webjoke.de

Sure you’ve worked with the Views module in Drupal but have you made the most of it? Get the full breakdown of its features and learn how to create dynamic displays in this article.

Say No to Auto-Updates: Why Your Website Deserves Better Than Subscription Overhaul bhavinhjoshi Tue, 02/25/2025 - 11:07

 

Keeping your website up to date is crucial for security, performance, and functionality. For content management systems (CMS) like Drupal this means regularly updating core software, contributed modules, and themes. To simplify this process, many hosting providers and third-party services offer online automatic subscription services that promise to handle these updates for you.

While the convenience might sound tempting, there are compelling reasons to think twice before opting for this approach. Here’s why manual updates—or at least a more hands-on strategy—are often the smarter choice.

1. Lack of Control Over Timing and Testing

Automatic updates sound great until they happen at the wrong time. When you rely on an online subscription to push updates, you often lose control over when those updates occur. An update might roll out right before a major site event, during peak traffic, or without prior testing. Even minor updates to core or contrib modules can introduce compatibility issues, break custom code, or disrupt functionality. Without a staging environment to test changes first, you’re essentially gambling with your live site’s stability. Manual updates, on the other hand, let you schedule maintenance windows and verify everything works as expected before going live.

2. Compatibility Risks with Custom Code

Most websites aren’t just a collection of off-the-shelf components—they include custom code, configurations, or integrations tailored to specific needs. Automatic update services don’t know your site’s unique setup. A new version of a module or theme might conflict with your customizations, leading to broken features or a completely inaccessible site. For instance, an update to a core CMS component might deprecate a function your custom module relies on, and an automated system won’t pause to warn you. By managing updates yourself, you can review changelogs, test compatibility, and make adjustments proactively.

3. Security Isn’t Guaranteed

The pitch for automatic subscriptions often leans heavily on security: “Stay protected with the latest patches!” While timely updates are indeed critical for patching vulnerabilities, blindly trusting an automated service isn’t a foolproof security strategy. What if the service itself is compromised or fails to verify the integrity of update packages? Worse, some updates might unintentionally expose new vulnerabilities that hackers can exploit before you even notice. Manual updates give you the chance to vet each release, cross-check with community feedback, and ensure you’re not trading one risk for another.

4. No Rollback Options

When an automatic update goes wrong—and it can go wrong—you’re often left scrambling. Many subscription services don’t offer seamless rollback options, meaning you’re stuck troubleshooting a broken site in real time. If you handle updates yourself, you can (and should) back up your site beforehand, test the update in a development environment, and have a clear path to revert changes if something fails. Automation might save time upfront, but it can cost you dearly when recovery becomes a manual nightmare.

5. Hidden Costs and Dependency

Automatic update subscriptions aren’t free—whether it’s a monthly fee or bundled into a hosting package, you’re paying for convenience. Over time, those costs add up, especially if the service doesn’t deliver as promised. More importantly, you become dependent on a third party to maintain a critical part of your site. If the provider changes their terms, raises prices, or shuts down, you’re left in the lurch. Managing updates in-house keeps you in control and avoids tying your site’s fate to someone else’s business decisions.

6. Missed Opportunities for Optimization

Updates aren’t just about security—they often bring performance improvements, new features, or bug fixes that could enhance your site. An automatic system applies these changes without context, but a manual approach lets you dig into what’s new. Maybe a contrib module now offers a setting that could streamline your workflow, or a theme update improves mobile responsiveness. By taking charge, you can align updates with your site’s goals instead of letting them happen passively.

The Better Alternative

Instead of handing over control to an automatic subscription, consider a hybrid approach. Use tools like Composer to streamline updates while retaining oversight. Set up a staging environment to test changes, automate backups, and establish a regular maintenance schedule that fits your needs. If you’re short on time or expertise, hire a developer or agency for periodic reviews rather than outsourcing to a faceless service. The goal is to stay proactive, not reactive.

