Blikk Drupal News
Since joining Drupal.org in 2007, Lee Rowlands (larowlan) has been an important contributor to the Drupal project. A major core contributor and Drupal 8 advocate, Rowlands has become a well-recognized and celebrated member of the Drupal community.
Rowlands is an important Drupal figure in Australia, and has spoken at DrupalCamp Brisbane 2010, Drupal Downunder Melbourne 2012, DrupalCon Sydney 2013 and Drupal South Wellington 2014. An occasional mentor during Drupal Office Hours in the Australian timezone (GMT+10), Rowlands is also a well-recognized figure in the international Drupal community for his involvement with core and his contributions to a huge variety of projects on Drupal.org.How did you get involved with Drupal?
Jim Morrison and a naked native american came to me in a dream and told me it was my destiny. Just kidding. I started up my own IT consulting business and I'd built a couple of Drupal 5 sites.
The third site I built needed some tricky mapping functionality. This was in Drupal 5 and the site was for a locally owned fishing tackle franchise. Their point of difference with the big national chain-store was local knowledge. So they had this great idea to create a series of online fishing maps for local regions, each featuring points of interest for that region. Each point of interest had a marker icon based on its type, eg there were boat ramps, fishing spots etc. Each marker had a popup with an image and some text. The kind of thing you can build on your own with Google Maps now, but back then - it was a fairly new concept.
At the time gmap module was the go-to mapping option (Drupal 5) but it didn't support the image/marker/description functionality. So I wrote a patch to allow wiring up a content-type with gmap functionality to do so. And in order to post the patch, I had to sign up for a Drupal.org account. So that was my first comment on Drupal.org, a sizeable patch!
Not long after that I pitched the idea of a website to a local motel that had just had a renovation. At this stage Drupal 6 was out and the go-to ecommerce solution was Ubercart. My pitch included online-reservations so I worked with Will Vincent to round out a hotel-booking solution for Ubercart. That's how I got my CVS access on Drupal.org.
Contributing my code back to Drupal.org opened my consulting business up to the world. Up until that point most of my work had been for local businesses. Once I had a project on Drupal.org I started receiving work offers via my Drupal.org project page, mostly for adding new pieces of functionality.
I continued building sites and I always ensured that I had contract provisions to open-source any generic modules that the project needed. Over time I ended up with more than 30 contrib projects on Drupal.org, all with varying degrees of maintenance. Each of these kept resulting in work referrals and I kept expanding my skillset and client-base.
Then Drupal 7 came out and it felt like I had to start learning all over again. I had a long car-trip coming up so I downloaded the mega 'Upgrading 6.x modules to 7.x' thread from Drupal.org and spent about three hours taking in all the changes. As soon as I had net access, I subscribed to the Drupal core issues RSS feed. At this stage my motivation was just to keep across changes happening in core, but after a while I started seeing issues posted that I realised I could fix/work on. So I started commenting and posting the odd patch.
Not long after an epic thread was posted by @sun in the issue queue titled 'Make core maintainable' (https://drupal.org/node/1255674), basically it was proposing that if we didn't get more hands on deck in core, the only way forward was to start dropping unmaintained modules. I jumped into irc and put my hand up to maintain forum, one of the modules on the chopping block. I had a conversation with @chx who later remarked 'yesterday I saw a guy on IRC who was contemplating on taking the forum module maintainer hat' (http://www.drupal4hu.com/node/303).
So from there I took a more active role in core contribution. Those threads are a great read, even today, as they indicates the level of frustration that core developers were experiencing in the first six months of Drupal 7's release.What do you do with Drupal these days?
I build sites for some of Australia's largest government, education, media and non-profit organisations with one of Australia's most respected Drupal Agencies, PreviousNext. It's a great team and I get to work on interesting projects.
After all this time I still enjoy working with Drupal. Sometimes people lament Drupal's ease of site-building, likening it to 'golden handcuffs', but that's where contributing to core and contrib help. If you find yourself stuck in a 'click-monkey' rut, contributing code lets you flex your 'code-monkey' muscles.You’re involved with quite a variety of projects in the Drupal community - can you describe some of the things you do and why you like them?
I particularly like working on Drupal core because it helps me keep abreast of upcoming changes. I don't have a CS education, I have degrees in mathematics and engineering, and I've been quoted before saying I got my CS education in the Drupal issue queues. As a contributor you are incredibly lucky to have your work constructively reviewed by some of the world's best programmers. Every time someone makes a suggestion on your patch, you learn a little more. I've learnt so many programming concepts from reviewing other's code and having my code reviewed by others. Particularly during the Drupal 8 cycle, where we've effectively rewritten Drupal in a new language - PHP 5.3.What’s the coolest project you’ve worked on?
