Personal blog of Yzmir Ramirez

Typically, we receive customer tickets regarding crashes or bugs, where we request a core dump to analyze and identify the root cause or understand the unexpected behavior. To read the core dumps, we also request the linked libraries used by the server’s MySQL. However, there’s a more efficient way to achieve our goal: by using […]

Today we are talking about Drupal Contribution, how you can approach it within your company, and why a Contrib First approach is important with guest Steve Wirt. We’ll also cover Config Importer & Tools as our module of the week.

For show notes visit: https://www.talkingDrupal.com/490

Topics

• What is contrib first
• How does this help the Drupal community
• Why is it a good idea for companies
• How do you explain this to non dev folks like CEOs or Presidents
• What do you say if a client does not buy in
• How do you monitor and build confidence in other developers
• How can someone get started
• Any tools or tips for someone trying to bootstrap this

Resources

• MOTW
  • https://www.drupal.org/project/confi
  • https://www.drupal.org/project/upgrade_tool
• Civic Actions Practice Tools – Contrib First
• Civic Actions Engineering Practice Area – Drupal Contrib First Module Development
• Codit menu tools
• Alt text validation – currently being built as Contrib First
• Bill requiring US agencies to share custom source code with each other becomes law
• Link shortners
  • http://dgo.re/ or https://dgo.to/ link shorteners for d.o
• Drupal Contrib Development
• Contribution to a module

Guests

Steve Wirt – civicactions.com swirt

Hosts

Nic Laflin – nLighteneddevelopment.com nicxvan John Picozzi – epam.com johnpicozzi Avi Schwab – froboy.org froboy

MOTW Correspondent

Avi Schwab – froboy.org froboy

• Brief description:
  • Have you ever wanted to streamline the management of config changes during your Drupal project deployment – importing individual configuration changes from contrib or custom modules and synchronizing settings across different environments? There’s a module for that.
• Module name/project name:
  • Config Importer and Tools
• Brief history
  • How old: created in April 2016 by Andrii Podanenko(podarok)
  • Versions available: 3.2.0 version which works with Drupal 9 and 10, D11 fixes are in the queue.
• Maintainership
  • Actively maintained – although it’s a developer module that’s been mostly stable, so there have not been many recent changes.
  • Security coverage
  • Test coverage – unit tests
  • Documentation – video documenting the process on the module page and instructions in the project overview
  • Number of open issues: 8 open issues, 3 of which are bugs against the current branch
• Usage stats:
  • 300 sites
• Maintainer(s):
  • 7 maintainers across a few different agencies in Ukraine
• Module features and usage
  • This module has no UI, and all of its work is done using it’s config_import services, either importer or param_updater
  • The importer service imports full config files
  • The param_updater service pulls in single parameters from a config file.
  • Both can be used in .install files of contrib modules or on your own site to pull in configuration during database updates, which can be helpful for adding a new feature, modifying existing features, or pushing changes to many sites.
  • There is also a “spiritual successor” to the Confi module called “Upgrade Tool” which has similar functionality with some extra functionality too. https://www.drupal.org/project/upgrade_tool

I have been working on MyDumper for over three years now, and I usually don’t use the tax-consistency-only feature during backups because it wasn’t an option I quite understood. So, when reviewing another issue, I stepped into a curious scenario, and I finally got it and decided to share with you what I learned and when it should […]

At first glance, MongoDB Atlas seems like the perfect solution—an easy-to-use, fully managed cloud database that takes the hassle out of deployment and scaling. But as businesses grow, many discover that Atlas’s convenience comes at a cost—literally. Unpredictable pricing, vendor lock-in, and limited deployment flexibility can turn what once felt like a simple choice into […]

Today we are talking about The IXP Fellowship Initiative, Workplace Developer Training, and making Drupal better for the little guy with guests Carlos Ospina & Mike Anello. We’ll also cover Cloudflare Turnstile as our module of the week.