Automatic online subscriptions for updating core, contrib modules, and themes might promise a hands-off solution, but they come with trade-offs that can jeopardize your site’s stability, security, and flexibility. 

Websites are living systems—each with unique quirks and requirements—and they deserve more than a one-size-fits-all fix. By opting for a manual or semi-manual update process, you’ll keep your site running smoothly, minimize risks, and maintain the freedom to adapt on your terms. Convenience is nice, but control is invaluable.

Drupal Updates Drupal Planet Share this Copied to clipboard Add new comment

Today we are talking about Drupal Contribution, how you can approach it within your company, and why a Contrib First approach is important with guest Steve Wirt. We’ll also cover Config Importer & Tools as our module of the week.

For show notes visit: https://www.talkingDrupal.com/490

Topics

• What is contrib first
• How does this help the Drupal community
• Why is it a good idea for companies
• How do you explain this to non dev folks like CEOs or Presidents
• What do you say if a client does not buy in
• How do you monitor and build confidence in other developers
• How can someone get started
• Any tools or tips for someone trying to bootstrap this

Resources

• MOTW
  • https://www.drupal.org/project/confi
  • https://www.drupal.org/project/upgrade_tool
• Civic Actions Practice Tools - Contrib First
• Civic Actions Engineering Practice Area - Drupal Contrib First Module Development
• Codit menu tools
• Alt text validation - currently being built as Contrib First
• Bill requiring US agencies to share custom source code with each other becomes law
• Link shortners
  • http://dgo.re/ or https://dgo.to/ link shorteners for d.o
• Drupal Contrib Development
• Contribution to a module

Guests

Steve Wirt - civicactions.com swirt

Hosts

Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Avi Schwab - froboy.org froboy

MOTW Correspondent

Avi Schwab - froboy.org froboy

• Brief description:
  • Have you ever wanted to streamline the management of config changes during your Drupal project deployment - importing individual configuration changes from contrib or custom modules and synchronizing settings across different environments? There’s a module for that.
• Module name/project name:
  • Config Importer and Tools
• Brief history
  • How old: created in April 2016 by Andrii Podanenko(podarok)
  • Versions available: 3.2.0 version which works with Drupal 9 and 10, D11 fixes are in the queue.
• Maintainership
  • Actively maintained - although it’s a developer module that’s been mostly stable, so there have not been many recent changes.
  • Security coverage
  • Test coverage - unit tests
  • Documentation - video documenting the process on the module page and instructions in the project overview
  • Number of open issues: 8 open issues, 3 of which are bugs against the current branch
• Usage stats:
  • 300 sites
• Maintainer(s):
  • 7 maintainers across a few different agencies in Ukraine
• Module features and usage
  • This module has no UI, and all of its work is done using it’s config_import services, either importer or param_updater
  • The importer service imports full config files
  • The param_updater service pulls in single parameters from a config file.
  • Both can be used in .install files of contrib modules or on your own site to pull in configuration during database updates, which can be helpful for adding a new feature, modifying existing features, or pushing changes to many sites.
  • There is also a “spiritual successor” to the Confi module called “Upgrade Tool” which has similar functionality with some extra functionality too. https://www.drupal.org/project/upgrade_tool

In a candid video interview with Alka Elizabeth, sub-editor at The DropTimes, Karoly "Charlie" Negyesi reflects on his 20-year journey with Drupal—from his early contributions to his evolving role in the community. He shares insights on open-source culture, mentorship, AI scepticism, job market challenges, and the future of Drupal. A deep dive into the life and thoughts of a developer whose identity is inseparable from the code he writes.

DevCollaborative is a certified Drupal Partner, demonstrating our expertise in the space and giving back to the open source community that our business benefits from.

The Austin Drupal Users Group held its February 18 meetup, featuring discussions on layout systems, frontend architecture, CiviCRM, component libraries, and Drupal automation tools. The report, provided by JD Leonard, highlights key takeaways from the session. The next meetup is on March 11.

