Aggregator

Salsa Digital: What Drupal AI means for Government

1 week 4 days ago
Raising the bar: Why government should care about Drupal AI Governments everywhere are still navigating what AI means for them. And rightly so. Questions around ethics, security, privacy, bias, and public trust can’t be brushed aside, they must be answered thoughtfully, and within robust regulatory frameworks, policies, and guidelines. At the same time, public sector digital teams are facing pressure to move faster and deliver better services. Embracing AI represents the opportunity for public sector to achieve this. But most AI solutions on the market are black boxes, vendor-locked, opaque, and near-impossible to audit. Drupal’s new AI Initiative is different. It's open-source, transparent by design, and built to be shaped by, not just sold to, government.

Talking Drupal: Talking Drupal #508 - Drupal User Groups & Meetups

1 week 5 days ago

In this episode of Talking Drupal, we dive into the world of Drupal user groups and meetups with guests Lee Walker, Bernardo Martinez, and Bo Shipley. Our guests share their experiences in organizing and participating in Drupal communities and the vital role these meetups play in fostering continuous learning and professional development. We also explore the newest features of Drupal Core 11.2 in the Module of the Week.

For show notes visit: https://www.talkingDrupal.com/508

Topics
  • Meet the Guests: Lee, Bo, and Bernardo
  • Module of the Week: Drupal Core 11.2
  • Diving into Drupal User Groups and Meetups
  • Personal Journeys into Drupal User Groups
  • The Role of Meetup.com in Drupal Communities
  • Organizing and Attending Meetups vs. Conferences
  • Challenges and Strategies for Growing Meetups
  • Virtual and Hybrid Meetups: Impact on Attendance
  • Success Tips for Organizing Meetups
  • Keeping Meetups Simple and Engaging
  • Preventing Organizer Burnout
  • Challenges and Changes in Meetup Cadence
  • Finding and Retaining Meetup Members
  • Communication Tools for Meetup Groups
  • The Importance of In-Person Meetups
  • Advice for Starting or Restarting Meetups
  • Conclusion and Contact Information
Resources

Drupal.org Events The Drop Times Events Meetup.com Drupal Chattanooga Drupal Users Group Chattanooga Drupal Camp

Guests

Lee Walker - www.codejourneymen.com mr_scumbag Bo Shipley - simplyshipley Bernardo Martinez - linkedin bernardm28

Hosts

Stephen Cross - stephencross John Picozzi - epam.com johnpicozzi JD Leonard - modernbizconsulting.com jdleonard

Module of the Week

with Martin Anderson-Clutz - mandclu.com mandclu

Drupal Core 11.2

  • Single Directory Components (SDCs) have been a focus of excitement for Drupal’s front end developers since they were added to Drupal 10.1 as an experimental module, and merged into 10.3 as a stable feature. With Drupal 11.2, SDCs now have a concept of variants, to allow for different ways of presenting a component’s information. Some component frameworks like Storybook have a somewhat different concept of variants, which is really a set of property value presets that are useful for testing. Variants with Drupal SDCs strike me as being analogous to view modes for content types, in that you can have separate template files for each variant, or you can have conditional logic within a single template based on the variant in use.
  • Our own nicxvan, chx, and some others put some significant work into allowing preprocess hooks to be defined as OOP classes, which bring us a significant step closer to not needing .module files anymore. Hooks (and .module files) are Drupalisms, so removing the need for them is a big improvement for Developer Experience, and makes it easier for developers to get started with Drupal
  • In Drupal 11.2 the module installer has been updated to only rebuild the container after several modules have been installed, which significantly speeds up installing multiple modules at once.
  • Drupal 11.2 also brings us a Recipe Unpack composer extension, so when you composer require a recipe, the dependencies get automatically added to your site’s composer.json file, so you can apply and then remove the recipe and still have a fully functional site
  • Package Manager is now a hidden module in Drupal core, which is critical for initiative like Automatic Updates and Project Browser, that the community has been working on for years
  • Drupal core now also supports the next-generation AVIF format, with WEBP as a fallback with servers that don’t support generating them
  • Of course there are also a variety of dependency updates as well, for CKEDitor, Symfony, composer and more, as well as too many minor improvements and bugfixes to cover in detail here

Drupal AI Initiative: Welcome to the Drupal AI Initiative: Webinar with the AI Initiative leadership team

1 week 5 days ago

You have probably heard about the new strategic Drupal AI Initiative announced by Dries and the DA a couple of weeks ago. Let’s get together to learn more about it!

