Feeds

DrupalCon Barcelona 2024 was another great Drupal community event. Discover highlights from our team's conference experiences!

Drupal 10's release date is December 14th, 2022. We took the opportunity to look for 10 things you might not know about the CMS yet. Curious? Read on!

Combining Drupal and Mautic is perfect for managing your omnichannel digital experiences. We built a plugin to allow you to send emails straight from Drupal.

Headless Drupal is an innovative way to use Drupal. In this blog we'll tell you everything you need to know about the concept, the pro's and cons and more...

In this blogpost, I'll show you how to get your meta tags working in your headless Drupal (Next.js) application.

To deliver a frictionless digital experience as efficiently as possible, headless offers you the perfect solution. In this blog we explain how we got there.

Dropsolid Experience Cloud is both capable of satisfying marketers and developers, enterprise customers, and agencies. While staying secure and compliant.

A DXP is a software to build, manage, deploy and continually optimize digital experiences across multiple channels such as websites, portals, emails and mobile.

Download from https://ftp.gnu.org/gnu/libunistring/libunistring-1.3.tar.gz

This is a stable release.

New in this release:

• The data tables and algorithms have been updated to Unicode version 16.0.0.
• New function uc_is_property_modifier_combining_mark and new constant UC_PROPERTY_MODIFIER_COMBINING_MARK.
• Fixed a bug in the *printf functions: The %ls and %lc directives could lead to a crash on Solaris and MSVC.

Join us THURSDAY, October 17 at 1pm ET / 10am PT, for our regularly scheduled call to chat about all things Drupal and nonprofits. (Convert to your local time zone.)

We don't have anything specific on the agenda this month, so we'll have plenty of time to discuss anything that's on our minds at the intersection of Drupal and nonprofits.  Got something specific you want to talk about? Feel free to share ahead of time in our collaborative Google doc: https://nten.org/drupal/notes!

All nonprofit Drupal devs and users, regardless of experience level, are always welcome on this call.

This free call is sponsored by NTEN.org and open to everyone. 

• Join the call: https://us02web.zoom.us/j/81817469653

  • Meeting ID: 818 1746 9653
    Passcode: 551681

  • One tap mobile:
    +16699006833,,81817469653# US (San Jose)
    +13462487799,,81817469653# US (Houston)

  • Dial by your location:
    +1 669 900 6833 US (San Jose)
    +1 346 248 7799 US (Houston)
    +1 253 215 8782 US (Tacoma)
    +1 929 205 6099 US (New York)
    +1 301 715 8592 US (Washington DC)
    +1 312 626 6799 US (Chicago)

  • Find your local number: https://us02web.zoom.us/u/kpV1o65N

• Follow along on Google Docs: https://nten.org/drupal/notes

View notes of previous months' calls.

Project: Drupal coreDate: 2024-October-16Security risk: Moderately critical 13 ∕ 25 AC:Basic/A:None/CI:None/II:All/E:Theoretical/TD:UncommonVulnerability: Improper error handlingAffected versions: >=10.0 < 10.2.10Description: 

Under certain uncommon site configurations, a bug in the CKEditor 5 module can cause some image uploads to move the entire webroot to a different location on the file system. This could be exploited by a malicious user to take down a site.

The issue is mitigated by the fact that several non-default site configurations must exist simultaneously for this to occur.

Solution: 

Install the latest version:

• If you are using Drupal 10.2, update to Drupal 10.2.10.
• Drupal 10.3 and above are not affected, nor is Drupal 7.

All versions of Drupal 10 prior to 10.2 are end-of-life and do not receive security coverage. (Drupal 8 and Drupal 9 have both reached end-of-life.)

This advisory is not covered by Drupal Steward.

Reported By: 

• Pierre Rudloff

Fixed By: 

• catch of the Drupal Security Team
• Lee Rowlands of the Drupal Security Team
• Benji Fisher of the Drupal Security Team
• Kim Pepper
• Wim Leers
• xjm of the Drupal Security Team

Coordinated By: 

• xjm of the Drupal Security Team
• Dave Long of the Drupal Security Team
• Juraj Nemec of the Drupal Security Team

For the last year, Thibaud Colas and I have had a weekly DSF co-working session — we get on a video call and spend an hour quietly working together on DSF things. It's worked well to help us carve out time to work on DSF initiatives, so we'd like to expand into an open-to-everyone weekly "office hours" format.