Droptica Co-CEO Grzegorz Bartman announces a new open-source intranet system built on Drupal and PHP, designed for seamless integration and internal communication. The platform includes secure news sharing, event management, a knowledge base, AI-assisted content creation, and authentication with LDAP, Google, and Microsoft. Droptica is offering early testing opportunities for 10 companies.

Secure and stable Drupal websites are critical for protecting sensitive data and maintaining your organization’s reputation. Yet, navigating potential security pitfalls can be overwhelming without the right knowledge. With these actionable guidelines, you can fortify your Drupal webpage against vulnerabilities and ensure robust protection.

Dear Readers,

Over the past year, Drupal’s Certified Partner Program has made significant strides, adding 26 new companies and bringing the total to 101 Certified Partners. These partners played a crucial role in Drupal’s sustainability, sponsoring 87% of all contributions in 2024—a massive 158,387 issue credits out of 203,738 total contributions. But here’s the challenge: only 7% of the 1,440 active organizations on Drupal.org are Certified Partners, and just 15% of companies are responsible for 96% of all contributions. This imbalance threatens the long-term sustainability of Drupal, and we need to do more.  

As Tim Doyle outlines, Drupal's future depends on expanding its network of Makers—agencies and organizations that give back to the project rather than just benefit from it. The Drupal Association has set a bold new goal: tripling the number of Certified Partners and pushing for greater participation from larger companies that profit from Drupal but haven’t yet committed to contributions. At the same time, plans are in motion to reward high-level contributors and drive more business to those actively supporting Drupal’s future.  

This is a pivotal moment. With Drupal CMS creating new opportunities and the open-source landscape rapidly evolving, agencies must decide: Are we investing in the future of Drupal, or just relying on it? If your company builds with Drupal, now is the time to step up, contribute, and help shape the next chapter of the project.

Discover Drupal

• Drupal Trash Module: The Ultimate Solution for Managing Deleted Content
• Google Gemini Provider (beta): A Plugin for Drupal AI Module
• Drupal Sapiens Launches Scoring System and Rewards for Contributors

Security

• Drupal Releases Critical Security Updates to Address XSS, Access Bypass, and Gadget Chain Vulnerabilities

Event

• The Drop Times Joins DrupalCamp England 2025 as Media Partner
• Meet the Trainers Taking the Stage at Florida DrupalCamp 2025
• Meet the Minds Behind Florida DrupalCamp 2025: Conversations with the Speakers
• Support Inclusion at Drupal Mountain Camp 2025 with a Diversity Ticket
• Florida DrupalCamp 2025: Organizers Speak on Highlights, Preparations, and Community Spirit
• MidCamp 2025: Ticket Sales and Training Registration Now Open!

Organization News

• Palantir Preps EditTogether for Secure, Real-Time Drupal Collaboration
• LocalGov Drupal Introduces Certified Suppliers Program to Strengthen Council Collaboration
• Varbase 10.0.4: Incremental Update Rolls Out as Part of Release Cycle
• Morpht Enhances Convivial for GovCMS with Major Update
• Packagist Founder Urges Industry to Prioritize Open Source Funding

We acknowledge that there are more stories to share. However, due to selection constraints, we must pause further exploration for now.

To get timely updates, follow us on LinkedIn, Twitter and Facebook. You can also join us on Drupal Slack at #thedroptimes.

Thank you, 
Sincerely 
Alka Elizabeth 
Sub-editor, The DropTimes.

WordPress vs. Drupal: An Honest Comparison for Your Next Web Project bhavinhjoshi Mon, 02/24/2025 - 11:11

When it comes to building a website, two content management systems (CMS) often dominate the conversation: WordPress and Drupal. Both are powerful, open-source platforms with passionate communities, but they cater to different needs and skill levels. As someone who’s worked with both, I’ll break down their key differences—honestly—focusing on ease of use, flexibility, security, and cost, so you can decide which fits your next project best.

