webjoke.de

Klaro is the simplest Cookie Consent Management solution for Drupal

Here's a super quick outline of how to set up Klaro cookie management system for your Drupal website.

markconroy 2nd Dec 2025

Advent Calendar day 2 - Autowiring all the things james Tue, 12/02/2025 - 10:00

Today we are getting a bit technical and diving into Autowiring with Luca Lusso.

What is autowiring? Well, since version 8, Drupal has used Services to provide many small pieces of functionality. Basically, a service is a black box you can use to do something on your site. For example, the Messenger service displays status messages on a page.

In Drupal 8 and 9, when you used a service in your code, you needed to tell Drupal what service you wanted. This was a bit messy, because you needed to find out the class that the service creates, and you also needed the service name. It also required you…

Tags

• Advent Calendar 2025
• Autowiring
• Services

The recent Talking Drupal episode featuring Mike Gifford and Tiffany Farriss present how Drupal is playing a role in the global conversation on digital public infrastructure. Their discussion highlights what the Drupal community already knows, governments are beginning to treat open source as a strategic requirement.

Tiffany Farriss representing Drupal at United Nations’ Open Source Week.

The United Nations’ Open Source Week brought together policymakers, Open Source Program Office (OSPO) leaders and practitioners from across sectors, and Drupal had a seat at the table. The UN uses Drupal, as do most of their members. It reflects the project’s maturity, governance structure and long record of delivering large-scale public services.

The episode goes beyond event commentary. Mike and Tiffany confront a core tension in today’s public-sector technology landscape. Digital public infrastructure is becoming a contested space, shaped by national policy, commercial influence and competing definitions of “openness”. Drupal’s model—global, diverse, community-governed, and not tied to a single vendor—puts it in a different category than many projects marketed as “open”. Their conversation makes the case that Drupal’s longevity and governance give it credibility that is hard to replicate. If you work in public-sector digital services or care about the future of open source in government, this is worth your time.

Most importantly, the talk challenges Drupal professionals to think bigger. If open source is becoming the backbone of digital government, then Drupal contributors have a role to play in shaping that future. That requires awareness, coordination and a willingness to step into policy-adjacent discussions. Mike and Tiffany lay out why these global conversations matter and how Drupal can show up with confidence.

Tim Lehnen and Mike Gifford at United Nations’ Open Source Week

If you want to understand where Drupal fits in the next decade of public-sector digital transformation, watch or listen to the episode and explore the details at https://talkingdrupal.com/528

Permanent deletions frustrating you? Add a safety net, restore content, and control permanent purges. Read this blog to learn how to handle soft deletions with the Drupal Trash module.

Advent Calendar day 1 - Neurodiversity: An Underrated Superpower in Business james Mon, 12/01/2025 - 23:59

I really enjoy keynotes at DrupalCon, particularly those given by guests from outside the Drupal community. This year’s European DrupalCon in Vienna was no exception, and I think Vera Herzmann’s talk on Neurodiversity resonated with everyone present.

I loved how she highlighted neurodiverse people are not disabled or a problem to be solved, but people with superpowers valuable to business, and an asset to be cherished.

She also really engaged with the audience, giving us items to discuss with the people nearby, and I think the audience came back with some excellent points.

The video of her…

Tags

• Advent Calendar 2025
• Neurodiversity
• Keynote

Advent Calendar 2025 - the new plan james Mon, 12/01/2025 - 19:02 Image Body

So first, an apology. I have failed in my original plan. A nasty cold/flu thing sapped my energy, and I wasn’t organised enough to make it work.

The plan was to have initiative leads nominate people who have made an important contribution to their projects, and to feature those “People of Drupal” behind the doors.

Think you to all the people who made great suggestions, and thank you to the people they suggested who responded positively, but we’ve run out of time to make it work.

I still think “The People of Drupal” has great potential, and hopefully we can make it work if we start much earlier…

Contrast Issues -- can you read the text? Dec 01, 2025 0

One of the most common issues we run into making websites accessible is contrast -- making sure the difference between the color and brightness of the text against the background is enough that it's clearly readable.

Blue text on a dark background can be very difficult to read -- but it's not just brightness. Red-green color-blindness affects around 8% of males around the world. Take a screen out into bright sunlight and try to read text that's similar brightness to its background, and you can start to understand that contrast issues affect everyone.