These will be Wednesdays at 6PM UTC (convert to other time zones). (Yes, that means the first one will be in just about 4 hours, short notice I know, so maybe mark it down for next week.)

All you need to do is bring something DSF-related to work on. This is intentionally broad, as long as it's vaguly DSF-related you're welcome to come. It's not a general-purpose Django coding session (you're welcome to be writing code but it should be related the DSF, e.g. working on djangoproject.com or something.)

This week and next, we'll probably be focusing on nominations for the DSF Board -- nominations close October 25th.

For now, we're deliberately not publishing the video call information publicly — we're a bit worried about spammers and scammers. So if you want to join, you'll need to contact the board, or someone on the board, to get the info. You can use the DSF contact form, and anyone's welcome to contact me directly: — email jacob@djangoproject.com, Signal jacobian.01, or @jacob@jacobian.org on Mastodon.

(Yes, this introduces some friction which is at odds with the "everyone's welcome" ethos. If/when we figure out a better way to moderate these calls, we'll change this.)

I look forward to seeing you there!

Reading and writing files is a basic task that most software applications need to do. You will also find that you sometimes need to read and write files to a remote machine or perhaps run commands on a remote machine as well. Python is well-suited for this type of activity using tools such as Paramiko. However, in this tutorial, you will spend some time learning how to use a different package called Fabric.

Fabric is a high-level Python package designed especially to execute shell commands remotely over SSH and then yielding useful Python objects in return. This article will focus on the latest version of Fabric, which is 3.2.2 at the time of writing.

Getting Fabric

Fabric is a third party package. That means you need to install Fabric to be able to use it. Fortunately, you can use Python’s pip tool to do so.

Open up a terminal application and run the following command:

python -m pip install fabric

If you don’t want to clutter up your main Python environment, then you should use a Python virtual environment. You can learn more about those in An Intro to Python Virtual Environments.

Once you are finished installing Fabric, you can move on to learning how to use it!

Connecting to the Server with Fabric

The Fabric documentation uses the following as a super simple example of running a command on a remote machine using SSH:

from fabric import Connection result = Connection('web1.example.com').run('uname -s', hide=True)

You only need two lines of code to start running commands on a remote machine. But what if the remote machine requires credntials?

In that case, you need to create a Config object and update your instantiation of Connection like this:

from fabric import Connection, Config config = Config(overrides={"sudo": {"password": "MyAmazingPassword123"}}) conn = Connection("mike@10.10.166.128:22", connect_kwargs={"password": "MyAmazingPassword123!"}, config=config)

If you have a machine that uses an SSH key pair, you can use this alternate connect_kwargs dictionary:

connect_kwargs={ "key_filename": "/home/myuser/.ssh/private.key", }

Then simply update the call to Connection and you’re good to go.

Running Commands with Fabric

Now that you have the knowledge needed to connect to the remote machine, you probably want to start running more complex commands. Here is an example of running a ping command:

from fabric import Connection, Config config = Config(overrides={"sudo": {"password": "MyAmazingPassword123"}})  conn = Connection("mike@10.10.166.128:22", connect_kwargs={"password": "MyAmazingPassword123!"}, config=config) conn.run("ping -c 2 www.google.com")

What if you want to be able to use the super user (i.e. root) when running a command? Fabric makes that easy by using the sudo() method:

from fabric import Connection, Config config = Config(overrides={"sudo": {"password": "MyAmazingPassword123"}})  conn = Connection("mike@10.10.166.128:22", connect_kwargs={"password": "MyAmazingPassword123!"}, config=config) conn.sudo("systemctl restart nfs-kernel-server") Transferring Files with Fabric

If you want to download a file from a remote machine, Fabric makes this rudimentary task even easier. Here’s how to do it:

from fabric import Connection, Config config = Config(overrides={"sudo": {"password": "MyAmazingPassword123"}})  conn = Connection("mike@10.10.166.128:22", connect_kwargs={"password": "MyAmazingPassword123!"}, config=config) conn.get("remote_file_path", "local_file_path")

Note that all you need to do is call get() while specifying the location of the remote file that you want for the first argument and the local path for where you want to download the file as the second argument.