Ease of Use: WordPress Wins for Beginners

WordPress is the king of simplicity. With over 43% of the web running on it, its user-friendly dashboard, plug-and-play themes, and massive plugin library make it a go-to for bloggers, small businesses, and anyone who wants a site up fast. You don’t need to know code to get started—install a theme, add a few plugins like Yoast for SEO or WooCommerce for e-commerce, and you’re live in hours.

Drupal, on the other hand, has a steeper learning curve. It’s not that it’s impossible to use—it’s just built for developers or those comfortable digging into the backend. Setting up a basic site takes more time, and customizing it often requires familiarity with PHP, Twig, or its module ecosystem. If you’re not technical, Drupal can feel overwhelming, whereas WordPress feels like it’s holding your hand.

Flexibility: Drupal’s Power Shines

Where WordPress excels in accessibility, Drupal takes the crown for flexibility. It’s a CMS for complex, custom projects. Need a site with intricate user permissions, multilingual capabilities out of the box, or integration with enterprise-level systems? Drupal’s modular architecture lets you build exactly what you want, no compromises. Government sites, universities, and large organizations—like the White House or Harvard—rely on it for a reason: it bends to fit your vision.

WordPress is flexible too, but it leans on plugins to extend functionality. This can lead to bloat—too many plugins slow your site down or create compatibility issues. While WordPress can handle complex sites (think CNN or TechCrunch), it often feels like you’re jury-rigging it to match Drupal’s native capabilities. If your project is straightforward, WordPress is fine, for anything bespoke, Drupal’s the better bet.

Security: Drupal Edges Out Slightly

Security is where the debate gets spicy. WordPress’s popularity makes it a bigger target for hackers. It’s not inherently insecure—core WordPress is solid—but its vast plugin and theme ecosystem is a mixed bag. A poorly coded plugin or an outdated installation can leave you vulnerable. You’ll need to stay vigilant with updates and invest in security plugins like Wordfence.

Drupal has a reputation for being more secure out of the box. Its smaller market share (around 2% of websites) means fewer attacks, and its community is obsessive about patching vulnerabilities fast. Plus, Drupal’s built-in security features—like strict access controls and a focus on enterprise-grade standards—give it an edge for sensitive data. That said, no CMS is bulletproof, misconfigure either one, and you’re asking for trouble. Drupal just requires less babysitting.

Cost: WordPress is Cheaper Upfront, Drupal Pays Off Long-Term

WordPress is the budget-friendly option to start. Free themes and plugins abound, and hosting is dirt cheap—think $5/month on Bluehost. But costs creep up as you scale: premium plugins, developer fees for custom tweaks, and higher hosting for traffic spikes add up.

Drupal’s upfront cost is higher. You’ll likely need a developer to set it up, and hosting requirements are beefier (think VPS or dedicated servers over shared hosting). However, for large-scale sites, Drupal’s efficiency and lack of reliance on third-party add-ons can save money over time. It’s an investment: pay more now, maintain less later.

Performance: Drupal Scales, WordPress Needs Help

Out of the box, Drupal performs better under heavy loads. Its caching system (hello, Views!) and leaner core make it ideal for high-traffic sites with complex queries. WordPress can struggle here—without optimization (think caching plugins like W3 Total Cache or a CDN), it bogs down as traffic grows. For small sites, WordPress is snappy enough, scale up, and Drupal’s architecture shines.

Community and Support: WordPress Has the Edge

WordPress’s community is massive—forums, tutorials, and meetups are everywhere. Need help? Someone’s already solved your problem on Stack Overflow or a YouTube video. Drupal’s community is smaller but fiercely dedicated, with a focus on enterprise users. Documentation is top-notch, but it’s less beginner-friendly. If you’re DIY-ing it, WordPress support feels more accessible, Drupal assumes you know what you’re doing.