Read More

Drupal has been counted out for years, yet it continues to power some of the most active and trusted websites on the internet. Trends come and go, but the data keeps pointing to the same truth: Drupal remains central to major digital experiences people rely on every day. That is why we built the Discover page at The DropTimes, a space that shows this reality plainly and in real time.

The Discover page gathers top Drupal sites using Tranco rankings based on actual traffic, not assumptions. It cuts through noise and shows who is using Drupal at scale and why it matters. Along with the rankings, we are steadily adding case studies that explain how organisations put Drupal to work in the real world. These insights highlight the decisions, goals and impact behind serious digital projects across industries.

With more than 3,000 sites already listed and many more on the way, our goal is simple: make Drupal’s ongoing relevance visible, understandable and impossible to ignore. As the page grows, so does the picture of a platform that is stable, adaptable and backed by a global community. This is an open invitation to explore, learn and contribute to a clearer understanding of what Drupal continues to achieve.

INTERVIEW

• Oaisys 25 Is Almost Here; Vidit Anjaria Has the Inside Story
• How Witze Van der Straeten Uses AI to Build a Figma-to-Drupal Workflow

DISCOVER DRUPAL

• Discover Leading Drupal Websites and Real-World Use Cases on 'TDT Discover'
• UI Suite Launches Display Builder Beta 1, Advances Core Integration and AI Component‑Generation
• Drupal AI Pushes Forward: MCP 1.2, LMStudio Integration, and 2.0 Development Underway
• Call for Drupal Core Subsystem and Topic Maintainers Following 2025 Check-In
• Drupal AI Initiative Launches Industry Guides to Bridge AI Strategy and Real-World Impact
• Drupal MCP 1.2 Released with Security Coverage, Tools API Integration, and OAuth Support

TUTORIAL

• Testing Isn’t Broken – But Your Method Might Be

ORGANIZATION NEWS

• DevBranch’s Remote Driesnote Watch Parties Reflect Wartime Resilience and Drupal Loyalty
• The Human Edge in Presales: Beating AI-Drafted Drupal Proposals
• Dropsolid AI Raises €1.4M to Build Europe’s First Open, Sovereign AI Digital Experience Platform

PHP

• PHP 8.5 Released with Major New Features for Developers

EVENTS

• DrupalCon Chicago 2026 T-Shirt Design Contest Opens—Submit Your Creative Vision!
• Call for Speakers Opens for Drupal Developer Days Athens 2026 

 

We acknowledge that there are more stories to share. However, due to selection constraints, we must pause further exploration for now. To get timely updates, follow us on LinkedIn, Twitter, Bluesky, and Facebook. You can also join us on Drupal Slack at #thedroptimes.

Thank you. 

Sincerely, 
Alka Elizabeth, 
Sub-editor, 
The DropTimes.

DrupalCon Asia 2025 in Nara, Japan, was more than just a tech conference. With thousands of attendees converging in a city steeped in history, the event reflected a deep sense of purpose and place. Mayor Gen Nakagawa’s remarks underscored Nara’s commitment to fostering global collaboration and open-source innovation.

My LocalGov Drupal contributions for November 2025

This month I focussed on fewer, but larger, issues. Let's see ...

markconroy 1st Dec 2025

If you run an education business today—whether it’s an online academy, coaching platform, corporate training portal or skill-development institute—choosing the right Learning Management System (LMS) is one of the most important decisions you will make. Your LMS becomes the backbone of your teaching, course delivery, student engagement and business growth. Among the many LMS plat

Since Russia's full-scale invasion of Ukraine in 2022, Russian forces have been systematically targeting our civilian power infrastructure. These attacks cause blackouts that can last hours or days, making it difficult to work, live normally, or even survive the winter. In November 2025, these attacks got much worse.

I'm a DDEV maintainer living in Kremenchuk, Ukraine. I'm Stanislav Zhuk, but you can call me Stas. I became a DDEV maintainer in October 2023, and you can read more about my background in the introduction post. I work a typical five-day week, usually from afternoon to evening, which lets me overlap with Randy's timezone.

