Feed aggregator

Toyota Unveils Plan For Hydrogen Powered Semi Truck

Slashdot -

New submitter omaha393 quotes a report from R&D Magazine: Toyota announced a new initiative on Wednesday aimed at advancing its work in vehicles powered by alternative energy sources. The automaker unveiled Project Portal, which is a novel hydrogen fuel cell system designed for heavy duty truck use at the Port of Los Angeles. A proof-of-concept truck powered by this fuel cell will be part of a feasibility study held at the Port this summer, with the goal of examining the potential of this technology in heavy-duty applications. The test vehicle will produce more than 670 horsepower and 1,325 pound feet of torque from two of these novel fuel cell stacks along with a 12kWh battery. Overall, the combined weight capacity is 80,000 pounds that will be carried over 200 miles. omaha393 adds: "While hydrogen fuel has been criticized due to high cost of production and safety concerns, recent advances in catalysis and solid storage systems have made the prospect of hydrogen fuel an attractive commercial prospect for the future."

Read more of this story at Slashdot.

Aten Design Group: Radios, Checkboxes, and Drupal’s Admin Interface

Drupal Planet -

Custom styled form elements are a common thing to see in a design. That’s because default form styles vary visually from browser to browser and OS to OS. It makes sense that we’d want these elements styled consistently. Styling them is pretty straightforward, with the exception of select dropdowns which can be more complex. Recently, I ran into an unexpected problem when working on a site that needed a branded admin experience.

Styling Radio and Checkbox Buttons

There’s a simple method of styling radio buttons and checkboxes I’ve been using for a while. I first saw it from the people at Tuts+, and they provided this Pen demoing the technique. Briefly explained, we visually hide the input for our radios/checkboxes and draw a new one using :before and :after pseudo elements on the label element. CSS’ :checked selector allows us to toggle our styles based on if the input is checked or not. This technique relies on appropriately marked up inputs and labels, for example:

<div class=”form-element”> <input type=”checkbox” id=”click-me”> <label for=”click-me”>Click Me</label> </div>

Clicking the label (containing the fake checkbox styling) will toggle the state of the real checkbox that’s visually hidden.

Drupal’s Admin Interface

One thing I learned while working with some of Drupal’s admin interfaces is that they only supply the input, and not an accompanying label. This seemed especially true in tabled interfaces, where you’d check off rows of content and perform some action on the selected items. Since we’re hiding an input that doesn’t have a label to attach the visuals to, we just end up with a blank space. There were several options we had for how to address this issue.

1. Drop the Custom Styles

The simplest is to just rely on browser defaults for checkboxes and radios. It’s not a great option, but it is an affordable one for tight budgets.

2. Create the Missing Labels

This ended up being my first approach to fixing this, and became more akin to a game of Whack-a-Mole than I anticipated. After going through various preprocess functions, alters, and render functions I was still encountering inputs that were missing labels. Some I was never able to fully track down where the markup was coming from. Manually finding and fixing every missing label might be a viable solution if your website or application has only a handful of places you need to update. However this is not the most scalable solution, and if your product grows this can quickly become a financial black hole.

3. Create the Missing Labels… with Javascript

Instead of trying to find every place that creates a checkbox or radio on the server side, we could use Javascript to target every checkbox or radio input that is not followed by a label. From there, we just create the label element and insert it after the selected inputs. This is how that might look using jQuery, though it can also be done with Vanilla JS.

This is great, as it solves the problem for every input in one fell swoop. One downside here is the Javascript dependency. Should your Javascript not run for any reason, you’re still left with the original problem of missing inputs. Another is page rendering. User’s might be left with a janky experience as Javascript inserts these elements into the DOM.

4. Drop the Custom Styles… for Older Browsers

In the end, this was the solution that won out. Using CSS Feature Queries and CSS’ appearance property, we’re able to provide styled inputs for most modern browsers and then fall back to default styles in browsers that lack the support we need. This gives us our custom styles, without the scaling problem of #2, and the Javascript dependency of #3. The downside to this solution is that all versions of Internet Explorer and Firefox will use their browser defaults.