The Verdict: It Depends on You

Here’s the honest truth: neither is “better” in a vacuum. WordPress is perfect if you want a quick, affordable site with minimal fuss—think blogs, portfolios, or small e-commerce shops. Drupal is your pick for complex, custom, or high-stakes projects where control and scalability outweigh ease of use.  

If you’re a solo entrepreneur with no coding skills, start with WordPress. If you’re a developer building for a client with big ambitions (and a bigger budget), Drupal’s your tool. Both can get you there—it’s about matching the CMS to your goals, not forcing your goals into the CMS.  

What’s your take? Have a project in mind?

Drupal WordPress Drupal Planet Share this Copied to clipboard Add new comment

One of the most frequently performed actions in Experience Builder (XB) is inserting a component. That UI was moved to the sidebar last week to make it immediately available. After dragging a component onto the canvas, the most common next action is modifying the default component inputs.
So that’s precisely what Jesse Baker, Harumi “hooroomoo” Jang, Luhur Abdi “el7cosmos” Rizal and Lauri “lauriii” Timmanee iterated on this week:

After dragging a component from the left sidebar’s “Library” tab onto XB’s canvas (with a live preview), the “Settings” tab in the right sidebar now automatically appears, making it a smooth experience to modify the component from its default inputs.
“Incredibly obvious

Why Using current_route_match in Access Checks is Problematic admin Sat, 02/22/2025 - 13:40

A strong start of the week by Harumi “hooroomoo” Jang and Jesse Baker, to remove the “insert” panel appearing over the left sidebar, in favor of the components being listed inside the left sidebar:

Experience Builder’s (XB) component library now appears in the left sidebar — making them easier to reach. (Previously, there was a blue “plus” button that covered the left sidebar.)
Issue #3482394, image by Harumi.

The XB UI is once again leaping ahead of the back end: the UI for saving compositions of components as “sections” landed, well ahead of the necessary config entity, let alone the needed HTTP API for actually saving those! 

Syncing Drupal and React for a Custom Interactive Map for Tampa International Airport jenna Fri, 02/21/2025 - 11:17 Drupal Client work A new website as easy to navigate as the airport itself

Tampa International Airport consistently ranks #1 in customer satisfaction thanks in part to how easy it is to navigate. Our goal of the redesign of tampaairport.com was to make sure their Drupal 10 website was just as easy to maneuver. Their team wanted to level up their website’s airport map from simple and static to interactive and dynamic.

React application with Drupal content management

The application's goal was to fetch data from the newly implemented site, providing users with a tool to easily navigate the airport, search for specific locations, and even order food in advance at airport restaurants and cafes. The decision to build a React application stemmed from its performance and ability to integrate with the Drupal site, enabling site editors to consolidate, manage, and edit all content through the Drupal UI. This approach ensured that content updates could occur dynamically without the need for additional development efforts, setting up their team to sustain the custom map.

Recognizing that the primary users of this application would be on mobile devices, we worked hard to ensure that all JavaScript libraries and node packages were lightweight and optimized for mobile performance. 
We significantly reduced the overall footprint of the React application before integrating it into the Drupal site by leveraging techniques like code splitting, which separates components that can be loaded independently, and tree shaking, which removes unused code when bundling multiple JavaScript files. This reduced package size ensures a more efficient experience for users accessing the app on their mobile devices.

React Leaflet library

From a technology standpoint, the application is built using React Leaflet, a library that establishes connections between React and the open-source Leaflet JavaScript library.  The incorporation of Leaflet enables us to display custom images, replacing traditional geographical maps within the interface. To dynamically display our SVG maps, we utilize the ImageOverlay component using map information provided by our custom API endpoint provided by Drupal. We use memoization at the location level so that when users switch between maps, the application swiftly recalls previously viewed layers, ensuring a seamless and responsive experience.

const mapImage = useMemo(() => { return <ImageOverlay url={props.mapSVG} bounds={bounds} />; }, [props.mapSVG]);

Leaflet provides us with the flexibility to set our own boundaries for the map layer. In this application, we opted for a 1000 by 1000 base grid. Within the Drupal UI, editors have the ability to effortlessly add new map locations by specifying X and Y coordinates, effectively placing locations on the map within the established grid.