Its not live anymore unfortunately but I worked on sendmypostcards.com which was a Drupal 6 site with Ubercart where you could create your own postcards and pay to have them printed. You could use your Facebook photo-galleries, Flickr account or upload your own files. The designer/editor was built with jQuery and the site used batch-jobs to generate 300dpi print-ready PDFs. It was a challenging project but it did end up spawning a number of contrib modules including Image Cache External which allows you to generate derivatives of remote images. Unfortunately the site didn't last, but I did get a couple of Christmas cards printed and sent to my office. It was great to have something tangible, I still have them mounted on my office wall.What changes do you hope will come in Drupal 8?
I'm disappointed we didn't get a layout builder in core but I'm excited by the opportunities for it to develop and mature in the contrib ecosystem. Some of the work done as part of the Scotch Initiative by @sdboyer and @eclipsegc was pretty awesome. @sdboyer stepped me through the 'Princess' branch (the name was a dare) at the stage when it was fairly functional and the possibilities it opened up were pretty awesome. Hopefully that work will be leveraged for what becomes of panels/page manager in Drupal 8.What is your favorite part about the Drupal community?
Getting to work with insanely intelligent and brilliant people. There are so many awesome people working with and on Drupal every day who are always willing to share their experiences and knowledge.Tell us a little about your background or things that interest you outside Drupal?
I live in Central Queensland at the Southern tip of Australia's Great Barrier Reef. We have three World Heritage listed destinations all within our reach - the reef, Fraser Island and Mon Repos Turtle Rookery, where you can watch Marine turtles lay their eggs or the hatchlings make their way into the world. The climate is great, the cost of living is low and the people are some of the friendliest in the world. I get to work out of an office with two great Drupal devs who also work for PreviousNext, @nick_schuch and @grom385. Its a great lifestyle, our office is right on the beach.
Outside Drupal I'm passionate about family, with two school aged children and I've been married for 15 years. I'm lucky that Drupal gave me an income while my children were pre-school aged and when they went off to school I was able to turn this into a career.Drupal version: Drupal 8.x
The Drupal.org primary database server experienced a crash due to a full disk earlier today around 6:59am PST (14:59 UTC). The Nagios monitoring system which normally alerts us to prevent these outages had also crashed and failed to send any notices of a problem to the infrastructure team. By 7:21am PST (15:21 UTC) Jeff Sheltren had cleared enough space to bring the database server back online and Drupal.org returned to normal operation.
We are sorry for any inconveniences the outage may have caused. We are taking steps to prevent failed monitoring in the future by adding additional monitoring of our monitoring server. Brandon Bergren is also working to fix the issue with the cache_form table which caused the disk to fill up.
Free Software is not just about saving money. It's not just about sharing for sharing's sake. Free Software, at its core, is about empowering people. It is about ensuring that everyone has ultimate control over their own electronic lives, because the software that runs their electronic lives is under their control and not someone else's.
How do you know your computer is doing what you tell it to, and not someone else? How do you know your phone is only recording what you tell it to record? How do you know your files are only being read by you? How do you know your refrigerator isn't reporting on your diet to someone else?
The only way to be sure is to have the source code so that you or someone you trust can verify that it is doing only what you tell it to and your electronic tools are not secretly acting for someone else. Free Software is all about ensuring an individual's personal digital sovereignty, free from unwanted or secret invasion from anyone -- other people, corporations, or governments.
The entire point of sharing source code is so that individual people and organizations can ultimately have control over their own equipment, information, and digital lives. In many ways it is about privacy: The security to know that your data is accessible to you, and your computer is used by you, and only you, unless you decide otherwise.
Recent revelations, however, have shown that people's digital sovereignty is under even more attack than before. Both the American and British governments have been found violating the digital privacy of millions of people in their own countries and around the world. That is exactly the sort of attack on individual digital sovereignty that Free Software was created to combat.
As a leading Free Software project, the Drupal Community opposes such privacy invasions. We believe it is our ethical duty to stand with The Day We Fight Back and others who oppose such violations of individual digital sovereignty. We encourage all people, all over the world, to take a stand for digital freedom. If you are in the United States you can use the banner at the bottom of this page to locate and contact your Congressional representatives and tell them to oppose further infringement of individual privacy rights and to force the NSA and similar agencies to obey the law in both letter and spirit.