Firefox was a surprise to me, as the documentation says it supports appearance. However in practice what I got was a less appealing version of the browser default styles. Also surprisingly was by checking for only -webkit-appearance support, Edge still gets our custom styles applied. This all sat well with me for a working solution. Every team and project has it’s own constraints, so your mileage may vary.

Tesla Settles Lawsuit Against Former Autopilot Program Director Accused of Stealing Info, Engineers

Slashdot -

Earlier this year, Tesla filed a lawsuit against its former director of Autopilot Programs, Sterling Anderson, for stealing proprietary information about the Autopilot program and recruiting fellow Tesla engineers to work with him at Aurora Innovation, another autonomous driving company. According to Electrek, "the lawsuit was settled today with Tesla withdrawing their allegations without damages and Aurora agreeing to make itself available for an audit by a third-party to make sure they don't have proprietary information from Tesla's Autopilot program." From the report: Aurora also agreed to cover the cost of the audit for up to $100,000. The startup claims that it had already ordered its own audit, which found âoeno material Tesla confidential information." As for the allegations of poaching employees, Aurora has agreed not to reach out to Tesla employees for a year and to release the names of former Tesla employees who have joined the startup already. You can read Auroraâ(TM)s statement about the settlement in full here and Teslaâ(TM)s further down below: âoeSelf-driving vehicles will save lives, preserve resources, and make transportation more accessible and enjoyable for everyone. Aurora was founded on the premise that experience, innovative thinking, hard work, and a commitment to doing the right thing can accelerate this future..."

Read more of this story at Slashdot.

Microsoft's Skype Is Most Used Messaging Service For Cyber Criminals, Study Finds

Slashdot -

chicksdaddy quotes a report from The Security Ledger: Cyber criminals lurk in the dark recesses of the internet, striking at random and then disappearing into the virtual ether. But when they want to talk shop with their colleagues, they turn to Redmond, Washington-based Microsoft and its Skype communications tools, according to an analysis by the firm Flashpoint. Mentions of different platforms were used as a proxy for gauging interest in and use of these messaging services. Flashpoint analysts looked, especially, for invitations to continue conversation outside of cyber criminal marketplaces, like references to ICQ accounts or other platforms. The survey results show that, out of a population of around 80 instant messenger platforms and protocols, a short list of just five platforms accounts for between 80% and 90% of all mentions within the cyber underground. Of those, Microsoft's Skype was the chat king. It ranked among the top five platforms across all language groups. That, despite the platform's lack of end-to-end encryption or forward secrecy features and evidence, courtesy of NSA hacker Edward Snowden, that U.S. spies may have snooped on Skype video calls in recent years, The Security Ledger reports. The conclusion: while security is a priority amongst thieves, it isn't the sole concern that cyber criminals and their associates have. In fact, sophisticated hacking communities like those in Russia to continue to rely on legacy platforms like ICQ when provably more secure alternatives exist. The reason? Business. "These cyber criminals have a lot of different options that they're juggling and a lot of factors that weigh on their options," said Leroy Terrelonge III, the Director of Middle East and Africa Research at Flashpoint. "We might suspect that cyber criminals use the most secure means of communication all the time, that's not what our research showed."

Read more of this story at Slashdot.

Pirate Bay Founder Launches Anonymous Domain Registration Service

Slashdot -

An anonymous reader quotes a report from TorrentFreak: Former Pirate Bay spokesperson and co-founder Peter Sunde has just announced his latest venture. Keeping up his fight for privacy on the Internet, he's launching a new company called Njalla, that helps site operators to shield their identities from prying eyes. The name Njalla refers to the traditional hut that Sami people use to keep predators at bay. It's built on a tall stump of a tree or pole and is used to store food or other goods. On the Internet, Njalla helps to keep people's domain names private. While anonymizer services aren't anything new, Sunde's company takes a different approach compared to most of the competition. With Njalla, customers don't buy the domain names themselves, they let the company do it for them. This adds an extra layer of protection but also requires some trust. A separate agreement grants the customer full usage rights to the domain. This also means that people are free to transfer it elsewhere if they want to.

