Drupal.org users* can now use Two factor authentication to increase the security of their accounts. It can be enabled via Security tab of your user profile page. Read the detailed instructions at Enabling TFA on Drupal.org.
On July 9th 8pm UTC, Drupal.org migrated to a redundant cluster of 2 servers. This provides failover in the event one server fails.
After the migration Host keys will change and your client might give an error message when pushing to Git. Consult your OS’s documentation on how to fix this error.
Should fix the warnings.
If you have any questions please raise an issue in the infrastructure issue queue. https://www.drupal.org/project/issues/infrastructure?categories=All
You can follow the progress of the migration at http://twitter.com/drupal_infra
Update: migration was successful
Host keys have changed and your client might give an error message when pushing to Git. Consult your OS’s documentation on how to fix this error.
On April 15th, a change to a Drupal.org website permission inadvertently allowed a small segment of users to view a report listing the email addresses of recently logged in users. No passwords were involved. The problem was mitigated within 13 hours of being introduced and within 3 hours of being reported. The problem was completely resolved within 24 hours of introduction. The number of affected email addresses is relatively small – fewer than 500. Those users are being contacted directly if their email was affected. Users with maintainer access or the community role and above were not affected by this incident.
The users with permission to see this report were limited to community members that have shown frequent contribution to Drupal.org. The possible exposure time was also limited to between April 15, 2015 20:53 UTC to April 16, 2015 9:00 UTC. There were approximately 44 IP addresses that accessed the information during that time. These users are mostly administrators of Drupal.org and the community members who first reported the incident.
Even though the exposure of email addresses was limited as described above, we recommend all users to be cautious of any email that asks you for personal information.
We want to thank the community members who moved quickly to alert the Drupal Security and Drupal.org infrastructure teams about the problem.
The first initiative on the Drupal.org 2015 roadmap is ‘Better account creation and login’. One of the listed goals for that initiative is “Build a user engagement path which will guide users from fresh empty accounts to active contributors, identifying and preventing spammers from moving further.” This is something Drupal Association team has been focusing on in the last few weeks.
The first change we rolled out a few days ago was a ‘new’ indicator on comments from users whose Drupal.org accounts are fewer than 90 days old. The indicator is displayed on their profile page as well. We hope this will help make conversations in the issue queues and forum comments more welcoming, as people will be able to easily see that someone is new, and probably doesn’t know yet a lot about the way community works.
Today we are taking another step towards making Drupal.org more welcoming environment for new users. But first, a bit of background.
New users and spam
It is not a surprise for anyone that a big number of user accounts registering on the site are spam accounts. To fight that and prevent spam content from appearing on Drupal.org, we have a number of different tools in place. Of course, we don’t want these tools to affect all active, honest users of the site, and make their daily experience more difficult. To separate users we are sure about from those we aren’t sure about yet, we have a special ‘confirmed’ user role.
All new users start without such a role. Their content submissions are checked by Honeypot and Mollom, their profiles are not visible to anonymous visitors of the site, and the types of content they may create are limited. Once a user receives a ‘confirmed’ role, his or her submissions will not be checked by spam fighting tools anymore; their profile page will be visible to everyone, and they will be able to create more different types of content on the site.
This system works pretty well, and our main goal is to ensure that valid new users get the ‘confirmed’ role as quickly as possible, to improve their experience and enable them to fully participate on the site.
The best way to identify someone as not a spammer is have another human look at the content they post and confirm they are not spammers. Previously, we had a very limited number of people who could do that– about 50. Because of that, it usually took quite some time for new user to get the role. This was especially noticeable during sprints.
Today we’d like to open a process of granting a ‘confirmed’ role to the thousands of active users on the site.
‘Community’ user role
Today, we are introducing a new ‘Community’ role on the site. It will be granted automatically to users who have been around for some time and reached a certain level of participation on Drupal.org. Users who have this role will be able to ‘confirm’ new users on the site. They will see a small button on comments and user profile of any user who has not yet been confirmed. If you are one of the users with ‘Community’ role, look out for this new Confirm button, and when you see one next to a user – take another look at what the person posted. If their content looks valid, just click ‘confirm’. By doing so, you will empower new users to fully participate on Drupal.org and improve their daily experience on the site.
With expect to have at least 10,000 active users with the ‘Community’ role. With so many people to grant the ‘confirmed’ role, new users should be confirmed faster than ever before.
If you aren’t sure if you have the ‘community’ role or not, don’t worry. We will send an email notification to every user whose account receives the new role. The email will have all the information about the role and how to use it.
Thanks for helping us make Drupal.org a better place!
One of the Drupal Association’s primary missions is to grow the adoption of Drupal. We are about to launch a new program on April 15th called Try Drupal. The program will make it easy and fast for evaluators to try Drupal and have a simple, great experience while on Drupal.org.
We’ve created Try Drupal with our Premium Hosting Supporters to make it easier for CMS evaluators and Drupal.org newcomers to test and work with a Drupal demo site. The Program will showcase a selection of Hosting Companies where a new user can quickly (in less than 20 minutes) sign up and have a Drupal demo site up and running for them to use for free.
This is part of the Drupal Association’s initiative to develop a new revenue stream through advertising programs on Drupal.org. This revenue will help fund various site initiatives by the Association to improve Drupal.org performance, and make it easier to use and more secure. After interviewing many members of the community, we determined that new advertising products should be useful to Drupal.org visitors, support our mission to grow the adoption of Drupal, and should not interfere with visitors contributing to the project.
To ensure a positive Drupal experience, partners need to adhere to the following guidelines:
The Try Drupal program will be featured on the homepage of Drupal.org. It will launch with a larger iterative change to the homepage, with an emphasis on helping users move from newcomer, to learner, to skilled Drupal community members.