This is my story of how your support helped me keep working through Russian attacks on our infrastructure, and why it matters so much.

Where Is Kremenchuk?

Kremenchuk is an industrial city in central Ukraine on the banks of the Dnieper River.

The Current Situation

In November 2025, Russians heavily attacked Kremenchuk's infrastructure. We had no electricity, water, or central heating for almost a whole day. Now we have blackouts every day - typically 1.5-2 hours with electricity, then 3-5 hours without it, and the cycle repeats. There's no sign of when this will get better.

This is the reality we live in: you can never know when and where the next strike will happen. I read the news every day, and every day civilians die. I try to focus on other things to stay sane, but the threat is constant.

Working during these conditions needs careful planning. For work, I need to keep my laptop running and have internet with acceptable speed. For home, I need to power the refrigerator during long blackouts so food doesn't spoil. Some things I cannot control: water supply and central heating. I have an electric radiator, but it uses too much power to run from battery stations during long outages.

Surviving Through Russian Attacks on Infrastructure 2022: The Beginning

When Russian attacks on our power infrastructure started in fall 2022, I wasn't ready for long blackouts. I had a couple of small powerbanks for mobile phones and bought several portable lanterns so I wouldn't sit in the dark. I still use them.

The market was crazy at that time - prices went very high and it was hard to find equipment. I didn't buy anything big then, just waited for things to calm down.

2023-2024: Building Capacity

After the first wave of attacks on Ukrainian infrastructure ended and prices went back to normal, I bought two more powerful powerbanks to run my laptop. They got me through 2023 and the first half of 2024. Now I use them to charge mobile phones.

The second problem was internet during blackouts. I switched to a fiber optic provider and bought two UPS units: SKE UPS Mini POE 60W for the router and Marsriva Smart Mini UPS KP5 for the ONA (Optical Network Adapter). Together they give me stable internet for about 8-9 hours when there's no power.

2024: First Community Support

In 2024, Russian attacks on infrastructure came back. Thanks to all of you, an EcoFlow DELTA 2 was sponsored ($1,170), and I bought it at a local shop. This changed everything. Instead of dealing with multiple devices and cables, I just plug one socket into the EcoFlow and have power for the whole room: laptop, external display, lights, and more.

This made things much easier. With one power station, I could work through blackouts without constantly worrying about my battery dying.

November 2025: Facing Harder Russian Attacks

The Russian attacks in November 2025 are much harder than in 2022. They strike more often and cause more damage to our infrastructure.

You helped again. An EcoFlow DELTA 3 ($910) was sponsored. The market changed, and these units got cheaper. Now I don't worry about whether DELTA 2 can charge fully in the short windows when we have electricity. I can power the refrigerator during very long blackouts and work on DDEV at the same time.

Having two power stations makes me feel much more confident during these hard war times. I can:

• Keep one station charging while using the other
• Run both laptop and refrigerator at the same time during long outages
• Work without worrying about power levels all the time
• Focus on DDEV work instead of managing power

The Impact of Your Support

Your support has been really important. Without these power stations, I couldn't do my work as a DDEV maintainer during blackouts. You didn't just give me equipment - you gave me the ability to keep contributing and keep helping the project and its users, even in these hard times.

Thank you for supporting Ukraine and understanding how important our situation is to Europe and the world. Your support means more than just equipment - it's a reminder that we're not alone.

This support is more than just hardware. It shows what open source communities can be: people helping each other through hard times, so we can keep building together.

Looking Forward

I don't know when things will get better. But I know I have what I need to keep working, thanks to you. Every contribution makes a real difference in keeping DDEV maintained and supported.

If you want to support DDEV, visit DDEV's GitHub Sponsors page.

I'm grateful for everyone who supports DDEV. Your help lets me keep working, keep contributing, and keep helping this community grow, even in the darkest times.

This article was edited and refined with assistance from Claude Code.

We’re big believers in supporting our team’s growth, because when our people develop, our clients benefit too. Whether that’s through industry certifications, new technologies, or further study, we’re always proud to see our team expanding their skills.

Recently, Andrei, one of our Drupal developers, completed a Masters in Information Systems & Cyber Security with the University of Chichester. This was a great personal achievement that also strengthens our collective focus on keeping clients’ websites secure. We gave him the opportunity to reflect on the course and its interplay with work via some questions...