Read more of this story at Slashdot.

[$] The rise of Linux-based networking hardware

LWN Headlines -

Linux usage in networking hardware has been on the rise for some time. During the latest Netdev conference held in Montreal this April, people talked seriously about Linux running on high end, "top of rack" (TOR) networking equipment. Those devices have long been the realm of proprietary hardware and software companies like Cisco or Juniper, but Linux seems to be making some significant headway into the domain. Are we really seeing the rise of Linux in high-end networking hardware?

Facebook is Working On a Way To Let You Type With Your Brain

Slashdot -

From a report: Facebook today unveiled a project from its secretive Building 8 research group that's working to create a brain-computer interface that lets you type with your thoughts. Regina Dugan, a former director of DARPA and the ex-head of Google's experimental ATAP research group, announced the news today onstage at Facebook's F8 developer conference. Dugan, who now heads up Building 8, says the goal is "something as simple as a yes-no brain click" that could fundamentally change how we interact with and use technology. While it does not exist today outside of very specific medical research trials, Dugan says her team is actively working to make it a reality. Dugan refers to the technology as a "brain mouse for AR," meaning it could be an ideal way to receive direct input from neural activity that would remove the need for augmented reality devices to track hand motions or other body movements. For instance, the Microsoft HoloLens uses hand tracking to let you tap your finger in front of you as if you were clicking a mouse. Facebook's theoretical device could also be used for patients with severe paralysis, acting as a "speech prosthetic" Dugan says.

Read more of this story at Slashdot.

Aten Design Group: Migrating Wordpress into Drupal 8

Drupal Planet -

Quite a bit has changed for the Migrate module in Drupal 8: the primary module is part of core and some of the tools have been split into their own modules. Recently, we migrated a Wordpress site into Drupal 8 and this article will help guide you in that process. If you’re looking for information about Wordpress to Drupal 7 migrations, check out Joel Steidl’s article on that here.

At the time of writing this post, the migration modules are considered "experimental" so be aware of that as well. The module's location in core also means that all Drupal core modules also have migration-related code to help out with your Drupal upgrades. We used the WP Migrate module (Migrate Wordpress) as a starting point in bringing this content to Drupal.

This module will give you a good basis for migration, but it is missing a few things that you might want to consider:

  • It will create all vocabularies and taxonomies based on what is in Wordpress but you will need to add some code to connect the taxonomies with posts.
  • Also, it will not bring in featured images.
  • WP content might be using the "line break to paragraphs" functionality, which you need to account for either in your text format for posts or in the migration.

And if you are looking for information about Wordpress to Drupal 7 migrations, check out Joel Steidl's article on that here.

Taxonomy

There's code existing to pull in Wordpress's terms and vocabularies, but you will need to do some work to put them into the right fields with your posts. For this, I ended up taking a more efficient route by querying the source database in prepareRow():

<?php   // place in Posts.php prepareRow()   // get terms for this blog post $tags = $this->select('wp_term_relationships', 'r') ->join('wp_term_taxonomy', 't', 't.term_taxonomy_id=r.term_taxonomy_id') ->fields('r') ->condition('t.taxonomy', 'tags') ->condition('object_id', $row->getSourceProperty('id'))->execute(); $tags = $tags->fetchAll(); $tags = array_map(function($tag) { return intval($tag['term_taxonomy_id']); }, $tags); $row->setSourceProperty('tags', $tags);   // get categories for this blog post $category = $this->select('wp_term_relationships', 'r') ->join('wp_term_taxonomy', 't', 't.term_taxonomy_id=r.term_taxonomy_id') ->fields('r') ->condition('t.taxonomy', 'category') ->condition('object_id', $row->getSourceProperty('id'))->execute(); $category = $category->fetchAll(); $category = array_map(function($tag) { return intval($tag['term_taxonomy_id']); }, $category); $row->setSourceProperty('categories', $category);

And then I updated the migration template with those new values:

# add to the process section field_tags: tags field_category: tags Featured Images

Wordpress stores featured images as attachment posts and stores the relationship in the postmeta table. To bring these in as image fields, we need to make file entities in Drupal which means configuring a new migration.

