 18 2019
Dec 18
Project: Drupal coreVersion: 8.8.x-dev8.7.x-devDate: 2019-December-18Security risk: Moderately critical 12∕25 AC:None/A:None/CI:None/II:None/E:Theoretical/TD:AllVulnerability: Denial of ServiceDescription: 

A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are rebuilt.


Install the latest version:

Versions of Drupal 8 prior to 8.7.x are end-of-life and do not receive security coverage.

To mitigate this issue in any version of Drupal 8, you can also block access to install.php if it's not required.

Additional information

All advisories released today:

Updating to the latest Drupal core release will apply the fixes for all the above advisories.

Reported By: Fixed By: 
Dec 17 2019
Dec 17

Developer portals need three kinds of great content to succeed. 

  1. API Documentation

  2. Technical Documentation

  3. Marketing Content

Content is being consumed differently now than it was in the past. Dense long-form, bespoke technical communication is going away. Clear, highly visual , easy to read content is taking the lead.  When building a developer portal, content quality and organization needs to be a high priority for your team. .   

API Documentation

Dec 17 2019
Dec 17

Read our Roadmap to understand how this work falls into priorities set by the Drupal Association with direction and collaboration from the Board and community.

Writing this here in the United States, after having enjoyed the Thanksgiving holiday with friends and family, reminds me of how much we have to be thankful for in the Drupal community. We have a wonderful international community with incredible talent and thoughtfulness that goes into building software that touches millions of people. #DrupalThanks.

Project News

Reminder: Drupal 8.8.0 has been released! 

With the release of Drupal 8.8.0 comes some great improvements, including a stable Media Library and new experimental Administration UI called Claro, and a new Composer scaffold that means that even sites started from the tar.gz archive will be Composer ready.

Time to get ready for Drupal 9

The time is now to get ready for Drupal 9; it'll be here before you know it. To learn the latest about Drupal initiatives, follow @DropisMoving.

If you are a site owner, the best way you can get ready is to make sure you're up to date on the latest version of Drupal 8. From there, it'll be an easy upgrade to 9.

If you maintain a community module, or your own custom modules, you may have some work to do.  Many contributed or even custom modules only need a one-line change to be ready for Drupal 9. Check yours using: the upgrade status module, or the Drupal Check command line tool.

Drupal.org Update

Happy Holidays! We've wrapped a gift for you.

All engineering work on the Automatic Updates contrib module for Drupal is now complete. Pending any last feedback on the release candidate, the stable release of the module is scheduled for this Thursday December 19th.

If you're interested in supporting Phase 2 of automatic updates, with an A/B front-end controller, contrib updates, and support for updating Composer-based site installs, please contact the Association.

We want to thank: The European Commission, Tag1, Mtech, Acquia, and Pantheon for their support of Phase 1. When the stable release goes live we'll have a dedicated post talking about what's included in this first stable release and more completely thanking all of the individuals and organizations that helped us get here.

Updates to Update Status XML

The update status XML that Drupal.prg provides to inform all Drupal sites of available updates has been overhauled to include better support for Drupal 9, and to prepare for contributed modules to use semantic versioning. It now also includes support for more descriptive support and security information.

Session browsing improvements for Events.Drupal.org

November also saw us deploy some significant improvements to the session browser on Events.Drupal.org. With the call for papers ended and sessions under evaluation, we wanted to prepare a new experience.

Session Filtering and Search

Once accepted sessions are published for Minneapolis, you'll see new search facets and a title/description search that should make matching attendees with programming better than ever.

Our hard work behind the scenes

A lot of the work that goes into supporting the Drupal project and community happens behind the scenes. Visible improvements like the Automatic Updates feature, or even new releases of modules are just the tip of the iceberg. To make these things possible, the Drupal Association engineering team must keep the whole machine humming.

A large portion of the Drupal Association engineering team's work in November was spent on improving the services and infrastructure we provide to support Drupal core.

Drupal 8.8.0's release and its changes to Composer meant a rewrite of Drupal.org's packaging pipeline, updates to the Composer facade, and updates to DrupalCI to prepare for testing Drupal 8.9.x.