Furthermore, editors can easily customize the displayed map icons and manage the inclusion of locations within specific icon groupings, all through the user-friendly provided UI. This streamlined process empowers editors to make dynamic adjustments to the map without the need for additional development support.

 

Interactive user experience

The application also includes a list view of the map in which users can select specific locations, triggering a seamless navigation experience on the visual map. Each location in the list displays details such as their name, description, business hours, current status, and proximity to airport gates. Upon choosing a location, the application responds by centering the corresponding point on the visual map.

This interactive feature enhances user experience, allowing them to effortlessly explore and locate points of interest without manually searching the entire map. The linkage between the list view and the visual map ensures that users can easily transition from browsing a curated list of locations to visually identifying and locating those places on the map interface. It serves as an intuitive method to guide users from the textual representation of locations to their spatial representation on the visual map.

Notably, the list view was designed with accessibility in mind, ensuring better usability for keyboard and screen reader users. This thoughtful implementation caters to a diverse range of users, making it an inclusive and user-friendly experience for all. Check it out for yourself.

Video file

The collaboration between the Drupal and React technologies allowed us to build a solution that seamlessly meets the needs of both users navigating the maps and the editors on the Tampa International Airport team. Even though creating this map from scratch was a blast, the custom application I built could easily be applied to another client’s map or way-finding tool.

 

Jennifer Dust

Pantheon strips the values of all query string parameters starting with "utm_" and replaces these with "PANTHEON_STRIPPED". Although they have good reasons to do this (performance), this practice does prevent you from using the values in php. If you want…

Read more

Take control of your Drupal 7 to 10 node migration with our latest technical guide. Learn to extend core plugins, manage entity relationships, and implement custom filtering solutions. We’ve included practical code examples and step-by-step instructions for handling basic pages and articles so you can migrate your next project with confidence.

mauricio Fri, 02/21/2025 - 05:00

At the beginning of 2025, a new CMS hit the market that could revolutionize how you can manage content online. We mean Drupal CMS, a platform designed primarily for marketers that offers intuitive tools for creating websites without coding. What sets this project apart? What capabilities does it offer, and how does it differ from the Drupal Core? We encourage you to read the article or watch an episode of the “Nowoczesny Drupal” series.

I've started working on maintaining Views Data Export again.

I've decided to document my work in 2 week 'sprints'. And so this article is about what I did in Sprint 3.

The sprint ended up being a lot longer than i'd planned for various reasons, mostly illness. I'm starting another sprint today, and so wanted to post an update and draw a line under 'Sprint 3'.

Sprint progress

At the start of the sprint in the Drupal.org issue queue there were:

• 48 open bugs
• 4 fixed issues.
• 63 other open issues

That's a total of 115 open issues.

By the end it looked like this:

• 45 open bugs
• 1 fixed issue.
• 63 other open issues

So that's a total of 109 open issues, only a 5% reduction from before.

Key goals

In this sprint I wanted to:

• Go through the remaining bug reports

Bug reports

• I've still not managed to get through the remaining bug reports, though some have been closed/fixed in the sprint.

Future roadmap/goals

I'm not committing myself to doing these exactly, or any particular order, but this is my high-level list of hopes/dreams/desires, I'll copy and paste this to the next sprint summary article as I go and adjust as required.

• Update the documentation on Drupal.org
• Not have any duplicate issues on Drupal.org

Florida DrupalCamp 2025 features expert-led training sessions covering Drupal CMS, Agile workflows, Drupal Forge, Laravel, and beginner site-building. Michael Anello explores Drupal CMS and its evolving tools, April Sides breaks down Agile and Git workflows, Salim Lakhani introduces cloud-based Drupal Forge, Rod Martin guides absolute beginners through Drupal 11, and Lee Walker helps Drupal developers transition into Laravel. Trainers share insights on technical advancements, best practices, and community collaboration.