It’s important that we fund Drupal.org improvements, and that we do so in a responsible way that respects the community. We anticipate rolling out more key advertising programs throughout 2015, stay tuned for more updates. Thanks for taking the time to read about our initiatives, and please tell us your thoughts!
Drupal 7.36, a maintenance release with numerous bug fixes (no security fixes) and several new features, is now available for download. See the Drupal 7.36 release notes for a full listing.
Download Drupal 7.36
In honor of long-time Drupal contributor Aaron Winborn (see his recent Community Spotlight), whose battle with Amyotrophic lateral sclerosis (ALS) (also referred to as Lou Gehrig’s Disease) is coming to an end later today, the Community Working Group, with the support of the Drupal Association, would like to announce the establishment of the Aaron Winborn Award.
This will be an annual award recognizing an individual who demonstrates personal integrity, kindness, and above-and-beyond commitment to the Drupal community. It will include a scholarship and stipend to attend DrupalCon and recognition in a plenary session at the event. Part of the award will also be donated to the special needs trust to support Aaron’s family on an annual basis.
Thanks to Hans Riemenschneider for the suggestion, and the Drupal Association executive board for approving this idea and budget so quickly. We feel this award is a fitting honor to someone who gave so much to Drupal both on a technical and personal level.
Thank you so much to Aaron for sharing your personal journey with all of us. It’s been a long journey, and a difficult one. You and your family are all in our thoughts.
Front page news:
Last November we launched Drupal 8 Accelerate, a grant program designed to eliminate Drupal 8 release blockers. Through the progam, we’ve made a small number of grants that have had a huge impact. In fact, we only have about 50 release blockers left between us and release. So now the Association is going to take it to the next level. We’ve already pledged $62,500 of our general operating budget in 2015 as matching funds for you donations. Now we are announcing that the board has partnered with 7 outstanding community supporters to “match the match” and provide another $62,500 of the program, bringing us to $125,000 available for grants.
Now it’s your turn! We’re asking you to help us raise another $125,000 to make the total amount available for these grants $250,000. You can give knowing that every dollar you contribute is already matched by the Association and these anchor donors, doubling your impact. Your donations will allow us to make more grants, faster, increasing our impact and getting D8 out the door!
This is an all-out, everyone-in effort to raise $250,000 to kill the last release blockers in our way.This is our moment – together, we are going to move Drupal 8 from beta to release with the Drupal 8 Accelerate program. We already know it works. Drupal 8 Accelerate grants have already tackled release blockers issues related to menus, entity field validation, and caching. As a donor, you will always know exactly what you’re funding because we’re making it all public.
Join us today and make your donation. The sooner we get this done, the sooner we can all enjoy those launch parties!
Special thanks to our anchor donors, Acquia, Appnovation, Lullabot, Palantir.net, Phase2, PreviousNext, and Wunderkraut, for making this matching campaign possible. These seven organizations stepped up to the plate and made this entire campaign possible. Thank them on Twitter using the #D8Accelerate hashtag.
The D8 Accelerate project is designed to help move Drupal 8 from the initial beta to a full release. This directly relates to the Association’s mission: uniting a global open source community to build and promote Drupal. This is a pilot program from the Drupal Association to put $250,000 of community funds toward accelerating the release of Drupal 8, due to the strategic impact this work has on the entire Drupal ecosystem.
Drupal 7.35 and Drupal 6.35, maintenance releases which contain fixes for security vulnerabilities, are now available for download. See the Drupal 7.35 and Drupal 6.35 release notes for further information.
Download Drupal 7.35Download Drupal 6.35
Voting is now open for the 2015 At-Large Board positions for the Drupal Association! If you haven’t yet, check out the candidate profiles and review the Meet the Candidate sessions (we ran three) that we held. Get to know your candidates, and then get …
With the help of a few key community members, we have been hard at work creating an interface for users to attribute their work in the issue queues to a customer or employer. (#2288727: [meta] Provide credit to organizations / customers who contribute to Drupal issues)
This is an important step in beginning to collect information about the contributions that organizations make in the Drupal ecosystem. Dries has talked about this need in detail in his blog post A method for giving credit to organizations that contribute code to Open Source. Since the original vision laid out in that post, which focused on commit credits, we have expanded the scope to include any contribution in the issue queues.
There will be three parts to the release of this feature on Drupal.org.
First, we needed a way that contributors could attribute their work to an organization—either their employer, their customer or both. (#2340363: Add issue comment attribution) We would like to have feedback through the comment on the issue. Here is an animated example of the comment attribution user interface:
This new field on every issue comment lets the user attribute their work to organizations per comment. Our team is also very excited to introduce a new interface framework for inline editing of entity fields on Drupal.org. There are so many great ways we could use this for easier in place editing of metadata.
Once this comment attribution user interface is deployed, we’ll see how it is used, helping us build the next step.
Interface for Maintainers to Award Issue Credits
The next step will be a method for maintainers to award credit for the intended attribution. (#2369159: Extend crediting UI to include organizations & customers) Allowing maintainers to commit or award the credit for the issue accomplishes two important goals: we incentivise completion and we reduce gaming of the credit system.
By placing credits on issues—rather than commit mentions—we opened up the ability to recognize contributions outside of code. Patch reviews, comments on architectural decisions, wireframes and mockups, and general design feedback are all valuable contributions to the issue queues. Maintainers will now be able to reward those helpful behaviors.
Highlighting Organizations that Contribute
After a couple of months of collecting issue credit data, we will be able to begin using that data to highlight contributing organizations—giving them “trust currency” as Dries put it so well.