Supporting the automatic updates process required deploying a new Signing oracle server to sign and verify the integrity of update packages, as well as provisioning and deploying Hardware Security Modules (HSMs) to protect our root keys.


As always, we’d like to say thanks to all the volunteers who work with us, and to the Drupal Association Supporters, who make it possible for us to work on these projects. In particular, we want to thank:

If you would like to support our work as an individual or an organization, consider becoming a member of the Drupal Association.

Follow us on Twitter for regular updates: @drupal_org, @drupal_infra

Dec 14 2019
Dec 14

Matt and Mike talk about the Drupal 8's core media module, including the processes, issues, and ecosystems needed to make it happen.

How to migrate from Panelizer to Layout Builder

Dec 11 2019
Dec 11
Dec 09 2019
Dec 09

When I say that a decade ago, the web wasn’t the same as it is today, would you agree?

Yes, you might, or you might not.

But when we examine the statistics a conclusion can be made: Web is changing all the time and testing has accompanied the change with it. 

Image of five stick figures working on the letter that says com which is hanging via crane wire

Testing is one of the critical processes in application development. The success or the failure of the application entirely depends on it. 

Cypress is one such framework which helps you conquer any type of web testing and is the best option for your website. 

Yeah, you must be wondering that why out of all the testing software in the market I enlighted Cypress. 

Well, let’s find out why. 

Why Cypress?

Cypress is a javascript based end to end testing framework that does not use selenium at all. 

Now, What is selenium?

Well, Selenium automates browsers. What the user does with that power is entirely up to them. Primarily, it is used for automating web applications for testing purposes. It is the core technology in countless other browser automation tools, APIs and frameworks.

So coming back to Cypress, the testing tool is a modular, integrated document assembly and delivery system that improves the management, accessibility, and distribution of content throughout an enterprise. This system can swiftly deploy and it requires little or no user training.

Cypress comes with many handy advantages which would make you choose the software at one go. 

  • Automatic waiting: Cypress has the ability to automatically wait for the DOM (document object model) to load, make the elements visible, allow the animation to be completed, and much more. 
  • Real-time Reloads: Cypress is smart enough to understand that after saving a test file the user is going to run it again, so it automatically triggers the run next to the browser as soon as the user presses to save the file. 
  • Debuggability: The testing framework provides the user with the ability to directly debug a particular app under test from chrome Dev-tools. It presents a straightforward error message and recommends the user on how they should approach it.
  • Architecture: There are many testing tools which work by running outside of the browser and it executes remote commands across the network, but Cypress is the exact opposite. This testing tool is executed in the same run loop as the application.
  • Works on the network layer: Cypress runs at the network layer by reading and changing web traffic. This allows the testing tool to not only change everything that is coming in and out of the browser but also allows to change the code that may interfere with its ability to automate the browser. 
  • It is a new kind of testing: Cypress has ultimate control over the applications, the network traffic, and native access to each host object that unlocks a new way of testing ( this has never been possible before)
Image of cypress logo where the letter cy is in a black circle and press is outside the circle

How is Cypress different from Selenium?

  Cypress Selenium Installation No configuration is needed. All the dependencies and drivers are automatically installed with .exe Installation of  the language binding and configuring of the drivers is required Running Against Browser Cypress only supports chrome 
You can run your text against any browser  Architecture Runs inside the browser and executes in the same loop Runs outside the browser and executes remote commands  Speed Test code runs alongside application code. Therefore generates an extremely fast test. Automation scripts are slow in selenium Wait for the Elements Cypress runs in the browser and knows what is happening. Thus you don’t have to wait when you are using Cypress In order to do effective automation waiting for an element, it is an important task Documentation The team of Cypress has invested a lot of time in documentation hence it is seamless and complete.   The documentation is not complete and difficult to understand.

Limitations and challenges faced in Cypress 

While Cypress does a really great job of giving developers and QA engineers the thing they want in an automation tool, it does have some limitations.