First, create a migration template called wp_feature_images.yml. Note that I stole some of this from Drupal's core file module:

id: wp_feature_images label: Wordpress Feature Images migration_tags: - Wordpress migration_group: wordpress source: plugin: feature_images destination: plugin: entity:file process: filename: filename uri: uri status: plugin: default_value default_value: 1 # migration_dependencies: # required: # - wp_users

And then create a source plugin:

<?php /** * @file * Contains \Drupal\migrate_wordpress\Plugin\migrate\source\FeatureImages. */   namespace Drupal\migrate_wordpress\Plugin\migrate\source;   use Drupal\migrate\Row; use Drupal\migrate\Plugin\migrate\source\SqlBase; use Drupal\Core\File\FileSystemInterface; use Symfony\Component\DependencyInjection\ContainerInterface; use Drupal\migrate\Plugin\MigrationInterface; use Drupal\Core\State\StateInterface;   /** * Extract feature images from Wordpress database. * * @MigrateSource( * id = "feature_images" * ) */ class FeatureImages extends SqlBase {   public function __construct(array $configuration, $plugin_id, $plugin_definition, MigrationInterface $migration, StateInterface $state, FileSystemInterface $file_system) { parent::__construct($configuration, $plugin_id, $plugin_definition, $migration, $state); $this->fileSystem = $file_system; }   /** * [email protected]} */ public static function create(ContainerInterface $container, array $configuration, $plugin_id, $plugin_definition, MigrationInterface $migration = NULL) { return new static( $configuration, $plugin_id, $plugin_definition, $migration, $container->get('state'), $container->get('file_system') ); }   /** * [email protected]} */ public function query() { $query = $this ->select('wp_postmeta', 'm') ->fields('p', ['ID', 'guid']); $query->join('wp_posts', 'p', 'p.ID=m.meta_value'); $query ->condition('m.meta_key', '_thumbnail_id', '=') ->condition('p.post_type', 'attachment', '=') ->condition('p.guid', '', '<>') // this prevents some duplicates to get the count closer to even ->groupBy('ID, guid'); return $query; }   /** * [email protected]} */ public function fields() { $fields = array( 'ID' => $this->t('The file ID.'), 'guid' => $this->t('The file path'), ); return $fields; }   /** * [email protected]} */ public function prepareRow(Row $row) { $url = $row->getSourceProperty('guid'); $parsed_url = parse_url($url); $filename = basename($parsed_url['path']); $row->setSourceProperty('filename', $filename); $public_path = 'public://' . $parsed_url['path']; $row->setSourceProperty('uri', $public_path);   // download the file if it does not exist if (!file_exists($public_path)) { $public_dirname = dirname($public_path);   // create directories if necessary if (!file_exists($public_dirname)) { $this->fileSystem->mkdir($public_dirname, 0775, TRUE); }   // try to download it $copied = @copy($url, $public_path); if (!$copied) { return FALSE; } } return parent::prepareRow($row); }   /** * [email protected]} */ public function bundleMigrationRequired() { return FALSE; }   /** * [email protected]} */ public function getIds() { return array( 'ID' => array( 'type' => 'integer', 'alias' => 'p', ), ); }   }

In Migrate, the template defines what source, processing, and fields are created. The source plugin is used by that migration to allow you to specify what is created. The source plugin above will get the feature images for posts, but also try and download the image into Drupal's files directory.

You can add this as a dependency for the wp_posts migration. A word of warning though: if one migration (Migration A) depends on a different migration (Migration B), all of the content from A must be migrated before B can be run. If there are images that cannot be resolved for some reason (maybe leftover DB references after an image or post is deleted), this might stop the migration because the dependency cannot be resolved.

And finally, you will also need to add "wp_feature_images" to your manifest_wordpress.yml before running the migration.