Issue credits are not the only contribution we will be tracking. We are already tracking how organizations give back financially through our supporting partner and membership programs. We track organizations that sponsor DrupalCons—and we’d like to start tracking how organizations help build camps.
If feedback goes well, our Drupal.org engineering team is planning to release the comment attribution feature on March 12th.
The user interface for maintainers to award credit should be available for comment in the coming week. Work on that issue has already started at #2369159: Extend crediting UI to include organizations & customers.
Let us know what you think!
Drupal users around the world know Aaron Winborn (aaron), a long-time community member who has made countless contributions to the project and to the people who use it. From building the Media module to helping organize NYC Camp, Aaron has had a massive impact on our community and our project.
For years, Aaron has contributed valuable code, acted as an advocate for increasing involvement in the Drupal community, and has inspired countless people with his brilliance, humility, and grace. That’s why we’re proud to feature Aaron in our latest Community Spotlight, to extend our thanks and let everyone touched by Aaron’s contribution know how they can do the same.
“I met Aaron through Drupal in 2006,” said Jacob Redding (jredding) , a good friend of Aaron’s. “I was living and working in New York, and he was at Advomatic at the time, where he was working on a lot of different things. In 2007 I wound up moving to China and doing some open source and Drupal work out there. Then in March of 2008 I was at a meet-up in China, and there were these guys talking in Chinese about Aaron’s code, and they were ecstatic about it.
“Aaron wrote a lot of modules around media, like putting videos on Drupal sites. It’s something that we do a lot now, though in 2008 it was hard to put video on your website… but Aaron made it easy. So, at this meet-up, these guys thousands of miles away took Aaron’s work and extended it to fit all the video formats that work in China.
“So I filmed this video for him with these developers in China,” Redding concluded. “I said to him, ‘your code just made it to the other side of the planet and made a huge impact — here it is in Chinese, in a different language, for a different market.’ I don’t know where the video is now, but it was really fun. It just shows the way the community gets together and reinforces all these different relationships.”
A friend and mentor
“When I first decided to do Drupal professionally, I was working hard to learn more,” said Alex Urevick-Ackelsberg (Alex UA). “A friend of mine has a firm called Advomatic, and Aaron was the first employee there. So, I asked Aaron if he would help me learn about Drupal, and in repayment, I offered to help him manage the issue queues for his module — the Embedded Media Field. Aaron really helped me figure out the development side of Drupal and… you know, I say that I offered to help him, but really, he’s one of the most giving people I’ve ever met, and I’m sure he would have helped me for nothing more than the karma.”
“He’s a very warm and thoughtful person, and is a very unique individual,” said Amanda Luker (mndonx), a coworker of his from Advomatic. “Aaron has a lot of interesting things to say — you might not know it right away, since he can be very quiet at first. But he really is very thoughtful and sweet. Advomatic was my first job in a development shop, and I was really nervous, but Aaron was so great to work with. He did a lot to help me feel comfortable, and to help me not feel dumb. It means a lot, especially from someone like him — he was always working on a different level. “
Jonathan DeLaigle (grndlvl), another co-worker from Advomatic, agreed. “I’ve always found Aaron to be very approachable, someone that you wouldn’t have to worry about phrasing the question in such a way as to not get ‘oh, well, that’s a stupid question.’ Even though sometimes I’d ask a question that I probably should have known the answer to, he’s the sort of person where it’s ok. You can ask those stupid questions and you can expect a response that’s conducive to your learning experience.”
“It just pours out of him, this intelligence”
When it comes to qualities in Aaron that his friends and colleagues admire, his brilliance is always one of the first things mentioned — alongside his generosity, humility, and kindness.
“Every time I had a conversation with Aaron it was fantastic,” said Redding. “He’s one of these guys where you know he’s super smart. It’s hard to describe when you’re talking to someone who’s pretty much a genius and they’re very subtle and subdued, not over the top — but when you talk to them, you realize what they’re saying is intense and complex and intricate… and it just pours out of him, this intelligence.”
“I met him though the Drupal community,” said Arthur Foelsche (arthurf), who worked with Aaron on the Media module. “Aaron is someone I’ve been at multiple DrupalCons with, someone who I’ve done media sprints with, someone I’ve always appreciated. My experience of Aaron was that every time he encountered a road-block, he always tried to figure out ways to solve it himself.
“That’s not to say he’d eschew other people,” Foelsche added, “but he’d work to figure out solutions that were interesting and relevant to him and to others. He didn’t approach things from the perspective of, ‘why am I being stopped,’ but rather, ‘I bet I can create a solution to get around this problem.’ I see Aaron as this person who believes on a fundamental level that he can make change — not just in Drupal, but in everything and in his personal life. It’s a very important part of who he is.”
“Fixing problems in elegant ways”
Aaron made a reputation for himself in the Drupal community as someone who was happiest when quietly working to solve difficult problems and make Drupal better.
“At one DrupalCon, we were talking through some of the handling of the files themselves in the Media module,” said Foelsche. “Aaron was going through this rumination of, ‘how can these be useful’ and we talked until late at night. We started up again in the morning pretty early (all things considered), and he came back with this notebook just full of ideas. He was so excited and engaged, and just wanted to be able to fix problems in ways that were elegant and useful to people. His enthusiasm around it, and all the time he had spent just that night — I saw him in that moment as just being so glad to be able to work with people on the same problem.”
As any DrupalCon attendee can tell you, camps, cons and great parties go hand in hand. And while loud parties may not be Aaron’s scene, he still participates in his own way.