  • Since the structure is very different from selenium end to end tool, the user first needs to understand the structure and then find the best way to create the scripts.
  • As the testing framework is comparatively new, the community is small. It becomes really challenging to find the answers to the problems. 
  • No file upload is supported by this software and Cypress does not support cross-browser testing also. Nobody knows that when these things would be covered, and for what big projects, these features are really important. 
  • Cypress follows the approach that is related to the Page Object Model and this has been proven with time. 
  • The entire framework is only available for one client and i.e javascript. Thus, to work with it, it is important for the user to know the framework.

Can end to end testing deliver quality benefits?

Yes, end-to-end testing is really important it helps ensure accurate functioning of the application by testing it at every layer, right from the front end. Several other benefits of choosing and performing end-to-end testing can be because:

  • It ensures complete correctness as well as the health of an application: In end-to-end testing, the application is tested and validated at all the layers. The layers include-data layer, business layer, integration layer and presentation layer which guarantees the well-being of an application.  
  • It increases the reliance of an application: End-to-end testing increases the reliance and the performance of an application before its releases as the application is tested across different endpoints from different devices.
  • Decreases the future risks that might accompany the process: End-to-end testing presents the user with rigorous iteration and sprint. Thus, there are lesser chances of risks and failures that may come in the near future. 
  • It decreases the repetitive effort: The application is tested thoroughly, thus there is no looking back. The testing reduces the chances of frequent breakdowns and repetitive testing efforts 

End to end testing with Drupal

Cypress makes it easy to add new tests to the website as the user iterates the codes. Here are some of the few concepts that can help you with your Drupal Website. Let’s start the concept with: 

Setting up 

With the help of the standard installation profile and Drupal 8 distribution, the installation can take place along with JSON API. Drupal 8 comes with RESTful Web services which can serve many purposes and facilitates things such as querying nodes by field. 

There are few options for installing Cypress, out of which one of the preferred option is through NPM pacakage.json. The first step is to create your own file in the root of the project. Once the file has been placed, install it by running npm i from the project route. 

The first Test 

After installing cypress with the help of NPM pacakage.json installed, it is the time to test if it is working properly or not.

The test does two things:

  • It visits any website’s root address (that are configured by NPM script)
  • It verifies that the page has an element with “Cypress Testing” in it.

Creating the account 

The next step is to create user accounts. Depending on the environment, some option is more feasible than any other. Therefore, in order to do things, it is important to create Drupal entities. It is also important to access to an administrator account. You can do it manually create them in the database and pass the account credentials to Cypress through an environment variable, or you can let cypress create the account every time it runs the tests. This would reduce the chances of risks and issues that might occur during the procedure. 

The command that is there in cypress i.e cy.exec() provides the user with the access that is there in the system commands (Especially in Drush). The credentials are then decided for the test user. An object is added with the key values that are passed to the test as environmental variables.  Now add username and password to create the user admin account. Now that the credentials are available, it is possible to use them to create the user. 

Logging in 

To test any restricted or authentic users, it is important to log in first. The most obvious way to do this is the same way a user would log in, through the UI. In fact, the user should ensure that logging in through UI is possible. 

After each and every test, Cypress leaves the browser in a state it was in when it finished running the test. It is useful because it leaves a great position to discover the next steps. For this particular case, Cypress will come back to the browser with admin user logged in.
To keep tests independent from each other, Cypress removes the browser cookies before east of the test is operated. This prevents the side effects between tests, but it also means that the user needs to log in each time a test operates that needs authentication.
Now that the login codes have been placed, we need to write it. The user can reuse logs via UI test code, but if the same codes have to be operated before every test, there wouldn’t be much point in having the test, to begin with. Most important, logging in through the UI is slow. If the user has to log in before every test they run, a lot of time will be wasted on logging in. Drupal logs in simply by posting form data to the login URL. 

Seed the data 

It is important to look at how JSON API is used to seed the data which has to be tested and understand that API authenticates the requests. By default (for unsafe and non-read requests) JSON and the standard REST module requires a token request header to be presented. The tokens can then be used to create and delete data by posting the endpoints that are exposed by JSON API module. 

Note that Cypress presents an after hook. It is fascinating to delete the test nodes in the after hook since, at that point, the user has to access to the test node’s id and could delete the test content without having to query by the title. 