We’ll discuss:

  • Initiative history and overview
  • How we are organized
  • Who’s involved, and how can you join
  • Where to find the latest information
  • Bring your questions for an AMA

Looking forward to seeing you. If the time doesn’t work for you, don’t worry, the webinar will be recorded and made available within a few days. And, you can ask follow-up questions in the #ai-initiative Slack channel.

Time: 26 June Thursday 1600 UK / 1700 CEST / 0800 Pacific / 1100 Eastern / 2030 India

To join the session, please, use this link to register.

The Drop Times: Building What’s Next Together

1 week 5 days ago

Drupal CMS 1.0 was released earlier this year, and work is actively underway on the Experience Builder. This visual site-building tool enables users to create layouts directly in the browser, utilising drag-and-drop features. The project is currently in alpha and scheduled for full release by the end of 2025. At the same time, the Drupal AI Initiative has launched with $120,000 in funding to develop tools that help generate layouts, forms, and content based on user input. These tools are built with human oversight in mind: users can review, edit, or reject suggestions. This shift reflects a clear goal: make it faster to build and manage sites without relying entirely on developer resources.

The current board election connects directly to these developments. The Drupal Association is holding its 2025 at-large board member vote from June 18 to July 11. Seven candidates, Alexander Varwijk, Carlos Ospina, Matthew Saunders, Matt Glaman, Maya Schaeffer, Vladimir Roudakov, and Will Huggins, are running to fill the seat held by Fei Lauren. Each candidate has published a platform addressing key areas like onboarding, contributor experience, community inclusion, and responsible use of automation. These issues align with Drupal’s current work, including its focus on non-technical users and expanded access to site-building tools.

The Drupal Association board plays a direct role in supporting new features and community programs. Its decisions affect funding, contributor support, and how major initiatives, such as the Experience Builder and Drupal AI, are maintained over time. The individual elected to the at-large seat will help guide these efforts, ensuring they are aligned with both user needs and available resources. Voting is open to all eligible members through July 11, and participation ensures these decisions reflect the priorities of the wider Drupal community.

INTERVIEWDISCOVER DRUPALDRUPAL COMMUNITYEVENT

We acknowledge that there are more stories to share. However, due to selection constraints, we must pause further exploration for now.

To get timely updates, follow us on LinkedIn, Twitter and Facebook. You can also join us on Drupal Slack at #thedroptimes.

Thank you, 
Sincerely 
KAZIMA ABBAS
Sub-editor, The DropTimes.

Drupal Association blog: Security Matters: Keeping your Drupal 7 site safe under Extended Support

1 week 5 days ago

Still have Drupal 7 (D7) website? That’s okay for now. But let’s be honest: in today’s threat landscape, security is not optional. With D7 reaching its official end-of-life, staying protected means relying on more than just luck or legacy systems. That’s where Extended Support comes in, and why it matters now more than ever.

Why security should be your #1 Priority

Cyber threats have evolved. So have regulations. Older platforms like D7 are prime targets if not properly maintained. Without official support, vulnerabilities go unpatched, and your organization could face:

  • Data breaches or theft
  • Damage to your brand reputation 
  • Compliance issues (GDPR, PCI, HIPAA, etc.)
  • Unexpected downtime and recovery costs
  • Technical problems (e.g. unsupported modules affecting your website’s SEO)
  • Complete lack of updates

In short: no security = high risk.

Extended Support: your digital safety net

With Extended Support (ES), you're not left in the dark. At Dropsolid, we’re one of only three official D7 ES partners worldwide and the only one based in Europe. 

From day one, we have focused primarily on Drupal. Many of our senior developers have worked with D7 for years. Unlike many young developers, they do have the deep knowledge to keep your website secure and performing. This makes us part of a highly specialized group with the tools, access, and knowledge to keep your site secure long after official support has ended.