“I guess one anecdote,” said Aaron Welch (crunchywelch), the founder of Advomatic, “was when we went to OSCon on the Yahoo campus in 2006 or 2007. It was a general Open Source convention, but basically it was overrun by Drupal shops and agents — we completely eclipsed all of the other projects. In any case, the Advomatic team rented a house, and we had some big, crazy parties. There was Guitar Hero on giant screens, lots of drinks, people barbecuing in the back yard… Anyway, Aaron was staying with us at the house, and in the middle of all of this crazy partying going on, he was coding away on the Media module in the kitchen, happy as a clam.
“He was totally participating in his own funny Aaron way,” Welch continued. “He was really happy to be hanging out with everybody, but was still just coding away, being his quiet Aaron self. And that’s Aaron — he’s a pretty reserved kind of person, and he’s the nicest, most dedicated, hard working guy you’ll ever meet.”
Whether alone or in a group, Aaron’s problem solving has gained him a tremendous amount of respect from his peers in the Drupal community.
“Aaron has always tried to find solutions to problems — not just getting around road-blocks,” said Foelsche. “I’ve always been impressed by his knowing himself as a person, and wanting to find ways to do things in the world when he didn’t know that he could. That disposition is a marvelous one. In my opinion, Aaron has always struck a really graceful balance between the ability to solve things on his own and the willingness to work in a group to solve things together. I’ve always enjoyed his company and work, and appreciated not only his disposition in the community but also as a human being.”
“Aaron has never been the person who would blindly jump in if there was a problem,” said Luker. “Working together, he’s always very thoughtful, very deliberate in how he approached things. I could tell that, with his background in philosophy and his interest in alternative education, that independence influenced how he approached life in general. It made me feel like I was in the right place when I started at Advomatic. Knowing that he was there, believing what he believed, it made me feel like, ok, this is a good fit for me, too.”
“An advocate and activist”
Aaron’s passions extend further than just writing code, though. A strong advocate for involvement in the Drupal community, Aaron often quietly stepped up to help grow the project and facilitate change — in Drupal, and in the greater world.
“I would say that Aaron taught me a whole lot of humility,” said Redding. “I don’t know if a lot of people know, but he was behind the scenes of so much stuff. In October of 2009, Aaron stepped up to serve as the Drupal Association (VZW) financial point person for a few sprints… he just sort of stepped in and said, ‘I’m going to do this.’ And he did. At the time he was also running culturefix.org, he was working in activism, and he was — and even after his diagnosis has continued to be — a strong advocate and an activist. He was behind the scenes in a lot of sprints, meet-ups, camps, and was instrumental in a lot of the foundational work that turned into the Drupal Association as it is today.”
“Aaron is, to me, really inspirational when it comes to open source. He really lives it and gives himself to it,” agreed Urevick-Ackelsberg. ”He needed the work, like everybody else, but whatever he could give he gave freely. I feel like, for all the people whose lives he has touched, the repayment is that they’re here and contributing— and I think the real lesson that I’ve taken from him is to give yourself as freely as you can afford to, and the payback for the community that you’re a part of, it goes on and on.”
“Aaron has taught me that you should enjoy the people and the things around you,” Urevick-Ackelsberg said. “I know that Aaron has and does; he’s very inspirational in that regard. He’s taught me that you have to do good things every day, and to give yourself as freely as you can.”
“Strength and dignity from day one”
In spring of 2011, Aaron was diagnosed with ALS, which he announced in a heart-wrenching post on his blog several months later.
“When Aaron got his diagnosis, he took the news and he tried to find a solution,” said Redding. “He’s used the time he has to the best of his ability: he’s spent it with his family, with the communities around him, and looked towards the future of what he could do for those around him — including those he will never meet.”
“He has been so realistic and matter of fact about it,” said Aaron Welch. “It’s just incredible watching how strong he has been. A lot of people would, I think, give up — but Aaron has always been focused on the next challenge. We wanted to give him every opportunity to keep working,” Welch continued. “We knew it would be important — you have to have something to keep you going, and he was always just so strong and generous about it. He was grateful for any help he received, but he wasn’t necessarily asking for it, either. I think you can see that strength and dignity from day one on. He’s just been incredible through the whole thing.”
About a year after Aaron’s initial diagnosis, he and his wife attended DrupalCon Denver. Though his condition had begun to deteriorate, Aaron did not let it stop him from making the most of the experience.
“I remember, we had a day when the Advomatic team all worked together in the same room — and we’re never all in the same room so that was great,” said Luker. “At that point he was able to use voice commands to do his work, and we were all joking about how he got way more done not even typing than the rest of us in the room. You could tell he was so happy to be at DrupalCon — with his community, with his people — and he was so happy that he could contribute.”
“Since his diagnosis it’s been hard,” said Sam Tresler (Tresler), another friend of Aaron’s. “The way he can muster the ability to still find joy in the various things that he does…the ability to face something like that with dignity is such an inspiring thing to me.
“You kind of assume when that much of yourself is taken away, it would cause some drastic changes to an individual — but he hasn’t changed. He’s just using different tools,” Sam continued. “And that’s the best thing I could say about him — his priorities haven’t changed, his desire to learn didn’t change, and his determination to keep his quality of life and his family’s quality of life is forefront in his mind.”
As part of preserving that quality of life for his daughters and his family, Aaron wrote a short book for his daughters called “Where Did Daddy Go?” The book tells the story of a young girl trying to discover what happened to her father, who died. She asks, as a four-year-old might, her pets, the sun, moon and earth, before finally asking her sister and mother,”Where did Daddy Go?” Aaron plans to make the book available on Amazon in the coming weeks.
“We wouldn’t be what we are without him”
“Aaron has always been an example of the values we hold dear in the Drupal community. His humility, generosity, and enthusiasm have quietly but profoundly helped shape our community into what it is today. Drupal wouldn’t be the same without him,” said Dries Buytaert (dries), speaking to Aaron’s numerous contributions to both the Drupal project and the wider community.