Converting content

So far we have updated migration source plugins, but there are also process plugins, which can be used to change row values. As mentioned, the WP content often uses the autop filter to create paragraph/line breaks automatically so we need to change those to HTML for Drupal. (You can also just use this functionality in your text format and skip this step if having this on will not cause issues with other content)

First, create a "src/Plugin/migrate/process" directory if one does not exist in the module and add this processor:

<?php   namespace Drupal\migrate_wordpress\Plugin\migrate\process;   use Drupal\migrate\MigrateExecutableInterface; use Drupal\migrate\ProcessPluginBase; use Drupal\migrate\Row;   /** * Apply the automatic paragraph filter to content * * @MigrateProcessPlugin( * id = "wp_content" * ) */ class WpContent extends ProcessPluginBase {   /** * [email protected]} * * Split the 'administer nodes' permission from 'access content overview'. */ public function transform($value, MigrateExecutableInterface $migrate_executable, Row $row, $destination_property) { return _filter_autop($value); }   }

Then, update the "process" section of "wp_posts.yml" to include this processor:

'body/value': plugin: wp_content source: post_content

All of this should put you on the road to getting Wordpress content migrated into a Drupal 8 site, although you’ll probably have to adjust code to your specific circumstances along the way.

Firefox 53.0 released

LWN Headlines -

Mozilla has released Firefox 53.0. From the release notes: "Today's Firefox release makes Firefox faster and more stable with a separate process for graphics compositing (the Quantum Compositor). Compact themes and tabs save screen real estate, and the redesigned permissions notification improves usability. Learn more on the Mozilla Blog."

Newest Firefox Browser Bashes Crashes

Slashdot -

Nobody likes it when a web browser bombs instead of opening up a website. Mozilla is addressing that in the newly released v53 of its Firefox browser, which it claims crashes 10 percent fewer times. CNET adds: The improvement comes through the first big debut of a part of Project Quantum, an effort launched in 2016 to beef up and speed up Firefox. To improve stability, Firefox 53 on Windows machines isolates software called a compositor that's in charge of painting elements of a website onto your screen. That isolation into a separate computing process cuts down on trouble spots that can occur when Firefox employs computers' graphics chips, Mozilla said.

Read more of this story at Slashdot.

Ubuntu Is Switching to Wayland

Slashdot -

An anonymous reader shares a report: Ubuntu is to ship Wayland in place of X.Org Server by default. Mir, Canonical's home-spun alternative to Wayland, had been billed as the future of Ubuntu's convergence play. But both Unity 8 the convergence dream was recently put out to pasture, meaning this decision was widely expected. It's highly likely that the traditional X.Org Server will, as on Fedora, be included on the disc and accessible from whichever login screen Ubuntu devs opt to use in ubuntu 17.10 onwards. This session will be useful for users whose system experience issues running on Wayland, or who need features and driver support that is only present in the legacy X.Org server session.

Read more of this story at Slashdot.

TED Wants To Remind Us That Ideas -- Not Politicians -- Shape the Future

Slashdot -

An anonymous reader shares a Quartz report: Amid global political upheavals, TED curator Chris Anderson argues that ideas have never mattered more. "Ideas changes how people act and [shape] their long term perspective," he said in during a April 17 press briefing. "Politicians come and go and ideas are forever." He said TED -- two segments of which will be broadcast live in movie theaters this year -- wants to re-introduce civility into political discourse. "We want to avoid the zero sum game we see on cable television every day," said Anderson, noting that TED is a non-partisan organization and has historically featured controversial and intriguing thinkers from both sides of the political divide. In place of the shrill, headline-bait tenor of political spectacles, TED wants to take viewers to a place of "reasoned discourse" where big ideas can act as a bridge between opposing views. By creating an eclectic program -- including an entire session delivered in Spanish and another on artificial intelligence -- Anderson said he wants to steer the conversation away from government and politics. "With so much focus in politics, the world is in danger of forgetting that so much of what really changes the future happens outside completely of politics. It happens inside the mind of dreamers, designers, inventors, technologists, entrepreneurs," he said.

