Drupal Association appoints Executive Director

We announced on April 30, 2019 that Heather Rocker has been selected as the next Drupal Association Executive Director.

Heather Rocker joins the Drupal Association with a strong history of leadership in technology and the nonprofit world. She was the first executive director of the Women in Technology Foundation, as well as the CEO of Girls Incorporated of Greater Atlanta. Most recently she acted as the Managing Principal of Systems Evolution, Inc. in Atlanta, Georgia. She also serves as Immediate Past-President of the Board of Directors of Georgia FIRST Robotics.

GitLab phase 1 Completed!

For the past 18 months, interoperability between the current Git infrastructure and migration to GitLab was a much larger effort than expected.  With several challenges: optimization of project syncing, disaster recovery, replication, high availability, and phasing out our old Git servers, to name a few. Each member of the Engineering Team has put a lot of time and effort in testing and addressing these challenges. We thank GitLab, The Drupal Association Engineering Team, and Partners for helping us achieve this launch date.

I hope you are excited as we are in achieving this milestone. 

The goals of phase 1 were to:

●      Transparently replace Drupal’s current underlying Git infrastructure (as part of this migration git.drupal.org’s SSH host key will change) for: repository hosting, maintainer permissions, code viewing with GitLab repositories, GitLab roles and permissions for maintainers, and the GitLab code viewing UI.

●      Enable inline code editing for project maintainers.

●      To unblock allowing pull requests, inline code editing for all contributors, and more in phase 2.

Read more about the Drupal Association partnership with GitLab at:  https://www.drupal.org/drupalorg/blog/developer-tools-initiative-part-5-gitlab-partnership

Please feel free to review our FAQs about GitLab at:  https://www.drupal.org/drupalorg/docs/gitlab-integration/gitlab-frequently-asked-questions

If you have questions, please join us in Drupal Slack on channel #gitlab.

Beginning of Gitlab Phase 2

This phase is focused on:  enabling merge requests, inline code editing, and web-based code review.  Phase 2 will enable benefits to developer velocity and collaboration:

●      By adding merge requests, contributing to Drupal will become much more familiar to the broad audience of open source contributors who've learned their skills in the post-patch era.

●      By adding inline editing and web-based code review, it will be much easier to make quick contributions. This not only lowers the barrier to contribution for people new to our community, it also saves significant effort for our existing community members, as they'll no longer need to clone work locally and generate patches.

●      Finally, by creating a tight integration between the Drupal.org issue queues and GitLab's development tools, we'll be able to transition to this new toolset without disrupting the community's existing way of collaborating.

The Engineering team and our partners are currently evaluating the timeline for Phase 2 and will update our issue tracker once it’s established.

Drupal Steward Program

The program will focus on protection that closes the gap between security releases and site updates. The Security Team and the Drupal Association have been developing this program for over a year.

The goals are:

●      Provide a new service to the Drupal community, from small site owners to enterprise-scale end users, to protect their sites in the gap from security release to the time it takes them to patch.

●      Create a new model for sustainability for the Security Team, generating funding that 1) covers the operating costs of the program 2) can support security team operations and 3) can support additional Drupal Association programs.

Drupal Steward will offer sites a form of mitigation through the implementation of web application firewall rules to prevent mass exploitation of some highly critical vulnerabilities (not all highly critical vulnerabilities can be protected in this fashion, but a good many can be—this method would have worked for SA-CORE-2018-002 for example).

It will come in three versions:

●      Community version - for small sites, low-budget organizations, and nonprofits, we will offer a community tier, sold directly by the DA. This will be effectively at cost.

●      Self-hosted version - for sites that are too large for the community tier but not hosted by our vendor partners.

●      Partner version - For sites that are hosted on vetted Drupal platform providers, who have demonstrated a commitment of contribution to the project in general and the Security Team in particular, protection will be available directly through these partners.

We will announce more details of the program over the coming weeks and months as we get it up and running.

If you are a hosting company and are interested in providing this service to your customers, please reach out to us at drupalsteward@drupal.org.


Updates to Drupal.org metrics and visualizations

Please visit our new graphical display of project usage information at:  https://www.drupal.org/project/usage/drupal. The usage graph now displays a stacked chart by version. In the long term, we have plans to revise how our usage data is tabulated to provide more accurate and useful data. 

Changes in credit attribution

We have made available by default giving commenters credit attribution as we believe comments are an important part of the development process. Although we deployed this successfully, we had to roll this back so we can refine our guidelines a bit. For now this issue is in backlog and expect to have our guidelines by the end of the year.

Introducing Community Group Sections in the Community Portal

/Community has been expanded to include more targeted sections upon landing at the /Community page. We’ve defined these sections in groups. We also have a framework that will enable these groups to tell us:

  • Who they are
  • What they do
  • How they work
  • Their latest updates
  • How you can get involved

Some of the early adopters that are now posted are:

Each section will have “standard” home page content, detailing the info above, as many content pages as the group can muster, and a blog that will go on to Drupal Planet.

Drupal 7 Extended Support - request for partners

With the upcoming release of Drupal 9 in June 2020, it's time to start thinking about migration. Drupal 7 will be supported through November 2021, but after that any end-users who haven't yet updated will want to partner with a Drupal 7 Extended Support vendor.

The Drupal Security Working Group is accepting applications for vendors who want to be part of the extended support program.

A renewed push on the Composer Initiative

At DrupalCon Seattle there was also renewed interest in the Composer Initiative—this initiative seeks to rationalize the way that Composer is used in Core, to make it easier to manage sites using Composer, and also to make it easier for sites set up using a non-Composer method to be converted to using Composer, something increasingly important as contributed modules add Composer dependencies.

———

As always, we’d like to say thanks to all the volunteers who work with us, and to the Drupal Association Supporters, who make it possible for us to work on these projects. In particular, we want to thank:

If you would like to support our work as an individual, consider becoming a member of the Drupal Association.

Follow us on Twitter for regular updates: @drupal_org, @drupal_infra