“If you look at Drupal 8, and how much time and energy people spent on it, and all the conferences we’re having on it, he has a big influence in it,” said Redding. “He’s not making a big deal about it… he’s not out there saying, ‘I did this!’ because he’s never been that way. But his work on the Media module is really important to Drupal 8, and this comes back to his lessons in humility: that you should do what you do because you like doing it, work on what you love to work on, and if it becomes a big deal, great— and if it doesn’t, great. You don’t have to get caught up in it.”
“Aaron was the first employee of Advomatic,” said Aaron Welch. “It’s hard to point out just one thing Aaron did — I couldn’t even tell you how many projects we worked on together. But we could always, always count on Aaron to be there and help out when we put in a lot of long hours. For a pretty small team, we were doing big, important stuff— and he was a critical part of building Advomatic and making it what it is today. We wouldn’t be what we are today without the incredible dedication and talent he has shown over the years, and his quiet support and hard work.
“He really, in a way, is one of the founders of the company,” Welch continued. “He made his mark, not just on Advomatic but on the Drupal community in general and it has been amazing watching the outpouring of support. People are always asking, ‘how can we help, what can we do…’ and, in my opinion, the best we can do is support him and give him encouragement. I know he really deeply appreciates it.”
Thank You, Aaron
Aaron has given an incredible amount to Drupal. He has contributed to the project, the community, the Drupal Association, and the wider world in ways measurable and immeasurable. And, as Aaron and his family have found, the world is giving back.
“So many people in the Drupal community have generously given to Aaron’s Special Needs Trust,” said Gwen Pfeifer, Aaron’s wife. “Our family has really appreciated it.”
Aaron, thank you so much for everything you have done for all of us. The Drupal project and the Drupal community would not be the same without you. Your kindness, generosity, humility, and dedication are an inspiration to us all. Thank you for the gift of your friendship and code. Through your hard work, dedication, and your incredible strength of character have made the world a better, brighter place. Thank you for everything.
Updated on March 24, 2015:
The Drupal Association is saddened to announce that Aaron Winborn passed earlier today. We have attached Aaron’s obituary to this community spotlight. He will be deeply missed.
In part of our ongoing work to honor exemplary community members, we have created the Aaron Winborn Award to honor community members who exhibit the incredible kindness, integrity, and above-and-beyond commitment to the community that Aaron loved.
Back in December, as part of our ongoing efforts to improve Drupal.org, we kicked off a content strategy project with Forum One. Drupal Association engineering and marketing/communication staff partnered with the Drupal.org Content Working Group and met for a two-day workshop to help get the project team from Forum One (content strategists and user experience designers) up to speed on Drupal.org and the ecosystem of sites and services that our community uses to build and use Drupal.
Over the past month, we have pulled together many detailed documents to help guide our work. While we are only about halfway through this project, we wanted to share a bit of the work-in-progress that will influence Drupal.org’s content strategy in the coming months.
What is Content Strategy
Content strategy is the practice and process of planning content creation, delivery, and governance. Its purpose is to create a repeatable system that defines the entire editorial content development process for a website.
Drupal.org is a very unique website. It serves many purposes:
With so many purposes and competing objectives, a cohesive content strategy that takes in input from many contributors and users of Drupal.org is critcal.
Setting a Content Strategy Vision
To keep us aligned, we outlined three major areas to keep measuring our work against: the big ideas, key messages, and our objectives for content on the site.
Content Strategy Objectives
Identifying Content Types and Gaps in our Content
We have 17 active content types and over 1.2 million pieces of content on Drupal.org. (Really, this is just nodes, we have even more taxonomy terms and views that also represent displays of data.) That’s a lot of content. It’s more than 29,000 projects (modules, themes, distributions, etc.) and over 789,000 issues posted to those projects. We also have over 330,000 forum topics being discussed.
The Curious Case of the Book
With all of that content, 17 types does not quite give us the flexibility or degree of classification that we need to provide truly structured content. We have some content types that are used for so many different kinds of content that they’re virtually meaningless. We have over 12,000 nodes in our “book page” content type. Our book pages can be anything from documentation to landing pages to resource guides to topical pages to module comparisons… really we use them for just about everything.
During the content strategy project, we will explore ways to break our book pages into more meaningful content types that help new users find what they need.
What’s in a Forum
Another content type that gets used for more than it should is the forum topic. We use forums to post news, security announcements, discussions and even support requests. Yet at the same time, it is clear that forums are used far less now than several years ago. We had over 50,000 forum posts in 2008. We had only 11,000 in 2014.
For support and questions, our forums do not have comparable functionality to systems like Drupal Answers—powered by Stack Exchange. Many community members that provide support have already moved to that site to answer questions. Drupal.org is still a starting point for many newcomers to Drupal. One goal of the content strategy project is to make some decisions about where we can best direct newcomers for support.
Where are the Marketing Materials to Help People Choose Drupal?
A key classification of content that we are missing in our information architecture on Drupal.org is marketing materials. We create tons of documentation and handbooks, but we do not have a ton of great materials that tell business evaluators (CIOs, CTOs, managers, and decision makers) why they should choose Drupal. We have a good start with content created to promote Drupal 8, but there is a lot more we can do to help sell the qualities of Drupal.
Auditing What We Have and Mapping What We Want
We took the time to map our community’s content production over time and the totals were amazing.
The height of our community’s content creation was in 2012, when we created more than 195,000 nodes on Drupal.org and Drupal Groups. As Drupal 7 has matured, we have slowed down a bit. In 2014, we created 116,514 nodes on those two sites. That is still a huge amount of content.