Read more of this story at Slashdot.

Nintendo To Launch SNES Mini This Year, Reports Eurogamer

Slashdot -

Nintendo plans to release another console this year aimed at nostalgia-seekers. The iconic game company is working on a Super Nintendo Entertainment System (SNES) classic version that would launch in time for the holidays, according to Eurogamer, which cites sources with knowledge of the plans. The device is already under development and -- like its predecessor the NES Classic Edition -- will give gamers access to some of the console's biggest hits. From the article: Nintendo's plans for SNES mini are also a major reason why last year's NES mini did not see a reprieve from discontinuation, Eurogamer understands, despite the latter's continued popularity and sell-out status.

Read more of this story at Slashdot.

ThinkShout: Meet the ThinkShout Team at DrupalCon Baltimore

Drupal Planet -

We’re packing our bags for Baltimore and polishing up our slide decks for DrupalCon! We’re so excited to join the Drupal community for a full week of Drupal-y things. We’ve got some great content planned for this year’s conference, and we’re very excited to share it with you all - here’s what you need to know:

Exhibit Hall

The ThinkShout Headquarters this year is booth 432! We’ll be giving away free t-shirts and raffling off an Amazon Echo. You can enter to win for the low, low price of one business card. If you have any questions about our work, current available job opportunities, or what the weather’s like in Portland (spoiler: it’s probably raining), stop by - we’d love to chat with you!

ThinkShout Sessions

The ThinkShout team has two sessions in the DrupalCon agenda this year. We’re also very excited to be leading a discussion in our first DrupalCon Nonprofit Summit. Take a look at our lineup and mark your calendars

Rapid Response Campaigns & Digital Tools” - Monday (4/24), 12:30 - 1:15pm, Nonprofit Summit

The news cycle doesn’t stop, and your website must help you respond to emergencies, not act as a barrier. Drupal can help you react quickly, in concert with your other channels, to turn current events into opportunities to spread your message and further your mission. In this breakout session, Brett Meyer and Lev Tsypin will talk about the tools you have at your disposal in Drupal, scenarios that call for rapid response solutions and how to implement them, and strategies that will help you turn these situations into lasting engagement with your constituents.

Demystifying Rendered Content in Drupal 8 Twig Files” - Tuesday (4/25), 3:45 - 4:45pm

Amy Vaillancourt-Sals is going to show you the ins and outs of Twig! Twig is a robust and elegant template engine for PHP. It’s lightweight, fairly quick to pick up, very readable, and it grants users ultimate control over the markup, including wrapping elements and rendering exactly the output you need. In this session, you’ll learn about the debugging process of sorting through twig variables, using xdebug in PHPStorm, the other helpful debugging tools at your disposal, plus common patterns Amy found helpful for rendering content in twig files.

Content Strategy in Popular Culture, Part Deux” - Thursday (4/27), 10:45 - 11:45am

Brett Meyer’s got a sequel to his session from DrupalCon New Orleans. Another year, another array of pop culture obsessions to examine and apply to the work we do. By exploring how crucial aspects of content strategy play out in movies, music, comic books, and video games, we’ll continue to expand the palette of language we can use to explain and convince more people about the importance of content strategy online, and ensure they understand that it’s not just vital, but fun as well.

Let’s Chat

If you’d like to schedule some time to chat with us in advance, drop us a line via our contact form. We’d be happy to meet up with you in Baltimore!

Silicon Valley's $400 Juicer May Be Feeling the Squeeze

Slashdot -

An anonymous reader shares a Bloomberg report: One of the most lavishly funded gadget startups in Silicon Valley last year was Juicero Inc. It makes a juice machine. The product was an unlikely pick for top technology investors, but they were drawn to the idea of an internet-connected device that transforms single-serving packets of chopped fruits and vegetables into a refreshing and healthy beverage. Doug Evans, the company's founder, would compare himself with Steve Jobs in his pursuit of juicing perfection. He declared that his juice press wields four tons of force -- "enough to lift two Teslas," he said. Google's venture capital arm and other backers poured about $120 million into the startup. Juicero sells the machine for $400, plus the cost of individual juice packs delivered weekly. But after the product hit the market, some investors were surprised to discover a much cheaper alternative: You can squeeze the Juicero bags with your bare hands. Two backers said the final device was bulkier than what was originally pitched and that they were puzzled to find that customers could achieve similar results without it.