However, the approach can be troublesome in the event that needs a test runner to quit or refresh before running the after block. In this case, the test content would never get cleaned up since the user wouldn’t have access to the node’s id in future test runs. Once the test articles are seeded, the “displays published articles” test will visit the node’s page and confirm that the fields
Debugging using DevTools

As we can see that Cypress has grown out to be an excellent Test Runner that helps the user to understand what is happening in an application and in the tests, there’s simply no substituting all the amazing work that the browser has done on their built-in development tools.

Your Cypress test code runs in the same run loop as your application. This means you have access to the code running on the page, as well as the things the browser makes available to you, like document, window, and, of course, debugger

Running Cypress in continuous integration

If you want that automated testing and continuous integration should work together then it is important to have some sort of CI/CD server. These are the hosted servers, and for implementing it with Drupal 8 these tools must work together.

It is important to note that developers must ensure that all tests are passed on the local workstation. The Drupal configuration is exported where the system spins up a fresh installation


End-to-end testing shouldn’t be hard. Cypress makes integration testing pleasing and enjoyable. You can write the end to end tests without worrying about browsers, Selenium, and other scary stuff.

You would agree on the fact that the framework is so nice that planning to use nothing but Cypress for integration testing would be fruitful. Plus, the documentation is pure gold: Cypress Docs are filled up with best practices and examples.

At OpenSense Labs, we have quality Drupal experts who try to enable digital transformation to the enterprise with the services and assistance.  Contact us now at [email protected] 

Dec 09 2019
Dec 09

With Drupal 9 set to be released later next year, upgrading to Drupal 8 may seem like a lost cause. However, beyond the fact that Drupal 8 is superior to its predecessors, it will also make the inevitable upgrade to Drupal 9, and future releases, much easier. 

Acquia puts it best in this eBook, where they cover common hangups that may prevent migration to Drupal 8 and the numerous reasons to push past them.

The Benefits of Drupal 8

To put it plainly, Drupal 8 is better. Upon its release, the upgrade shifted the way Drupal operates and has only improved through subsequent patches and iterations, most recently with the release of Drupal 8.8.0

Some new features of Drupal 8 that surpass those of Drupal 7 include improved page building tools and content authoring, multilingual support, and the inclusion of JSON:API as part of Drupal core. We discussed some of these additions in a previous blog post

Remaining on Drupal 7 means hanging on to a less capable CMS. Drupal 8 is simply more secure with better features.

What Does Any of This Have to Do With Drupal 9?

With an anticipated release date of June 3, 2020, Drupal 9 will see the CMS pivot to an iterative release model, moving away from the incremental releases that have made upgrading necessary in the past. That means that migrating to Drupal 8 is the last major migration Drupal sites will have to undertake. As Acquia points out, one might think “Why can’t I just wait to upgrade to Drupal 9?” 

While migration from Drupal 7 or Drupal 8 to Drupal 9 would be essentially the same process, Drupal 7 goes out of support in November 2021. As that deadline approaches, upgrading will only become an increasingly pressing necessity. By migrating to Drupal 8 now, you avoid the complications that come with a hurried migration and can take on the process incrementally. 

So why wait? 

To get started with Drupal migration, be sure to check out our Drupal Development Services, and come back to our blog for more updates and other business insights. 

Dec 07 2019
Dec 07

There have been a lot of people that are very much interested in the “DevOps” concept and when I sat down with some of these, the direction of the conversation went down to many interesting paths. 

They started talking about deployment best practices, rollbacks, hot deployment etc. 

Two blue screws placed vertically where the middle text has dev in one and ops in other

But, when there were some mentions about “Blue-Green Deployment” - complete silence. 

Therefore, this gave me an idea to tell the rest of the world that with all the microservices, native cloud and what not technology, blue-green deployment is not a silver bullet, but it is an element to usefulness.


Well, you got to read ahead. 

What do we understand by blue-green deployment?

A blue-green deployment is a management approach for releasing software code. 

Two identical hardware environments are configured in the exact same way in Blue-green deployments, which is also known as A/B deployments 

Only one of the environments is live at a single time, where the live environment serves all the production traffic. For example, if blue is currently live then green would be idle and vice-versa.

Blue-green deployments are usually utilized for consumer-facing applications and the applications which have critical uptime requirements. The new code is delivered to the inactive environment, where it is completely tested. 