Nearly 39% of all of the content on Drupal.org and Drupal Groups was created before 2010. More specifically, 55% of all book pages were created prior to the launch of Drupal 7 in 2011—that’s 5,665 book pages. Only 32% of those book pages have been updated since. That gap of 23% of all book content is a good place to begin an audit.
We are working now to finalize a process for identifying what content could be archived or removed and what content needs to be updated. The community has done admirable job of classifying our documentation by page status, but there is more work to be done. We need an automated process for regularly auditing our content.
We need a better map of related content—content we have and content we need—that can be used to build a better information architecture for new users.
One of the key deliverables for our content strategy project is a site map of what we want the site to look like in 3 months, 6 months and 1 year.
Creating a Governance Plan to Better Support our Community of Creators
We are hard at work reviewing and documenting community processes for maintaining content on Drupal.org. If users have been around for a while, they might have found their way into the content issue queue and wondered at the process and how to start helping. They may also have jumped in and helped edit a documentation page in one of our numerous books. (6,452 of community members have edited 12,326 book pages over 92,000 times.)
The problem is that these processes are not well known and not built into our tools at a level that helps users know what they should and should not do in the system. Learning the “right way” to contribute requires finding policy documentation that is often difficult to get to, and sometimes out of date. Therefore, along with our new content types, we are assessing and testing the user experience for creating, curating and maintaining all of the content on Drupal.org.
As we document the existing rules that govern how contributions are made, it’s become clear that one of the greatest barriers to contribution, especially for new users, is the sheer difficulty of learning the “right way” to make a contribution. We want to change the way these users interact with the site, so that the correct process and procedure for each type of contribution is baked right into the workflow.
Making our Communications Count
The last key deliverable that is being finalized as part of our content strategy is our communications plan. We have 50+ channels that are used by Drupal Association, working groups, social media volunteers, and maintainers to communicate with the community—everything from Twitter to newsletters to the Drupal.org homepage. We do not want to flood you with too much information, but we would like to be able to give you the information you want to see when you want to see it.
Right now, Drupal Association staff and the Drupal.org Content Working Group are mapping our messages to our audiences, our message to our channels and our channels to our audiences. It will be easier than ever to subscribe to the information you want—both email and on the site itself—in the coming year.
We will be wrapping up our content strategy work as March comes to a close.
We will publish more findings along the way. Stay tuned for new content types on Drupal.org—including news, posts, topic-based taxonomy term pages, and better ways to access and help write documentation.
It’s time for another community spotlight, and this month, we’re highlighting a community member who has made huge contributions to the success of the Drupal project and of DrupalCon — and not only through code.
Paul Johnson (pdjohnson) of Manchester is currently the Drupal Director of CTI Digital, and is the social media lead for most DrupalCons. He also maintains the @Drupal Twitter account. Paul has grown the DrupalCon social media program from a small following on twitter to a set of huge, engaged channels. (Image credit to Frank Crijns on Flickr. Thanks, Frank!)
The Drupal Association sat down with Paul in late January to talk about some of his accomplishments and passions.
DA: How did you get involved with Drupal and volunteering with DrupalCon?
Paul: I got involved in 2005 or 2006 by accident when I found it on Google, though I don’t really remember the exact moment. The company I worked for at the time wanted to move from their own homegrown CMS to something else, so I was looking for other solutions. While doing research I came across Drupal, and before I knew it I’d gone to DrupalCon Barcelona [in 2007].
Not long after that, I got really in to twitter. I was going to DrupalCon London in 2011 and I was fiercely excited about going, and I was expressing it on Twitter. Out of the blue, Isabel Schulz — a nice woman who worked for the Drupal Association at the time — reached out to me. She said, “it sounds like you want to get more involved.” It was like lighting a touch paper. Before I knew it they’d given me the username and password to the DrupalCon account and said “right, get on with it.”
DA: That’s a big responsibility!
Paul: At that time social media wasn’t so prevalent, and I don’t think anyone in the Drupal community realised how it could make a big contribution to the success of the conference— how it could reach a wider audience and get help in executing the conference.
I had no rules, and I made mistakes… I was really quite daunted by the prospect. Looking back, I might have destroyed my reputation with Drupal but thankfully I didn’t! I grew and learned, and then in Portland the social media aspect started to grow more quickly. I began writing formal processes to help myself, but it became apparent that as DrupalCon was growing, the success of the social media was perhaps leading towards other people getting involved.
I suppose I’m an unusual person — I find it difficult to find my place in the Drupal community. There are a lot of people out there who are better developers than I am, and I have this thing in my head that held me back from getting involved. I suppose it was quite a long time before I realised I had something valuable to contribute to the community. There has been this idea that contributing modules or contributing to core is cool, but there are lots of us who fall outside that immediate group of people, and who have– until recently– felt orphaned from contribution.
I’ve always thought about when the Association reached out to me. It was a small bit of recognition, but it felt very empowering. It had a big influence on me, and because of it, I’ve always tried to shout for these people who have enthusiasm, and try to ignite it.
DA: Do you have any good examples of that?
Paul: Sure. DrupalCon Portland took place at the same time as that awful Oklahoma tornado. Before it happened, I had always wanted to use social media to watch out for these kinds of things, because… with a very large audience, we can do things and help people very quickly by using the broadcast mechanism.
When the tornado hit, I saw guys in our coder lounge hacking together a solution to help people on the ground, and I used social media to draw attention to it. It snowballed, and before we knew it, FEMA was involved, and that sends shivers down my spine. I love it when social media translates from something that’s just a conversation on the internet to something with a positive, real-world impact.
DA: Switching tracks a little bit, can you tell us about some of the challenges you’ve faced when working on the DrupalCon social media?