How has studying Cyber Security influenced the way you work?

The course reinforced the importance of thinking about security beyond just code or infrastructure. In my role as a Drupal developer, I now approach projects with a more holistic mindset—considering not only secure coding practices but also risks introduced by third-party modules, integrations, and hosting environments. 

The course has helped me become more security-aware in every stage of development. I now build with security in mind—following best practices, writing clean, maintainable code, and ensuring configurations are safe by default. When evaluating contributed modules or custom integrations, I apply the frameworks learned during the course to assess potential vulnerabilities before deployment. It also strengthened my understanding of compliance-related practices, which is useful when supporting clients with PCI or GDPR requirements.

Did your day-to-day work at ComputerMinds help you get more out of the course?

Working on real-world Drupal projects has given me practical insight into the challenges of securing complex content management systems. Seeing firsthand how sites can be exposed through misconfigured modules, outdated dependencies, or external services made the theoretical concepts from the course much more tangible.

It helped me connect my dissertation research on external cybersecurity risks to day-to-day development tasks—like monitoring module updates, assessing third-party integrations, and managing client environments securely.

What do you think ComputerMinds already does well when it comes to cyber security?

ComputerMinds has a strong culture of secure development and client-focused risk management. The team takes care to follow best practices for Drupal security—regular updates, monitoring software components, and structured development workflows. I’ve also seen that security is embedded in our approach to client projects, which ensures sites are robust from day one.

During my course, the landscape shifted with growing threats from supply chain attacks, automated exploits, and cloud service vulnerabilities. ComputerMinds have shown how adaptable we are in responding to these evolving challenges. We ensure the development team are educated about new advisories, and maintain proactive development workflows that reduce exposure.

And what opportunities do you see for us to keep improving?

I’d like to help enhance our approach to external risks by implementing more structured monitoring and auditing. There’s also an opportunity to automate security checks within our development workflows, which could help catch potential vulnerabilities earlier and reduce manual overhead.

The Drop Times spoke with Witze Van der Straeten about his AI-driven Figma-to-Drupal workflow and how experimenting with SDCs, Canvas, and MCP shaped his approach to front-end work. He also reflects on how the Drupal community influenced his growth as a developer.

With Oaisys 25 just days away, QED42 Engineering Manager Vidit Anjaria sits down with The DropTimes to talk about the evolution of engineering culture, the lessons that shaped his approach to architecture, and why this weekend’s open-source AI practitioners’ event could mark a turning point for the community.

Today is Thanksgiving in the US. I know it's not a global holiday, but it has me thinking about gratitude, and specifically about a team that rarely gets the recognition it deserves: the Drupal Security Team.

As Drupal's project lead, I'm barely involved in our security work. And you know what? That is a sign that things are working really well.

Our Security Team reviews reports, analyzes vulnerabilities, coordinates patches across supported Drupal versions, and publishes advisories. They work with Drupal module maintainers and reporters to protect millions of websites. They also educate our community proactively, ensuring problems are prevented, not just fixed. It can be a lot of work, and delicate work.

To get an idea of the quality of their work, check out recent advisories at drupal.org/security. I know it's maybe strange to point out security advisories, but their work meets the highest standards of maturity. For example, Drupal is authorized as a CVE Numbering Authority, which means our security processes meet international standards for vulnerability coordination.

Whether you're running a small blog or critical government infrastructure, the Security Team protects you with the same consistency and professionalism.

While I'm on our private security team mailing list, they do all this without needing me to oversee or interfere. In fact, the team handles everything so smoothly that my involvement would only slow them down. In the world of open source leadership, there is no higher compliment I can pay them.

Security work is largely invisible when done well. Nobody celebrates the absence of breaches. The researchers who report issues often get more recognition than the team members who spend hours verifying, patching, and coordinating fixes.

All software has security bugs, and fortunately for Drupal, critical security bugs are rare. What really matters is how you deal with security releases.

To our Security Team: thank you for your excellence. Thank you for protecting Drupal's reputation through consistent, professional, often invisible work, week after week.