Billions of images on the web lack proper alt-text, making them inaccessible to millions of users who rely on screen readers.

My own website is no exception, so a few weeks ago, I set out to add missing alt-text to about 9,000 images on this website.

What seemed like a simple fix became a multi-step challenge. I needed to evaluate different AI models and decide between local or cloud processing.

To make the web better, a lot of websites need to add alt-text to their images. So I decided to document my progress here on my blog so others can learn from it – or offer suggestions. This third post dives into the technical details of how I built an automated pipeline to generate alt-text at scale.

[newsletter-blog] High-level architecture overview

My automation process follows three steps for each image:

1. Check if alt-text exists for a given image
2. Generate new alt-text using AI when missing
3. Update the database record for the image with the new alt-text

The rest of this post goes into more detail on each of these steps. If you're interested in the implementation, you can find most of the source code on GitHub.

Retrieving image metadata

To systematically process 9,000 images, I needed a structured way to identify which ones were missing alt-text.

Since my site runs on Drupal, I built two REST API endpoints to interact with the image metadata:

• GET /album/{album-name}/{image-name}/get – Retrieves metadata for an image, including title, alt-text, and caption.
• PATCH /album/{album-name}/{image-name}/patch – Updates specific fields, such as adding or modifying alt-text.

I've built similar APIs before, including one for my basement's temperature and humidity monitor. That post provides a more detailed breakdown of how I built those endpoints.

This API uses separate URL paths (/get and /patch) for different operations, rather than using a single resource URL. I'd prefer to follow RESTful principles, but this approach avoids caching problems, including content negotiation issues in CDNs.

Anyway, with the new endpoints in place, fetching metadata for an image is simple:

[code bash]curl -H "Authorization: test-token" \ "https://dri.es/album/isle-of-skye-2024/journey-to-skye/get"[/code]

Every request requires an authorization token. And no, test-token isn't the real one. Without it, anyone could edit my images. While crowdsourced alt-text might be an interesting experiment, it's not one I'm looking to run today.

This request returns a JSON object with image metadata:

[code bash]{ "title": "Journey to Skye", "alt": "", "caption": "Each year, Klaas and I pick a new destination for our outdoor adventure. In 2024, we set off for the Isle of Skye in Scotland. This stop was near Glencoe, about halfway between Glasgow and Skye." } [/code]

Because the alt-field is empty, the next step is to generate a description using AI.

Generating and refining alt-text with AI

In my first post on AI-generated alt-text, I wrote a Python script to compare 10 different local Large Language Models (LLMs). The script uses PyTorch, a widely used machine learning framework for AI research and deep learning. This implementation was a great learning experience. I really enjoyed building it.

The original script takes an image as input and generates alt-text using multiple LLMs:

[code bash]./caption.py journey-to-skye.jpg { "image": "journey-to-skye.jpg", "captions": { "vit-gpt2": "A man standing on top of a lush green field next to a body of water with a bird perched on top of it.", "git": "A man stands in a field next to a body of water with mountains in the background and a mountain in the background.", "blip": "This is an image of a person standing in the middle of a field next to a body of water with a mountain in the background.", "blip2-opt": "A man standing in the middle of a field with mountains in the background.", "blip2-flan": "A man is standing in the middle of a field with a river and mountains behind him on a cloudy day.", "minicpm-v": "A person standing alone amidst nature, with mountains and cloudy skies as backdrop.", "llava-13b": "A person standing alone in a misty, overgrown field with heather and trees, possibly during autumn or early spring due to the presence of red berries on the trees and the foggy atmosphere.", "llava-34b": "A person standing alone on a grassy hillside with a body of water and mountains in the background, under a cloudy sky.", "llama32-vision-11b": "A person standing in a field with mountains and water in the background, surrounded by overgrown grass and trees." } }[/code]

My original plan was to run everything locally for full control, no subscription costs, and optimal privacy. But after testing 10 local LLMs, I changed my mind.