Paul: I’ve grown up with the Drupal Association and the project, but in many respects, the biggest attraction is also one of the biggest challenges. The diversity of the Drupal community is… well, in being responsible for representing the Drupal Association and the project and the community, you have to be quite careful. You’re an ambassador, and you have to have to have the highest level of conduct. You can’t always speak your mind.
Sometimes I’ve gotten upset. It’s a big part of my life, Drupal, and people will say things to the official accounts that are upsetting, and you have to rise above that. And sometimes, people will say things from within or without the community that can be quite cutting, and I suppose that’s one of the hardest things. But, ultimately you can draw many positives from that because it becomes a question of, how do you work towards enhancing the minds of people who think like that.
Another challenge was that, in the early days, nobody knew it was me behind the accounts. It does take a reasonable amount of my time — a half an hour or more a day every day, oftentimes more. I didn’t mind [not being known] necessarily, but it’s really nice to get recognition — and, if anyone writes anything valuable I try to give them credit on social media, to encourage and celebrate people who make the effort, and put them on a pedestal so that it spurs others to do the same.
Along those lines, I so often hear, “I don’t go to local meet-ups,” or “I’m not good enough,” or “people will think I’m not clever enough or that my contribution isn’t sufficient.” I think it’s really important that people appreciate that, no matter where you are in your Drupal journey, you know more than the person who just started. You don’t have to be chx or morten or webchick– they all started at nothing, too, but they started a long time ago.
DA: What’s your favorite thing about the Drupal community?
Paul: When our community gets behind an idea, stuff really happens, and it happens really fast. Whether that’s code, or whether it would be to crowd source some funding for a blind man who lives in Italy and wants to go to DrupalCon Portland, it is just magnificent how fast things can happen if the will of the community is drawn.
And, you know, the Drupal community gives me the opportunity to meet or converse with people I would never imagine having the chance to do so with otherwise. It makes my life so much richer. It’s not about the code, Drupal is providing me with the most unimaginable opportunities. It has allowed me — in my career and my personal life — to take on challenges that would never have been available to me before.
Drupal has allowed me to be brave and to take a few risks, like interviewing Dries at the end of his keynote. I like to hide behind social media.. but then I’m projecting it onto a stage. And another thing about the community is, rarely do you meet someone who’s not nice.
DA: What’s your favorite thing about volunteering?
Paul: The thing that I enjoy the very most of volunteering is making a difference. There have been a few things where, I don’t know, I’ve seen a small smoldering fire and I’ve been able to ignite it into a bigger thing.
I was given the keys to DrupalCon, and then in the last few years I’ve taken ownership of the Drupal twitter account. Previously, it had become an abandoned channel, but under my stewardship it has gone from 30k followers to over 55k. And, you know, there are lots of people in media who are watching Drupal and who might be loosely interested. The Drupal twitter has so much opportunity to reach a wider audience with big achievements. So I love to use social media to show that Drupal is more than just America, more than just Europe — there’s a lot going on in India and in Africa and elsewhere.
I welcome anyone to approach me with news of things that they are doing in their local community that we can celebrate on official channels. I love to help grow something that’s a great idea into something that’s really big, because I think we’ve succeeded in growing the community in the USA and Australia and Europe. For me, the next big thing is to support the community in those regions that are about to flourish. How can we help them to make things happen more quickly?
DA: Who are you when you aren’t online?
Paul: I do seek solitude, and I really have a strong appreciation of wilderness. I’m a dad, and I love kids, and I suppose most of my time is spent cycling with my family. We go to The Lake District quite often in the UK, which is a beautiful and mountainous area.
I am passionately into road cycling on my bike, and mountaineering too. I like challenging myself — in everything I do, I always like to push myself. I’m always trying to climb higher or go faster. I’m no happier than when I’m in a mountaintop in the snow, even — especially — if it’s in a blizzard. I love being in a hostile environment where perhaps other people wouldn’t be able to cope. I love to explore places and trek the untrodden path. So even if I go back to the same place, I’ll take a different road.
DA: Do you have any final thoughts to share with us today?
Paul: With Drupal 8 on the way, I started a twitter account called @drupal8iscoming. It’s starting to grow and grow and grow now: it celebrates all things Drupal 8 on the internet — you know, articles, tutorials, events, and also how to help to get the word out to organisations about Drupal. Please check it out!
It’s a great time to be part of the Drupal Association. We’ve done some amazing work in the last few years, and we’re in a great position to work with the community to continue to improve and grow fully into our mission. As a Drupal Association At-Large Director, you’d be in the center of the action. The At-large Director position is specifically designed to ensure community representation on the Drupal Association board and we strongly encourage anyone with an interest to nominate themselves today.
The Board of Directors of the Drupal Association are responsible for financial oversight and setting the strategic direction of the Drupal Association. New board members will contribute to the strategic direction of the Drupal Association. Board members are advised of, but not responsible for matters related to the day to day operations of the Drupal Association, including program execution, staffing, etc. You can learn more about what’s expected of a board member in this post and presentation.
Directors are expected to contribute around five hours per month and attend three in-person meetings per year (financial assistance is available if required). All board members agree to meet the minimum requirements documented in the board member agreement.
Today we are opening the self-nomination form that allows you to throw your hat in the ring. We’re looking to elect one candidate this year to serve a two-year term.
Log in first and…
To nominate yourself, you should be prepared to answer a few questions:
We will also need to know that you are available for the next step in the process, meet the candidate sessions. We are hosting 2 sessions:
The nomination form will be open February 1, 2015 through February 20, 2015 at midnight UTC. For a thorough review of the process, please see our announcement blog post.
If you have any questions, please contact Holly Ross, Drupal Association Executive Director.