Sending a file to the remote server is done using the put() method:

from fabric import Connection, Config config = Config(overrides={"sudo": {"password": "MyAmazingPassword123"}})  conn = Connection("mike@10.10.166.128:22", connect_kwargs={"password": "MyAmazingPassword123!"}, config=config) conn.put("local_file_path", "remote_file_path")

You reverse the arguments for put() versus get(). The local path is passed in first, followed by the remote location that you want to upload to.

But what if you want to upload to a restricted area of the file system on the remote machine? You know, like to the etc folder or any of the other root-owned folders?

Fabric doesn’t have a built-in way to do that. Instead you use a two-step process:

• Upload the file to a directory that your user owns
• Then use sudo() to move the file to the restricted location

Here’s an example:

from fabric import Connection, Config config = Config(overrides={"sudo": {"password": "MyAmazingPassword123"}})  conn = Connection("mike@10.10.166.128:22", connect_kwargs={"password": "MyAmazingPassword123!"}, config=config) # Send the file to a user directory conn.put("local_file_path", "remote_file_path") # Use sudo to move that file to a root location conn.sudo("mv remote_file_path root_location_path") Wrapping Up

Fabric is a great tool that greatly simplifies running SSH commands on remote computers. If you know how to use common Linux commands or know Python well, you can do lots of different things. For example, you could even upload a Python script to the remote server, run it, and then remove the file. At that point, you could do just about anything that you needed to.

Give Fabric a try and see what you can do!

The post SSH Scripting with Fabric and Python appeared first on Mouse Vs Python.

Structural pattern matching is a powerful control flow construct invented decades ago that’s traditionally used by compiled languages, especially within the functional programming paradigm.

Most mainstream programming languages have since adopted some form of pattern matching, which offers concise and readable syntax while promoting a declarative code style. Although Python was late to join the party, it introduced structural pattern matching in the 3.10 release.

In this tutorial, you’ll:

• Master the syntax of the match statement and case clauses
• Explore various types of patterns supported by Python
• Learn about guards, unions, aliases, and name binding
• Extract values from deeply nested hierarchical data structures
• Customize pattern matching for user-defined classes
• Identify and avoid common pitfalls in Python’s pattern matching

To get the most out of this tutorial, you should have a basic understanding of conditional statements, loops, functions, and classes in Python. Additionally, familiarity with Python’s built-in data structures, such as tuples, lists, and dictionaries, will be beneficial.

Get Your Free Code: Click here to download the free sample code that shows you how to use structural pattern matching in Python.

Take the Quiz: Test your knowledge with our interactive “Structural Pattern Matching” quiz. You’ll receive a score upon completion to help you track your learning progress:

Interactive Quiz

Structural Pattern Matching

In this quiz, you'll test your understanding of structural pattern matching in Python. This powerful control flow construct, introduced in Python 3.10, offers concise and readable syntax while promoting a declarative code style.

Getting to Know Structural Pattern Matching

Before taking advantage of structural pattern matching in your code, make sure that you’re running Python 3.10 or later, as you won’t be able to use it in earlier Python versions. Note that although the name structural pattern matching is often shortened to just pattern matching, the qualifier structural is crucial to understanding the use cases for this feature. In this section, you’ll get a high-level overview of structural pattern matching.

What Is Pattern Matching?

You can think of pattern matching as a form of syntactic sugar built on top of existing language constructs, including conditional statements and tuple unpacking. While you can absolutely live without pattern matching, it gives you new superpowers, making this feature more convenient than the conventional syntax in some situations.

Pattern matching often leads to more elegant, concise, and readable code written in a declarative style. To get a taste of it, take a quick look at the following example without trying to fully understand how it works just yet:

Python import json def log(event): match json.loads(event): case {"keyboard": {"key": {"code": code}}}: print(f"Key pressed: {code}") case {"mouse": {"cursor": {"screen": [x, y]}}}: print(f"Mouse cursor: {x=}, {y=}") case _: print("Unknown event type") Copied!