I always knew cloud-based models would be better, but wanted to see if local models were good enough for alt-texts specifically. Turns out, they're not quite there. You can read the full comparison, but I gave the best local models a B, while cloud models earned an A.

While local processing aligned with my principles, it compromised the primary goal: creating the best possible descriptions for screen reader users. So I abandoned my local-only approach and decided to use cloud-based LLMs.

To automate alt-text generation for 9,000 images, I needed programmatic access to cloud models rather than relying on their browser-based interfaces — though browser-based AI can be tons of fun.

Instead of expanding my script with cloud LLM support, I switched to Simon Willison's llm tool (see https://llm.datasette.io/). llm is a command-line tool and Python library that supports both local and cloud-based models. It takes care of installation, dependencies, API key management, and uploading images. Basically, all the things I didn't want to spend time maintaining myself.

Despite enjoying my PyTorch explorations with vision language models and multimodal encoders, I needed to focus on results. My weekly progress goal meant prioritizing working alt-text over building homegrown inference pipelines.

I also considered you, my readers. If this project inspires you to make your own website more accessible, you're better off with a script built on a well-maintained tool like llm rather than trying to adapt my custom implementation.

Scrapping my PyTorch implementation stung at first, but building on a more mature and active open-source project was far better for me and for you. So I rewrote my script, now in the v2 branch, with the original PyTorch version preserved in v1.

The new version of my script keeps the same simple interface but now supports cloud models like ChatGPT and Claude:

[code bash]./caption.py journey-to-skye.jpg --model chatgpt-4o-latest claude-3-sonnet --context "Location: Glencoe, Scotland" { "image": "journey-to-skye.jpg", "captions": { "chatgpt-4o-latest": "A person in a red jacket stands near a small body of water, looking at distant mountains in Glencoe, Scotland.", "claude-3-sonnet": "A person stands by a small lake surrounded by grassy hills and mountains under a cloudy sky in the Scottish Highlands." } }[/code]

The --context parameter improves alt-text quality by adding details the LLM can't determine from the image alone. This might include GPS coordinates, album titles, or even a blog post about the trip.

In this example, I added "Location: Glencoe, Scotland". Notice how ChatGPT-4o mentions Glencoe directly while Claude-3 Sonnet references the Scottish Highlands. This contextual information makes descriptions more accurate and valuable for users. For maximum accuracy, use all available information!

Updating image metadata

With alt-text generated, the final step is updating each image. The PATCH endpoint accepts only the fields that need changing, preserving other metadata:

[code bash]curl -X PATCH \ -H "Authorization: test-token" \ "https://dri.es/album/isle-of-skye-2024/journey-to-skye/patch" \ -d '{ "alt": "A person stands by a small lake surrounded by grassy hills and mountains under a cloudy sky in the Scottish Highlands.", }' [/code]

That's it. This completes the automation loop for one image. It checks if alt-text is needed, creates a description using a cloud-based LLM, and updates the image if necessary. Now, I just need to do this about 9,000 times.

Tracking AI-generated alt-text

Before running the script on all 9,000 images, I added a label to the database that marks each alt-text as either human-written or AI-generated. This makes it easy to:

• Re-run AI-generated descriptions without overwriting human-written ones
• Upgrade AI-generated alt-text as better models become available

This approach allows me to re-generate descriptions as models improve. For example, I could update the AI-generated alt-text when ChatGPT 5 is released. And eventually, it might allow me to return to my original principles: to use a high-quality local LLM trained on public domain data. In the mean time, it helps me make the web more accessible today while building toward a better long-term solution tomorrow.

Next steps

Now that the process is automated for a single image, the last step is to run the script on all 9,000. And honestly, it makes me nervous. The perfectionist in me wants to review every single AI-generated alt-text, but that is just not feasible. So, I have to trust AI. I'll probably write one more post to share the results and what I learned from this final step.

Stay tuned.