Drupal 7.26 and Drupal 6.30, maintenance releases which contain fixes for security vulnerabilities, are now available for download. See the Drupal 7.26 and Drupal 6.30 release notes for further information.Download Drupal 7.26
Download Drupal 6.30
Upgrading your existing Drupal 7 and 6 sites is strongly recommended. There are no new features or non-security-related bug fixes in these releases. For more information about the Drupal 7.x release series, consult the Drupal 7.0 release announcement. More information on the Drupal 6.x release series can be found in the Drupal 6.0 release announcement.Security information
We have a security announcement mailing list and a history of all security advisories, as well as an RSS feed with the most recent security advisories. We strongly advise Drupal administrators to sign up for the list.
Drupal 7 and 6 include the built-in Update Status module (renamed to Update Manager in Drupal 7), which informs you about important updates to your modules and themes.Bug reports
Drupal 7.26 and 6.30 were released in response to the discovery of security vulnerabilities. Details can be found in the official security advisory:
To fix the security problem, please upgrade to either Drupal 7.26 or Drupal 6.30.Known issues
(Drupal 7 only) On sites with a very large number of unpublished nodes in the database, the Taxonomy module update function introduced in this release may take a very long time to run and consume an excessive amount of memory. A fix is available in this issue and will be included in the next bug fix release of Drupal core. Sites which need the fix sooner can apply the patch from that issue to their Drupal 7.26 sites.Front page news: Planet DrupalDrupal version: Drupal 6.xDrupal 7.x
4877. That is where the tradition within the Drupal community of making predictions for the year ahead with regards to our software, our community and broader, the web, started. Node 4877, written at the end of the year 2003. We have come a long way since then.
This year we would like to know what you think the year ahead will bring for Drupal and, as a bonus, we would like to know what was the best prediction you found in the past. Where did we shine when it comes to vision or humor.
And now predict for 2014 and reflect the last decade in this thread.
Drupal.org will be going down for up to 1 hour Monday, Jan 13, 17:00 PDT (Jan 14, 1:00 UTC). This maintenance window will be used for routine Drupal updates, which need to alter large tables. Single sign on for sub-sites (api.drupal.org, groups.drupal.org, etc) will be down; they will otherwise remain available. Please follow the @drupal_infra Twitter account for updates during the downtime. Thanks for your patience!
Drupal.org will be going down for up to 2 hours Wednesday, Jan 8, 17:00 PDT (Jan 9, 1:00 UTC). This maintenance window will be used to improve the speed of issue queues. Single sign on for sub-sites (api.drupal.org, groups.drupal.org, etc) will be down; they will otherwise remain available. Please follow the @drupal_infra twitter account for updates during the downtime and thanks for your patience!
Update: Drupal 7.26 is now available.
Drupal 7.25, a maintenance release with numerous bug fixes (no security fixes) is now available for download. See the Drupal 7.25 release notes for a full listing.Download Drupal 7.25
Upgrading your existing Drupal 7 sites is recommended. There are no major new features in this release. For more information about the Drupal 7.x release series, consult the Drupal 7.0 release announcement.Security information
We have a security announcement mailing list and a history of all security advisories, as well as an RSS feed with the most recent security advisories. We strongly advise Drupal administrators to sign up for the list.
Drupal 7 includes the built-in Update Manager module, which informs you about important updates to your modules and themes.
There are no security fixes in this release of Drupal core.Bug reports
Drupal 7.25 contains bug fixes and small API/feature improvements only. The full list of changes between the 7.24 and 7.25 releases can be found by reading the 7.25 release notes. A complete list of all bug fixes in the stable 7.x branch can be found in the git commit log.Update notes
See the 7.25 release notes for details on important changes in this release.Known issues Planet DrupalDrupal version: Drupal 7.x
The Drupal Association, with the help of a Search Committee comprised of Board and Advisory Board members, is beginning a search for a Chief Technical Officer (CTO) for Drupal.org (not the Drupal software project). The CTO will fill a critical role for the both the Association and the community, working at the strategic level with the Drupal.org Working Groups to build a roadmap for Drupal.org, create and manage processes critical to the success of the site (including security and disaster recovery), and ensure that Drupal.org roadmaps are met. A CTO role ensures that Drupal.org has the technical and strategic oversight needed to drive improvements and innovations. Specifically we want to ensure that we have the best platform for developers, community involvement, and critical revenue-generating opportunities.
The CTO is the first of several hires we will make over the course of the next few months to significantly increase our ability to improve the experience of Drupal.org for our many constituents. These hires will include more development and devops bandwidth, among other things. In short, this is a really exciting time to work on Drupal.org!
We're asking for your help to find the right person for this role. We're looking for someone with strong product management skills, a community player who can work with our broad base of remarkable volunteers, and the experience to guide and manage our development, infrastructure and operations teams. Please review and share the Drupal Association CTO Job Description.