How it reduces the risk?

Achieving automation and continuous delivery at any level of production is a holy grail, and avoiding downtimes and risks are high up on the list of priorities. Blue-green deployment provides you with simple ways of achieving these goals by eliminating risks that are witnessed in the deployment. 

  • You will never encounter surprise errors

When you fill a particular form online, what all credentials do you fill? Your name, phone number, address, street and probably your bank details if you are making an online purchase. Right?

You press the “pay now” button and check on the “receive spam emails” but unfortunately, your order wasn’t able to get processed as you desired. If you are lucky enough you get an error message equivalent to “application is offline for maintenance” all your efforts and time goes in vain. But with blue-green deployment, you never have to worry about this maintenance screen. 

There is a list of item’s upon one click and upon next click, you are eligible to see the new menu that you add. This would keep furious emails about error screen from flooding your inbox. 

  • Testing the production environment 

Ensuring that your pre-production environment is as close to your production environment as possible is not only important but essential too. With the help of blue-green deployment, this task is easily achievable. The user can test any application while it is disconnected from the main traffic. The team has the eligibility to even load the test if they desire too. 

  • Makes sure that the traffic is seamless 

Customer needs and desires are more global than ever and there is no longer an essential good time to do deployment, especially if you work in an enterprise where the business needs to be running around the clock. If you have a customer facing application then there are chances that they might switch their platform to some other website, if they don’t find what they desire. This means a decrease in sale and business. 

Blue-green deployment assures that your traffic never stops. That customer can place their order just fine without disruption. Which means that the employees overseas continue to do their job without any interruption, saving companies money. 

  • Easy Recovery 

You might witness times where you would get introduced to bugs and viruses. We can either spend a lot of money on its fix or we can inevitably find them and recover them. With the help of blue-green deployment, we have our older and more stable version of our applications to come back online at a moment’s notice by evading the pain to roll back a deployment.

Image of an object that is connected to a yellow object that says router which is connected to a chart that is divided into three halves.Source: Martin Fowler

How does this process work?

As we know that blue-green deployment technique involves running two identical production environments where they are configured in the same way, therefore, let us assume that the current deployment is in the green environment in 2.3 release. The next deployment which would take place would be in a blue environment that would be in 2.4 release.  

The environment would then be tested and evaluated until it is confirmed to be stable and responding. Once it is in production the server would be redirected, thus becoming the new production environment that the users are routed to.

The entire design is used to provide fast rollbacks in a case a deployment fails or does not pass a QA. When deployment fails or critical bugs are identified, a rollback to the green environment will be initiated. Once the bugs are fixed the version is re-deployed to the blue environment and the traffic is rerouted back the moment it is stable. 

While deploying the preceding version i.e version 2.5, the deployment would switch to the green environment and would be extensively be tested and evaluated. Traffic would be rerouted to the green zone once it passes the quality assessment.

This way both green and blue environment are regularly cycled between live versions and staging to the next version. 

Image of five blue-green boxes that are placed horizontally which are pointing to the blue-green boxes on the other sidesSource: Medium 

Blue-Green Deployment helping your Drupal websites

Let us imagine that you constructed a website with the help of Drupal, now you are getting high traffic in it. Normally for developing, updating and testing a website (without risking the live integrity), you follow these steps:

Development: The development process starts with developers working on new features, bug fixes, theming and configuration in the local environment. It makes it possible to easily roll back to the previous stage of development.
Testing: Typically this environment is not available for client viewing and it is intended for testing developmental work against a lateral host. 

Staging: This stage is used for presenting the changes to the client for approval. QA (quality assurance) and UAT (user acceptance testing) are most often carried out on the staging stage. 

Production: This is the live site on the web available visitors. It contains new features that have been proven safe to go live. 

As you can see that this process can be long and time-consuming, maintaining and constructing site can be irritating therefore blue-green deployment rescues you at times like these. 

It would provide near to zero downtime and would present easy rollbacks capabilities. The fundamental idea behind blue/green deployment is to shift traffic between two identical environments that running differently in different applications. 