Vector databases have become a key component of modern AI applications in Drupal. Thanks to integration with the AI Search module, they enable semantic content search, reduction of hallucinations in AI chatbots, and implementation of advanced RAG (Retrieval Augmented Generation) functions. Choosing the right VDB provider can significantly impact the performance, cost, and scalability of your AI solution in your Drupal project.

LocalGov Drupal Week 2025 recap: Explore key takeaways from the conference that brought together brilliant minds to advance public sector digital transformation and build better citizen services.

AI has sped up proposal writing—but made them all sound the same. In this DrupalCon Vienna session, Monisha Navlani explores how Drupal agencies can rise above the noise with real-world context, trust, and a human voice.

Several years ago, I built a photo stream on my Drupal-powered website. You can see it at https://dri.es/photos. This week, I gave it a small upgrade: infinite scroll.

My first implementation used vanilla JavaScript using the Intersection Observer API, and it worked fine. It took about 30 lines of custom JavaScript and 20 lines of PHP code.

But Drupal now ships with htmx support, and that had been on my mind. So a couple of hours later, I rewrote the feature with htmx to see if it could do the same job more simply.

It's something I love about Drupal: how we keep adding small, well-chosen features like htmx support. Not flashy, but they quietly make everyday work nicer. Years ago, Drupal was one of the first CMSes to adopt jQuery, and our early adoption helped contribute to its widespread use. Today, we're replacing parts of jQuery with htmx, and Drupal may well be among the first CMSes to ship htmx in core.

If, like me, you haven't used htmx before, it lets you add dynamic behavior to pages using HTML attributes instead of writing JavaScript. Want to load content when something is clicked or scrolled into view? You add an attribute like hx-get="/load-more" and htmx handles the request, then swaps the response into your page. It gives you AJAX-style interactions without having to write JavaScript.

To make the photo stream load more images as you scroll, I added an "htmx trigger". When it scrolls into view, htmx fetches more photos and appends them to the right container. The resulting HTML looks like this:

<div hx-get="/photos/load-more?offset=25" hx-trigger="revealed" hx-target="#album" hx-swap="beforeend"> <figure> ... </figure> </div>

The hx-get points to a controller that returns the next batch of photos. The hx-trigger="revealed" attribute means "fire when scrolled into view". The hx-target="#album" tells htmx where to put the new content, and hx-swap="beforeend" appends it at the end of that #album container.

I didn't want users to hit the last photo and have to wait for more to load. To keep the scrolling smooth, I added the trigger a few photos before the end. This pre-fetches the next batch before the user even realizes they are running out of photos. This is what the code in Drupal looks likes:

// Trigger 3 images before the end to prefetch the next batch. $trigger = array_keys($images)[max(0, count($images) - 4)]; foreach ($images as $key => $image) { … if ($key === $trigger) { // Add htmx attributes to the <div> surrounding the image. $build['#attributes']['hx-get'] = '/photos/load-more?offset=' . ($offset + $limit); $build['#attributes']['hx-trigger'] = 'revealed'; $build['#attributes']['hx-target'] = '#album'; $build['#attributes']['hx-swap'] = 'beforeend'; } }

And the controller that returns the HTML:

public function loadMorePhotos(Request $request) { $offset = $request->query->getInt('offset', 0); $limit = 25; $photos = PhotoCollection::loadRecent($offset, $limit); if (!$photos) { return new Response(''); } $build = $this->buildImages($photos, $offset, $limit); $html = \Drupal::service('renderer')->renderRoot($build); return new Response($html); }

Each response includes 25 photos. It continues fetching new photos as you scroll down until there are no more photos, at which point the controller returns an empty response and the scrolling stops.

As you can tell, there is no custom JavaScript in my code. It's all abstracted away by htmx. The htmx version took less than 10 lines of PHP code (shown above) instead of 30+ lines of custom JavaScript. The loadMorePhotos controller I needed either way.

The savings are negligible. Replacing a couple dozen lines of JavaScript won't change the world. And at 16KB gzipped, htmx is much larger than the custom JavaScript I wrote by hand. But it still feels reasonable. My photo stream is image-heavy, and htmx adds less than 0.5% to the initial page weight.

Overall, I'd say that htmx grew on me. There is something satisfying about declarative code. You describe what should happen, and the implementation disappears. I may try it in a few more places to improve the user experience of my site.