Read more of this story at Slashdot.

Security updates for Wednesday

LWN Headlines -

Security updates have been issued by CentOS (libreoffice), Debian (icedove, icu, and imagemagick), Fedora (bind, bind99, ghostscript, libxml2, ming, ntp, proftpd, and qemu), Oracle (bind and libreoffice), Red Hat (bind, qemu-kvm, and qemu-kvm-rhev), Scientific Linux (bind, libreoffice, and qemu-kvm), Slackware (minicom), and SUSE (xen).

Lullabot: Cross-Pollination between Drupal and WordPress

Drupal Planet -

WordPress controls a whopping 27% of the CMS market share on the web. Although it grew out of a blogging platform, it can now can handle advanced functionality similar to Drupal and is a major (yet friendly) competitor to Drupal. Like Drupal, it’s open source and has an amazing community. Both communities learn from each other, but there is still much more to share between the two platforms.

Recently I had the opportunity to speak at WordCamp Miami on the topic of Drupal. WordCamp Miami is one of the larger WordCamps in the world, with a sold-out attendance of approximately 800 people.

undefined What makes Drupal so great?

Drupal commands somewhere in the neighborhood of 2% of the CMS market share of the web. It makes complex data models easy, and much of this can be accomplished through the user interface. It has very robust APIs and enables modules to share one another’s APIs. Taken together, you can develop very complex functionality with little to no custom code.

So, what can WordPress take away from Drupal? Developer Experience: More and better APIs included in WordPress Core

The WordPress plugin ecosystem could dramatically benefit from standardizing API’s in core.

  • Something analogous to Drupal’s Render API and Form API would make it possible for WordPress plugins to standardize and integrate their markup, which in turn would allow plugins to work together without stepping on each other’s toes.
  • WordPress could benefit from a way to create a custom post type in the core UI. Drupal has this functionality out the the box. WordPress has the functionality available, but only to the developer. This results in WordPress site builders searching for very specific plugins that create a specific post type, and hoping it does what they want.
  • WordPress already has plugins similar to Drupal’s Field API. Plugins such as Advanced Custom Fields and CMB2 go along way to allowing WordPress developers to easily create custom fields. Integrating something similar to this into WordPress core would allow plugin developers to count on a stable API and easily extend it.
  • An API for plugins to set dependencies on other plugins is something that Drupal has done since its beginning. It enables mini-ecosystems to develop that extend more complex modules. In Drupal, we see a module ecosystems built around Views, Fields, Commerce, Organic Groups, and more. WordPress would benefit greatly from this.
  • A go-to solution for custom query/list building would be wonderful for WordPress. Drupal has Views, but WordPress does not, so site builders end up using plugins that create very specific queries with output according to a very specific need. When a user needs to make a list of “popular posts,” they end up looking through multiple plugins dedicated to this single task.

A potential issue with including new APIs in WordPress core is that it could possibly break WordPress’ commitment to backwards compatibility, and would also dramatically affect their plugin ecosystem (much of this functionality is for sale right now).

WordPress Security Improvements

WordPress has a much-maligned security reputation. Because it commands a significant portion of the web, it’s a large attack vector. WordPress sites are also frequently set up by non-technical users, who don’t have the experience to keep it (and all of its plugins) updated, and/or lock down the site properly.

That being said, WordPress has some low-hanging fruit that would go a long way to help the platform’s reputation.

