How to install Drupal on Windows Subsystem for Linux (WSL/Ubuntu)

Submitted by dryer on Sun, 08/07/2016 - 10:11

Windows 10 can now run a native Linux shell using a novel technology. Previously running PHP applications like Drupal was cumbersome under the world's most popular desktop operating system, but with the Windows Subsystem for Linux developers can enjoy a near-native Ubuntu shell within Windows.

Drupal 8: Critical vulnerability in Guzzle library / httpoxy (PSA-2016-002)

Submitted by dryer on Mon, 07/18/2016 - 06:32

On Monday 18th July 2016 Drupal 8 will receive a critical patch to the system. Instead of Drupal itself, this issue is a part of a third party library that Drupal uses Normally the Drupal security team releases patches on Wednesdays, but in this case it has been moved to Monday. There will be no releases on the upcoming Wednesday, July 20th.

The issue at hand is the Guzzle library, which in turn stems from a much larger issue, now known as httpoxy which is a low level issue in how FastCGI and PHP-CGI work together:

Highly critical vulnerabilities allowing remote code execution in Drupal

Submitted by dryer on Wed, 07/13/2016 - 06:17

Drupal is a popular open source content management system (CMS) that is used by hundreds of thousands of websites. Drupal relies heavily on third party modules to extend functionality. On July 13th 2016 a number of critical patches will be released to modules that are often used with Drupal to expand functionality in the following modules:

Drupal and WordPress tech stacks diverge to PHP and JavaScript

Submitted by dryer on Fri, 07/08/2016 - 21:00

WordPress and Drupal are both very popular Content Management Systems (CMS) that power large parts of the internet. The two projects share quite a few things. They were started early in the 2000's and have grown to be large players in a market that used to be owned by Proprietary Software.

Introduction to GraphQL for Drupal Developers

Submitted by dryer on Sat, 06/18/2016 - 11:10

GraphQL is a high level communication protocol that can be used as an alternative to REST APIs. Ever since the keynote DrupalCon 2015 in Barcelona the interest in GraphQL has increased in the Drupal community. GraphQL is a great match for Drupal as the use of Drupal as a headless CMS continues to rise.

JSON Web Tokens (JWT) for Drupal Core

Submitted by dryer on Mon, 06/13/2016 - 18:58

JWT (JSON Web Token) is a contemporary authentication method that is gaining popularity. Instead of sending back and forth cookies with each request, the JWT token is stored by the client and then sent to the server on each request.

Once the server receives the request with a token in the headers, then it is validated and the server then acts depending on if the user is considered valid or not. This is very commonly needed when working with a decoupled setup using GraphQL or RESTful APIs with rich front ends built with technologies such as Angular or React.js.

Angular 2 and Drupal communities collaborating on Weather Channel projects

Submitted by dryer on Thu, 05/26/2016 - 17:23

At the Angularconf 2016 Matt Davis from Mediacurrent discussed the collaboration between the Angular 2 and Drupal communities. Currently Drupal is missing a comprehensive front end framework and is looking at coupling together with Angular to provide a more contemporary administration editing interface.

Did Drupal and Drupalgeddon lead to Panama Papers leaks at Mossack Fonseca?

Submitted by dryer on Tue, 04/05/2016 - 17:28

Recently a giant information leak revealed a number of individuals practising tax evasion using the Panamanian company Mossack Fonseca. In wake of the stories revealing the culprits behind the evasion itself Forbes has done investigative journalism to find the reasons that lead to the leak itself.

The surprising suspect is Free Software. The championed tools that are related with freedom of speech and freedom from evil corporations are indeed used largely everywhere - for good and evil.

Drupal team working on Angular 2 Universal support for Twig / PHP

Submitted by dryer on Tue, 03/29/2016 - 17:36

Decoupling Drupal and working with a front end framework has been a hot topic in the Drupal Community for a while now. Dries Buytaert has discussed the prospects of different options, and has even credited the Angular 2 team for changing their licensing to be compatible with Drupal.