We've also included a little more context below if you want to learn more. And, if you have any questions, please feel free to contact Holly Ross.Why a CTO? Isn’t that a bit much for our needs?
Our focus at the Association in 2013 has been re-aligning Association resources to bring more support and funding to our community’s most important asset: Drupal.org. During the last 9 months, we've begun diversifying our revenue streams so that we can scale our income and provide more funding for Drupal.org projects. We launched Working Groups to manage the strategic direction and policy setting we need to make good decisions for the site. Most recently, we hired a Technology Manager for the Association so that our limited technical staff can focus more fully on Drupal.org.
In 2014, we are planning for an even more dramatic shift, bringing on engineering and infrastructure staff to pay off years of technical debt and begin to move the site forward with new developer tools, better site performance, and strong security practices. We’re incredibly excited to help the community move Drupal.org forward and really meet community needs. We see the CTO role as essential to making this happen. It sets us up to proactively address Drupal.org needs at a strategic level - forecasting necessary changes before they become critical problems.Isn’t this the role of the Working Groups?
Yes - the Working Group charters put them in charge of direction-setting and strategy for the sites. We anticipate that the CTO will work closely with the Working Groups to coordinate their work and ensure that those decisions are translated into a cohesive roadmap. Additionally, the Working Groups are not designed to implement the roadmap. The CTO will oversee the team that does that - either in-house, using 3rd party tools, through contractors, with volunteers, or a combination of these options.Are you going to hire from within the community?
We are certainly going to look within the community. We will also look outside the Drupal community. The committee seeks a candidate who brings a breadth of experience and knowledge regarding open source community sites.Is this a technical role or a business role?
We expect that the right candidate will have equal parts technical chops and business savvy. We are not expecting the CTO to write production code, but the CTO will have to know how to do that so that they can manage it well. Additionally, the CTO will need to understand business problems and how technology can be strategically deployed to meet those needs.Where will the position be based?
Ideally, in Portland, OR, at the Drupal Association headquarters. We know however, that this is likely unrealistic as a hard and fast constraint, and will encourage applicants from around the globe.
Drupal 6.0 was released almost 6 years ago in February 2008. The Drupal community is committed to release Drupal 6 bugfixes until Drupal 8.0 is released and with recent changes provide security fixes much longer.
The hosting and development landscape was very different in 2008 though. PHP has gone a long way since we released Drupal 6. While Drupal 6 is still supported on PHP 4.x, the PHP developer community itself end-of-lifed PHP 4 just half a year after Drupal 6.0 came out. According to public statistics and data available to us about Drupal 6 sites, we estimate that there is a very small number of Drupal sites which may still run on PHP 4. We also don't believe it is in our best interest to support Drupal 6 on a possibly insecure but definitely unsupported base system, so we discussed and decided to drop support for PHP 4 on March 1st 2014.
If you are running a Drupal 6 site on PHP 4.x, we suggest you look at your hosting situation as it is likely there are other outdated (and possibly insecure) components involved in your environment as well. For the secure operations of your site, we suggest you look at other hosting options. We suggest to look for hosting with at least PHP 5.2.4 (same as Drupal 7's oldest supported PHP version).
While we don't plan to deliberately introduce PHP 5 constructs in Drupal 6, this change also lets contributed module developers to use PHP 5 more easily in their code.Front page news: Drupal NewsDrupal version: Drupal 6.x
Back in November of 2011, I appointed Greg Knaddison to lead the Drupal Security Team, for a term of two years. In that time, Greg has done a tremendous job helping the Security Team scale. November 2013 ends the term that Greg and I agreed to, Greg is now stepping down as team lead.
I'm pleased to share that Michael Hess (mlhess on Drupal.org) has accepted my invitation to become the new Security Team lead. For those who don't know Michael, he is an adjunct lecturer and a Solution Architect Lead at the University of Michigan. He teaches courses on content management platforms, particularly focusing on Drupal, oversees the functionality of several campus websites, and serves in a consulting and development role for other departments within the University of Michigan. He has been a member of the Drupal Security Team for 3 years and a member of the infrastructure team for 2 year.
As the Drupal Security Team lead, Michael will be the point person for the team. He'll be responsible for coordinating the Security Team's activities and for making decisions when consensus doesn't arise. Michael wants to move the team into more of an advisory and preemptive role, rather than a response function. In addition, he wants to continue to scale the security team (e.g. by working on building better and more automated tools, providing better metrics, etc).
Please join me in thanking Greg for all the great work he has done over the past two years, and in welcoming Michael as the new team lead!Front page news: Drupal News