Here’s how we protect your D7 site:

  • Proactive security patches
    We receive enterprise-grade patches before release, backed by a bug bounty program and ethical hackers 
     
  • Continuous vulnerability monitoring
    We proactively scan for threats and respond before damage can occur
     
  • Infrastructure hardening
    Whether you stay on your current hosting or migrate to our Experience Platform, we secure your environment at every level
     
  • Expert D7 knowledge
    Our ISO 27001-certified team, with thousands of Drupal contributions,  ensures that patches are applied correctly and modules remain compatible
     
  • Custom code support & compliance auditing
    We help maintain your custom functionality and monitor GDPR/accessibility compliance

Sticking with D7 doesn’t mean compromising on safety. With ES, your platform stays stable and protected, buying you valuable time to plan a thoughtful migration without rushing under pressure. And let’s face it: nothing beats peace of mind when your digital presence is at stake.

What’s next? From security to innovation

Extended Support is not forever, but it is your strongest shield in right now. At Dropsolid, we help you stay secure today while preparing you for what’s next. We can help you with:

  • Drupal 7 Extend Support to stay secure today
  • Seamlessly migrate to a newer Drupal version
  • Unlock future innovation through Drupal AI, helping you automate content, personalize user experiences and streamline workflows 

As a founding partner of the Drupal AI Initiative, Dropsolid is helping shape the future of AI in Drupal. From training to implementation, we bring the tools and expertise to turn AI into real value for your organization. 

Get in touch 

Get in touch with us and have a call with our Drupal experts. We’ll assess your current setup, explore your goals, and help you choose the smartest path forward.

Contact us: https://dropsolid.com/en/contact

Joshuami: Recipe Unpack: This Blog Is No Longer on Drupal CMS, and That's a Good Thing

2 weeks ago
Recipe Unpack: This Blog Is No Longer on Drupal CMS, and That's a Good Thing joshuami Fri, 20 Jun 2025 - 2:00 pm

Posted on 20 Jun 2025 - 2:00 pm

With the release of Drupal 11.2, the Recipes feature gets an important new capability. You can now "unpack" recipes after they are run so that your composer.json will have the direct dependencies from the recipe rather than a dependency on the recipe itself. Drupal

xjm: "Anemone": The brief tale of a Drupal core security advisory

2 weeks ago
"Anemone": The brief tale of a Drupal core security advisory xjm Fri, 06/20/2025 - 15:03

A long while back, security researcher Sam Mortenson reported a cross-site scripting vulnerability in Drupal core's Link module. Essentially, the options property on link fields was not being properly sanitized. This meant cross-site scripting was possible under some circumstances -- and, as always for cross-site scripting, we were concerned that the XSS could be combined with other attacks and escalated to more serious exploits.

Drupal Core News: Drupal core will adopt Gin admin theme to replace Claro

2 weeks 1 day ago

Drupal effectively has two default administration themes: Claro for core, and Gin for Drupal CMS. This causes difficulty for UX designers and product managers, because new features must work well with both themes.

Gin is no longer an experimental fork of Claro to experiment with new ideas. It has matured into a state-of-the-art admin theme, while Claro has fallen behind, as evident by the decision to use Gin as the admin theme for Drupal CMS. As a result, we feel it is time for Gin to become the default theme for Drupal core.

We are aspiring to have this work completed by November 2025 in order to get Gin into core for the release of 11.3 in December.

What's next?

A core-ready version of Gin will be developed outside of core in a 6.x branch of Gin. Our goal is for the Gin maintainers to collaborate with the Drupal Core Product, UX, Release, and Frontend Framework Managers to identify which issues are blockers for Gin in core.

Once the identified blockers are completed, the result would be merged into core for Drupal 11.3 by the beta deadline in November 2025. The most important step for including Gin in core is to remove its dependency on Claro, since Gin will replace Claro as the default admin theme.

Other work will include removing features that are not needed for core; simplifying the code now that Gin only needs to support the version of core that includes it; and other tasks like adding necessary test coverage to ensure a smooth transition from contrib to core.

What happens to Claro?

Although Claro will not be the default theme anymore for new sites, it will remain in Drupal 11 for use on existing sites. Claro is planned to be removed from core in Drupal 12, at which point it may become available as a contributed theme outside of core.

How can I get involved?

This is a big job with an ambitious timeline, so we will need many contributors to meet it. For contribution, you can get started with the two meta issues (#3530849 Gin 6.x and #3530852: Admin theme modernisation) to track this work, one for core tasks and one for Gin tasks. These will be updated and many new tasks created as the scope of work is clarified.

The Gin maintainers are also seeking sponsors for their time, which is a great way to contribute to this effort if you want to see this happen but are not able to work on tasks directly.

All those interested, please join us in the #admin-ui Drupal Slack channel for collaboration.