The match statement takes a subject, which can be any valid Python expression, such as a string literal or a function call, and compares the resulting value to one or more patterns listed in the case clauses. The first pattern that matches the given subject will trigger the corresponding case block to run. You’ll learn more about the match statement and case clauses later in this tutorial.

At first glance, the syntax of structural pattern matching in Python looks a bit like the switch statement found in the C-family programming languages if you squint your eyes:

C void log_event(enum Event event) { switch (event) { case KEYBOARD: printf("Keyboard event\n"); break; case MOUSE: printf("Mouse event\n"); break; default: printf("Unknown event\n"); } } Copied!

This resemblance is deceptive, though. The classic switch statement controls the execution flow based on the exact value stored in a variable. It effectively works as a chained sequence of mutually exclusive if..elif... equality comparisons, but with a more succinct and readable syntax.

Although you can use pattern matching this way, you’d be missing out on its true power and flexibility. Structural pattern matching was designed to go beyond value comparisons. In particular, it combines conditional statements or branching based on a logical predicate with destructuring or object deconstruction, which is the inverse of object construction. You’ll see examples of destructuring in the next section.

Note: Because pattern matching does two things at once, the Python interpreter can take advantage of this to optimize the underlying bytecode with specialized opcodes, making the code run slightly faster.

The brief code snippet above merely scratches the surface of what you can achieve with pattern matching, but it already shows you its expressiveness, especially when you compare it with the traditional if...elif... statements and isinstance() checks. Here’s one of the many ways you can implement the equivalent logic using standard Python:

Python import json def log(event): parsed_event = json.loads(event) if ( "keyboard" in parsed_event and "key" in parsed_event["keyboard"] and "code" in parsed_event["keyboard"]["key"] ): code = parsed_event["keyboard"]["key"]["code"] print(f"Key pressed: {code}") elif ( "mouse" in parsed_event and "cursor" in parsed_event["mouse"] and "screen" in parsed_event["mouse"]["cursor"] ): screen = parsed_event["mouse"]["cursor"]["screen"] if isinstance(screen, list) and len(screen) == 2: x, y = screen print(f"Mouse cursor: x={x}, y={y}") else: print("Unknown event type") else: print("Unknown event type") Copied!

This code is functionally identical to the previous version but is longer and has more indentation levels than before. Additionally, it looks more verbose and imperative in style, describing not only what to do but also how to perform the individual steps. Granted, you could try making it slightly shorter by using the Walrus operator and following the EAFP principle without explicit checks, but it’d remain somewhat convoluted.

It’s worth noting that structural pattern matching first emerged in compiled functional languages with static typing. The attempt to implement it in Python, which is a dynamic language, presented completely new and unique challenges. You can read more about them in the paper entitled Dynamic Pattern Matching with Python, which was co-authored by Guido van Rossum and published in the proceedings of the Dynamic Languages Symposium in 2020.

Now that you’ve seen the most basic form of pattern matching in Python, it’s time to unravel the meaning of a structural pattern.

What Is a Structural Pattern? Read the full article at https://realpython.com/structural-pattern-matching/ »

[ Improve Your Python With 🐍 Python Tricks 💌 – Get a short & sweet Python Trick delivered to your inbox every couple of days. >> Click here to learn more and see examples ]

If you are searching for the best content management system or CMS, then Drupal is the one that can power your website. In case you have not looked into Drupal before this, then you might not know its perks. 

Well, do not worry, in this read, you are going to learn about the benefits of using Drupal for your website development. Whether you are an individual, agency, small business, or enterprise, with Drupal you can now create powerful websites and apps.

Top 10 Benefits Of Using Drupal For Your Website Development 

There are many advantages of using Drupal for your website development. Let us delve more into it.

 

We are excited to announce the newly elected leaders for the ClearlyDefined Steering and Outreach Committees!

What is ClearlyDefined?