  • Brute force password protection (flood control) would prevent bots from repeatedly connecting to wp-login.php. How often do you see attempted connections to wp-login.php in your server logs?.
  • Raise the minimum supported PHP version from 5.2 (which does not receive security updates). Various WordPress plugins are already doing this, and there’s also talk about changing the ‘recommended’ version of PHP to 7.0.
  • An official public mailing list for all WordPress core and plugin vulnerabilities would be an easy way to alert developers to potential security issues. Note that there are third-party vendors that offer mailing lists like this.
Why is WordPress’ market share so large?

Easy: It can be set up and operated by non-developers—and there are a lot more non-developers than developers! Installing both Drupal and WordPress is dead simple, but once you’re up and running, WordPress becomes much easier.

Case in Point: Changing Your Site's Appearance

Changing what your site looks like is often the first thing that a new owner will want to do. With WordPress, you go to Appearance > Themes > Add New, and can easily browse themes from within your admin UI. To enable the theme, click Install, then click Activate.

undefined

With Drupal, you go to Appearance, but you only see core themes that are installed. If you happen to look at the top text, you read in small text that "alternative themes are available." Below that there is a button to “Install a New Theme.”

undefined

Clicking the button takes you to a page where you can either 1) paste in a URL to the tarball/zip, or upload a downloaded tarball/zip. You still have to know how to to download the zip or tarball, and where to extract it, and then browse to appearance, and enable the theme.

So it goes with Drupal. The same process goes with modules and more. Drupal makes things much more difficult. 

So, what can Drupal learn from WordPress?

To continue to grow, Drupal needs to enable non-developers. New non-developers can eventually turn into developers, and will become “new blood” in the community. Here’s how Drupal can do it:

  • A built in theme and module browser would do wonders for enabling users to discover new functionality and ways to change their site’s appearance. A working attempt at this is the Project Browser module (available only for Drupal 7). The catch 22 of this is that you have to download this the old-fashioned way in order to use it.
  • The ability to download vetted install profiles during the Drupal installation process would be amazing. This would go a long way to enable the “casual explorers," and show them the power of Drupal. A discussion of this can be found here.
  • Automatic security updates is a feature that would be used by many smaller sites. Projects have been steered toward WordPress specifically because smaller clients don’t have the budget to pay developers to keep up with updates. This feature has been conceptually signed off on by Drupal’s core committers, but significant work has yet to be done.
Mitigating Security Risks

The downside for this functionality is that Drupal would need to have a writable file-system, which at it’s core, is less secure. Whether that balances out with automatic updates is debatable.

Automatic security updates and theme/module installation would not have to be enabled out of the box. The functionality could be provided in core modules that could be enabled only when needed.

What has Drupal already learned from WordPress?

Cross-pollination has already been happening for a while. Let’s take a look at what the Drupal community has already, or is in the process of, implementing:

  • Semantic versioning is one of the most important changes in Drupal 8. With semantic versioning, bug fixes and new features can be added at a regular cadence. Prior to this, Drupal developers had to wait a few years for the next major version. WordPress has been doing this for a long time.
  • A better authoring experience is something that Drupal has been working on for years (remember when there was no admin theme?). With Drupal 8, the default authoring experience is finally on par with WordPress and even surpasses it in many areas.
  • Media management is the ability to upload images and video, and easily reference them from multiple pieces of content. There’s currently a media initiative to finally put this functionality in core.
  • Easier major version upgrades is something that WordPress has been doing since it’s inception.

Drupal has traditionally required significant development work in between major versions. That however, is changing. In a recent blog post, the lead of the Drupal project, Dries Buytaert said,

Updating from Drupal 8's latest version to Drupal 9.0.0 should be as easy as updating between minor versions of Drupal 8.

This is a very big deal, as it drastically limits the technical debt of Drupal as new versions of Drupal appear.

Conclusion

Drupal and WordPress have extremely intelligent people contributing to their respective platforms. And, because of the GPL, both platforms have the opportunity to use vetted and proven approaches that are shortcuts to increased usability and usage. This, in turn, can lead to a more open (and usable) web.

Special thanks to Jonathan Daggerhart, John TuckerMatthew Tift, and Juampy NR for reviewing and contributing to this article.

undefined

Pages

Subscribe to Heydon Consulting aggregator