For show notes visit: https://www.talkingDrupal.com/489

Topics

• What is the IXP initiative
• Why does the community think this is important
• What is the current status
• What changed in the last 10 years
• How do we encourage businesses to do this
• How can people get involved

Resources

• Turnstile
  • Intro blog post from Cloudflare
  • Irvine reCAPTCHA Study
  • Deep dive on Google Scholar
  • Alternatives
    • https://www.drupal.org/project/hcaptcha – privacy-focused alternative, still image-based
    • https://www.drupal.org/project/altcha – open, self-hosted option. Seems more basic.
  • Posts referencing Irvine study
    • https://boingboing.net/2025/02/07/recaptcha-819-million-hours-of-wasted-human-time-and-billions-of-dollars-google-profit.html
    • https://www.theregister.com/2024/07/24/googles_recaptchav2_labor/
    • https://www.pcgamer.com/gaming-industry/a-2023-study-concluded-captchas-are-a-tracking-cookie-farm-for-profit-masquerading-as-a-security-service-that-made-us-spend-819-billion-hours-clicking-on-traffic-lights-to-generate-nearly-usd1-trillion-for-google/
• Widgets
• IXP Fellowship
• Drupal Couple
• Talking Drupal 488 – Drupal Open University
• Get Involved in IXP
  • #ixp-fellowship on the Drupal Slack Workspace

Guests

Carlos Ospina – adrupalcouple.us camoa Mike Anello – drupaleasy.com ultimike

Hosts

Nic Laflin – nLighteneddevelopment.com nicxvan John Picozzi – epam.com johnpicozzi Avi Schwab – froboy.org froboy

MOTW Correspondent

Martin Anderson-Clutz – mandclu.com mandclu

• Brief description:
  • Have you ever wanted to use Cloudflare’s Turnstile web service to secure Drupal web forms, as an alternative to more intrusive CAPTCHA widgets that force users to select squares that contain traffic lights, cars, or bicycles? There’s a module for that.
• Module name/project name:
  • Cloudflare Turnstile
• Brief history
  • How old: created in Sep 2022 by Adam Weiss (greatmatter)
  • Versions available: 1.1.13 which works with Drupal 9.4, 10, and 11
• Maintainership
  • Actively maintained
  • Security coverage
  • Number of open issues: 6 open issues, 3 of which are bugs, with 2 of them postponed
• Usage stats:
  • 3,981 sites
• Module features and usage
  • Anyone who maintains a Drupal site is well acquainted with the need to mitigate form spam submissions. Best practices around which tool to use are an ever-changing conversation.
  • Recently Google announced that reCAPTCHA implementations will need to be associated with a Google Cloud account, and will need to enable payment for anything that exceeds the free allowance of 10,000 assessments per month
  • reCAPTCHA v2 widgets are notorious for the challenges they can present to actual users, particularly image challenges. In addition, a 2023 UC Irvine study concluded that “the true purpose of reCAPTCHAv2 is as a tracking cookie farm for profit masquerading as a security service”, so it’s definitely worth considering other solutions
  • Cloudflare developed turnstile as a CAPTCHA alternative, designed to provide security while minimizing the friction for actual users. More importantly, Turnstile never harvests data for ad retargeting.
  • A free Turnstile account can create up to 10 widgets, with unlimited usage.
  • The turnstile module plugs into the existing Drupal CAPTCHA ecosystem, so it can be an easy swap out for anywhere you’re currently using CAPTCHA widgets.