ClearlyDefined is an Open Source project dedicated to improving the clarity and transparency of Open Source licensing and security data. By harvesting, curating, and sharing essential metadata, ClearlyDefined helps developers and organizations better understand their software components, ensuring responsible and compliant use of Open Source code.

Steering Committee Election Results:

Congratulations to E. Lynette Rayle (GitHub), Qing Tomlinson (SAP), and Jeff Mendoza (Kusari/GUAC) for being elected to the ClearlyDefined Steering Committee. These three community leaders will serve a one-year term starting on September 25, 2024. Following election recommendations, the Steering Committee is structured to have an odd number of members (three in this case) and a maximum of one member per company. Lynette Rayle was elected chair of the committee.

The Steering Committee is primarily responsible for setting the project’s technical direction. They oversee processes such as data harvesting, curation, and contribution, ensuring that the underlying architecture functions smoothly. Their focus is on empowering the community, supporting the contributors and maintainers, and fostering collaboration with related projects.

E. Lynette Rayle is a Senior Engineer at GitHub and has been working on ClearlyDefined as a maintainer for just over a year.  GitHub is using ClearlyDefined data in several capacities and has a strong stake in ensuring successful outcomes in data quality, performance, and sustainability.

Qing Tomlinson is a Senior Developer at SAP and has been contributing to the ClearlyDefined project since November 2021.  SAP has been actively engaged in the ClearlyDefined project since its inception, utilizing the data and actively contributing to its curation. The quality, performance, and long-term viability of the ClearlyDefined project are of utmost importance to SAP.

Jeff Mendoza is a Software Engineer at Kusari, a software supply chain security startup. He is a maintainer of the OpenSSF GUAC project, which consumes ClearlyDefined data. Formerly, Jeff was a full time developer on ClearlyDefined. Jeff brings experience from both the sides of the project, developer and consumer.

Outreach Committee Election Results:

We are also thrilled to announce the election of Jeff Luszcz (GitHub), Alyssa Wright (Bloomberg), Brian Duran (SAP), and Nick Vidal (Open Source Initiative) to lead the ClearlyDefined Outreach Committee. They began their one-year term on October 7, 2024. Unlike the Steering Committee, the Outreach Committee has four members, following a consensus reached at the Community meeting that an even number of members is acceptable since tie-breaking votes are less likely. The elected members will select their Chair soon and may also invite other community members to participate.

The Outreach Committee focuses on promoting the project and growing its community. Their responsibilities include organizing events, creating educational materials, and managing communications across various channels, including blogs, social media, and webinars. They help ensure that more users and contributors engage with ClearlyDefined and understand its mission.

Jeff Luszcz is Staff Product Manager at GitHub. Since 2004, he has helped hundreds of software companies understand how to best use open source while complying with their license obligations and keeping on top of security issues.

Alyssa Wright helps lead Bloomberg’s Open Source Program Office in the Office of the CTO, which is the center of excellence for Bloomberg’s engagements with and consumption of open source software.

Brian Duran leads the implementation strategy for adoption of ClearlyDefined within SAP’s open source compliance teams. He has a combined 12 years of experience in open-source software compliance and data quality management.

Nick Vidal is Community Manager at the Open Source Initiative and former Outreach Chair at the Confidential Computing Consortium from the Linux Foundation. Previously, he was the Director of Community and Business Development at the Open Source Initiative and Director of Americas at the Open Invention Network.

Get Involved!

We encourage everyone in the ClearlyDefined community to get involved! Whether you’re a developer, data curator, or simply passionate about Open Source software, your contributions are invaluable. Join the conversation, attend meetings, and share your ideas on how to improve and grow the project. Reach out to the newly elected committee members or participate in our upcoming community events.

Let’s work together to drive the ClearlyDefined mission forward! Stay tuned for more updates and opportunities to participate as the committees continue their important work.

In this article, I’ll show you how to build a system to keep track of your company assets using Drupal. This system allows you to easily create and manage an equipment list with resources such as laptops, phones, monitors, or desks that are assigned to employees. It’s ideal for remote or hybrid companies, where control over issued equipment is crucial. Read the blog post or watch an episode of the “Nowoczesny Drupal” series (the video is in Polish).