 Image of a blue and green square in two different images. The first one shows request in the blue box and the second pictures show the sameSource: NewGenapps

Some of the implementations for Your Drupal Website 

Blue-Green Deployment for Drupal websites with Docker 

Drupal Deployments are hard. The user has to make sure that that the code is deployed, composer dependencies are pulled, schema updates are pulled, scheme updates are performed and all the caches are cleared. 

All with keeping the website up and responsive to the users. But if anything goes wrong and you wish to rollback? Do you stop the deployment? Well, no blue-green deployment is the answer to it. 

Docker makes it easy to build, shift and run applications. On the EC2 instance, there are always two raised docker containers of “blue” and “green”, and ngnix works as a reverse proxy on the same instance. The user can build a Drupal site that is running parallelly in the “blue” and “green” environment and serve both from MySQL database. we install Apache, PHP, and Drupal in baseimage-docker.

 Image of a square box that says nginxconnected to blue-green boxes. These boxes are connected to MySQL boxSource: Nulab

Drupal with Blue-Green Deployment in AWS Beanstalk 

Within the help of ECS, the user can create task definitions, which are very similar to a docker-compose.yml file. 

A task definition is a collection of the container, each of which has a name, the Docker image runs, and have the option to override the image’s entry point and command. The container definition is also where the user can define environment variables, port mappings, volumes to mount, memory and CPU allocation, and whether or not the specific container should be considered essential, which is how ECS knows whether the task is healthy or needs to be restarted.

The Amazon web service solution allows the user to quickly and easily manage the deployment and scalability of web platforms. The deployment helps in configuring a high-availability environment that seamlessly runs a Drupal website. Running a DB instance that is external to Elastic beanstalk decouples the database from the lifecycle of the environment, and lets the user connect to the same database from multiple environments, swap out one database from another and perform a blue-green deployment without affecting the database.

The below image shows how green-blue deployment work in AWS environment. 

An image divided into two halves where both have a cloud at the top connected to a security group which in turn is connected to the EC2 security group. Source: CloudNative

Some of the best practices for smooth release 

Now that we understand how blue-green deployment works, let’s cover some of the best practices that are related to it:

Load Balancing

Load balancing helps you to automatically set a new server without depending on any other mechanism, without depending on the DNS mechanism. The DNS record will always point to the Load Balancer and the user would only modify the servers behind it. This way they can be absolutely sure that all traffic comes to the new production environment instead of the old one.

Rolling Update

To avoid downtime the user can execute rolling update which means instead of switching from all blue server to all green server in a single cut-off you are eligible to work with an integrated environment. This indicates that rather than switching from all blue servers to all green servers in a single cut-off, the user can control with an integrated environment

Monitoring the environment 

Monitoring the productive as well as the non-productive environment is important. Since the same environment can play both as production and as non-production, all you would need is to toggle the alerting between the two states. 


The user can script as many actions as possible in the witch process, instead of doing a manual set of actions. This brings huge benefits. The process becomes quicker, easier, safer and enables self-service.

Deployment in cloud

If your servers run in the cloud, there is an interesting variation of the Blue-Green method in which instead of going back and forth between two static environments, you can just create the next environment from scratch.

This process is also valuable for avoiding the danger of servers becoming snowflakes, which are servers that have a unique configuration set that isn’t documented anywhere.  Once these snowflakes get erased for some reason, you have no easy way to properly recreate them. Whatever may be the choice it is important to keep the newest test and release technology to ensure that the release is smooth.


Deployments are one of the most important parts of the software development lifecycle, therefore all the activities involved should thoroughly be researched and tested to ensure that they are a perfect fit for your system architecture and business. 

At OpenSense Labs, we have a pool of Drupal developers and experts that work on technologies that use these tools and services. Contact us now at [email protected], our experts would guide you with the queries and questions that are related to this topic. 


About Drupal Sun

Drupal Sun is an Evolving Web project. It allows you to:

  • Do full-text search on all the articles in Drupal Planet (thanks to Apache Solr)
  • Facet based on tags, author, or feed
  • Flip through articles quickly (with j/k or arrow keys) to find what you're interested in
  • View the entire article text inline, or in the context of the site where it was created

See the blog post at Evolving Web

Evolving Web