As we know, Orchestrator is a MySQL high availability and replication management tool that aids in managing farms of MySQL servers. In this blog post, we discuss how to make the Orchestrator (which manages MySQL) itself fault-tolerant and highly available. When considering HA for the Orchestrator one of the popular choices will be using the Raft consensus. […]

Data consistency and availability across distributed systems is crucial, particularly in environments that rely heavily on replication. In Valkey, one critical aspect of this replication process is the replication backlog size. This configuration parameter is vital in managing how much data can be temporarily stored to accommodate replicas that may fall behind the master node. […]

A critical security vulnerability has been identified in the following software that Percona has made available: PMM Open Virtual Appliance (OVA) installations, version 2.38 and above. This vulnerability does not extend to Docker or Amazon Machine Images (AMIs). The Common Vulnerabilities and Exposures (CVE) identifier for this issue has been requested from mitre.org. Immediate actions […]

Today we are talking about The open university initiative, Drupal in academia, and Fostering Drupal Education with guest Jean-Paul Vosmeer. We’ll also cover Artisan as our module of the week.

For show notes visit: https://www.talkingDrupal.com/488

Topics

• What is the Drupal Open University Initiative
• How did this initiative start
• Why is it important to get Drupal into Universities and Classrooms
• What stage is the initiative at
• Is Drupal currently in any universities
• Is it better to approach schools or professors directly
• How is the curriculum being developed
• What are the main differences between this initiative and resources like Drupalize.me, Drupal at your fingertips, or Drupal TB
• What is next on the roadmap
• Where does Drupal CMS fit in
• Where does the initiative need help
• How can someone get involved

Resources

• Drupal Open University Initiative
• Metadrop blog about Artisan
• Drupal viking
• Do it with Drupal
• Drupal at your fingertips
• Drupal Open University
• OSPO
  • https://todogroup.org/
  • https://en.wikipedia.org/wiki/Open_Source_Program_Office
• Content Model & Site Documentation

Guests

Jean-Paul Vosmeer – reactonline.nl jpvos

Hosts

Nic Laflin – nLighteneddevelopment.com nicxvan John Picozzi – epam.com johnpicozzi Avi Schwab – froboy.org froboy

MOTW Correspondent

Martin Anderson-Clutz – mandclu.com mandclu

• Brief description:
  • Have you ever wanted to use the Drupal UI to configure numerous aspects of your Drupal site’s look and feel? There’s a theme for that.
• Module name/project name:
  • Artisan
• Brief history
  • How old: created in Sep 2024 by alejandro cabarcos though recent releases are by crzdev, both of metadrop
  • Versions available: 1.3.8, which support Drupal 10 and 11
• Maintainership
  • Actively maintained, release in the last week
  • Security coverage
  • Documentation: no, but a lengthy README that includes developer notes
  • Number of open issues: 7 open issues, 5 of which are bugs, but 3 are postponed
• Usage stats:
  • 170 sites
• Module features and usage
  • After installing the theme, there is a drush command to generate a subtheme, or you can manually duplicate an included starterkit. You also need to run a couple of npm commands to pull in all the front end libraries, and build the CSS files
  • Once you set the subtheme as your site default, you can customize a variety of ways the site looks, including the fonts and weights to use for heading and default text, the colour and padding of various elements, border weights, border radius, and more.
  • The customizations are grouped into tabs. The base tab includes a colour palette, base font, and link styling. Additional tabs include page layout, header, responsive, and footer, also breadcrumb, headings, display headings, buttons, forms, and components
  • Artisan also provides a toggle to expose extra customization options for dark mode, so if you want your site to give users the option to switch back and forth between normal and dark, this is extremely powerful, but does make for some very long configuration pages
  • You can create and save presets, for easy creation of reusable palettes
  • There is also a companion Artisan Styleguide module that provides a page that previews the theme style applied to an extensive list of elements
  • Last year I was considering making a more configurable subtheme of Olivero for the Event Platform initiative, so I was excited to read about Artisan in a metadrop blog post we’ll include in the show notes

The upcoming Percona Operator for PostgreSQL v2.6.0 release introduces support for PostgreSQL 17, which opens exciting possibilities for data security. Since pg_tde comes pre-installed in Percona’s official PostgreSQL 17 images, this release presents an excellent opportunity to implement Transparent Data Encryption in your Kubernetes-deployed databases. Let’s look at how to configure and use pg_tde with […]