Flickr photo: Kodak Views
I was hired by the Drupal Association in October 2014 to develop a new revenue stream from advertising on Drupal.org. For some time we’ve been trying to diversify revenue streams away from DrupalCon, both to make the Association more sustainable and to ensure that DrupalCons can serve community needs, not just our funding needs. We’ve introduced the Drupal Jobs program already and now, after conversations with the community, we want to put more work into Drupal.org advertising initiatives.
This new revenue stream will help fund various Drupal.org initiatives and improvements including better account creation and login, organization and user profile improvements, a responsive redesign of Drupal.org, issue workflow and Git improvements, making Drupal.org search usable, improving tools to find and select projects, and the Groups migration to Drupal 7.
We spent time interviewing members of the Drupal Association board, representatives of the Drupal Community, Working Groups, Supporting Partners, and Drupal Businesses, both large and small to help develop our strategy and guidelines. Our biggest takeaways are:
There are already advertising banners on Drupal.org, however we need to expand their reach to hit our goals. We’re trying to address challenges for our current advertisers, including a relatively low amount of views on pages with ads, which makes it difficult for them to reach their goals.
We’re also facing industry-wide challenges in Digital Advertising. Advertisers are looking for larger, more intrusive ads that get the users’ attention, or at the very least use standard Interactive Advertising Bureau (IAB) ad sizes, which are larger than the ads we offer on Drupal.org.
We came up with a new line of products that we feel will help us reach our goals, but not disrupt the Drupal.org experience, or the Drupal Association Engineering Team roadmap. We want our Engineering Team to fix search on Drupal.org, not spend time developing and supporting major advertising platforms.
2015 Advertising Initiatives:
I wanted to spend most of my time explaining Audience Extension, since its unlike anything we’ve done in the past, and it may prompt questions. This product makes sense because it addresses all of the challenges we’re facing:
How does Audience Extension Work?
It’s important that we fund Drupal.org improvements, and that we do so in a responsible way that respects the community. We anticipate rolling out these new products throughout the year, starting with Audience Extension on February 5th. Thanks for taking the time to read about our initiatives, and please tell us your thoughts!
Now the new year has started, it’s time for our community to think about the future. It has become a tradition for for years now to predict what the year ahead will bring for us — so share your thoughts!
Happy birthday to Drupal! On this day in 2001, Drupal 1.0 was released.
This milestone is the perfect time to talk about some of the findings of our recent community survey. The survey findings offer a window into what community members are thinking as the project matures and evolves. It also gives us at the Drupal Association a way to better understand what we’re doing right and what we could be doing better. There aren’t many surprises (and that’s a good thing), but all of the findings are educational. Here are three results we thought were particularly interesting and insightful.
Drupal 8 Will Be Broadly Adopted
In the survey, about 80% of respondents said they either plan to start using Drupal 8 as soon as it is released, or plan to adopt it at some point after release. Another 8% said they did not have specific plans to adopt, but do plan to evaluate Drupal 8.
Drupal.org Remains an Important and Heavily-Used Tool
The overwhelming majority of respondents said they use Drupal.org more than once per week. Most also say they are satisfied or somewhat satisfied with the site. While that result is encouraging, it does not change the important mission to improve the experience of the site and make it a better tool for everyone from first time visitors to those who spend the majority of their working time on the site.
We Need to Create Broader Awareness of Drupal Association Programs
Community members who took the survey have great awareness of DrupalCons. Awareness of the work we are doing on Drupal.org seems to be steadily growing. But awareness is relatively low for Community Grants and our Supporter Programs that provide a way for organizations to give back to the Project. That awareness is clearly something we need to improve to promote transparency.
If you would like to read the full results, you can access them here (2.8M PDF). Thanks for reading, and thanks for being a part of this amazing community.
Drupal.org will be affected by maintenance Monday, December 15th 17:00 PST, 01:00 UTC (1 day after).
On October 29, the Drupal Security Team issued a Public Service Announcement (PSA) as a follow-up to Security Advisory SA-CORE-2014-005, which disclosed a serious SQL Injection vulnerability in Drupal 7. Our goals with the PSA were to:
(Speaking of which, if you have not remediated yet, please stop reading and do so.)
While we feel those goals were accomplished, the PSA also resulted in a large volume of press coverage – in fact much more coverage than the original disclosure of the vulnerability on October 15th. Not surprisingly, the general tone of the press coverage was quite negative. Unfortunately, some of the coverage was also inaccurate which we’d like to address here as well as provide additional context regarding our security processes.
While we don’t know the total number of Drupal sites affected, the number is not near 12 million as stated in several publications. Unless disabled, individual Drupal sites report their existence back to Drupal.org and this system reports around 1 million total Drupal sites. While this is not an exact measure of live Drupal sites we can infer that the affected number of specifically vulnerable Drupal 7 sites is more likely to be under 1 million.
SA-CORE-2014-005 was certainly a severe issue, if not the most severe issue in Drupal’s history; but it’s important to recognize all software has bugs and security issues that require a remediation process. Finding, fixing and announcing security patches is evidence of a healthy security process and Drupal is one of the few content management systems with a dedicated security team that covers both Drupal core and contributed code.
The above said, there are lessons from both the original disclosure and the follow-up PSA that might result in some changes to the Drupal Security Team policy and process, however we want to reinforce that we are deeply committed to keeping Drupal secure. We encourage you to read this whitepaper that explains our processes, policies and contains a good overview of Drupal security.
If you ever have questions, please use the public discussion area for general topics at https://groups.drupal.org/security or contact us (firstname.lastname@example.org). Or better yet, get involved. You can find more information on the Drupal Security Team page.
-Drupal Security Team