You have likely upgraded Drupal to version 10.3.0 and noticed a new message in the reports regarding the State Cache:

Image

The message reads as follows:

The State Cache flag $settings['state_cache'] is not enabled. It is recommended to enable it in settings.php unless too many keys are stored. Starting with Drupal 11, State Cache will be enabled by default.

What is the State API?

Let's begin by understanding what the State API is. The State API in Drupal is a system that allows the storage and retrieval of small data fragments that are necessary for site operation but are not part of the overall configuration. Unlike the Config API, which focuses on data that must be consistent across different environments (like production, development, etc.), the State API is intended for environment-specific data that can change more dynamically and do not need to be synchronized across different environments.

Why does it…

25 the number says well into adulthood. Aviral pointed that I have already passed 33% mark in my life, which does hits different.

I had to keep reminding myself about my upcoming birthday. It didn’t felt like birthday month, week or the day itself.

My writings took a long hiatus starting this past year. The first post came out in May and quite a few people asked about the break. Hiatus had its own reasons, but restarting became harder each passing day afterward. Preparations for DebConf24 helped push DebConf23 (first post this year) out of the door, after which things were more or less back on track on the writing front.

Recently, I have picked the habit of reading monthly magazines. When I was a child, I used to fancy seeing all the magazines on stationary and bookshops and thought of getting many when I’m older. Seems like that was the connection, and now I’m heavily into monthly magazines and order many each month (including Hindi ones). They’re fun short reads and cover a wide spectrum of topics.

Travelling has become the new found love. I got the opportunity to visit a few new cities like Jaipur, Meerut, Seoul and Busan. My first international travel showed me how a society which cares about the people’s overall wellbeing turns out to be. Going in foreign land, expanded the concept of everything for me. It showed the beauty of silence in public places. Also, re-visited Bengaluru, which felt good with its good weather and food.

It has become almost become tradition to attend a few events. Jashn-e-Rekhta, DebConf, New Delhi World Book Fair, IndiaFOSS and FoECon. It’s always great talking to new and old folks, sharing and learning about ideas. It’s hard for an individual to learn, grow and understand the world in a silo. Like I keep on saying about Free Software projects, it’s all about the people, it’s always about the people. Good and interesting people keep the project going and growing. (Side Note - it’s fine if a project goes. Things are not meant to last a perpetuity. Closing and moving on is fine). Similarly, I have been trying to attend Jaipur Literature Festival since a while but failing. Hopefully, I would this time around.

Expanding my Free Software Mirror to India was a big highlight this year. The mirror project now has 3 nodes in India and 1 in Germany, serving almost 3-4 TB of mirror traffic daily. Increasing the number of Software mirrors in India was and still is one of my goals. Hit me up if you want to help or setup one yourself. It’s not that hard now actually, projects that require more mirrors and hosting setup has already been figured out.

One realization I would like to mention was to amplify/support people who’re already doing (a better job) at it, rather than reinventing the wheel. A single person might not be able to change the world, but a bunch of people experimenting and trying to make a difference certainly would.

Writing 25 was felt harder than all previous years. It was a traditional year with much internal growth due to experiencing different perspectives and travelling.

To infinity and beyond!

A new Craft cache has just been published. The update is already available for KDE's CD, CI (Windows/Android) will follow in the next days.

Please note that this only applies to the Qt6 cache. The Qt5 cache is in LTS mode since April 2024 and does not recieve major updates anymore.

Changes (highlights) Craft Core

• Drop Python2 support
• Require at least Python 3.9

Blueprints

• Qt 6.8.0
• FFmpeg 7.1
• Kirigami Addons 1.5.0
• KDE Frameworks 6.7.0
• KDE Plasma 6.2.0
• Removed snoregrowl
• Removed ctemplate

About KDE Craft

KDE Craft is an open source meta-build system and package manager. It manages dependencies and builds libraries and applications from source on Windows, macOS, Linux, FreeBSD and Android.

Learn more on https://community.kde.org/Craft or join the Matrix room #kde-craft:kde.org