Language Selection

English French German Italian Portuguese Spanish

Drupal

Jeffrey McGuire From Acquia Explains Drupal 8, the GPL, and Much More

Filed under
Interviews
Drupal

Jeffrey McGuire

Tux Machines has run using Drupal for nearly a decade (the site is older than a decade) and we recently had the pleasure of speaking with Jeffrey A. "jam" McGuire, Open Source Evangelist at Acquia, the key company behind Drupal (which the founder of Drupal is a part of). The questions and answers below are relevant to many whose Web sites depend on Drupal.

1) What is the expected delivery date for Drupal 8 (to developers) and what will be a good point for Drupal 6 and 7 sites to advance to it?

 

Drupal 8.0.0 beta 1 came out on October 1, 2014, during DrupalCon Amsterdam. It’s a little early for designers to port their themes, good documentation to be written, or translators to finalise the Drupal interface in their language – some things are still too fluid. For coders and site builders, however, it’s a great time to familiarise yourself with the new system and start porting your contributed modules. Read this post by Drupal Project Lead, Dries Buytaert; it more thoroughly describes who and what the beta releases are and aren’t good for: “Betas are good testing targets for developers and site builders who are comfortable reporting (and where possible, fixing) their own bugs, and who are prepared to rebuild their test sites from scratch when necessary. Beta releases are not recommended for non-technical users, nor for production websites.”

 

With a full Release Candidate or 8.0.0 release on the cards for some time in 2015, now is the perfect time to start planning and preparing your sites for the upgrade to Drupal 8. Prolific Drupal contributor Dave Reid gave an excellent session at DrupalCon Amsterdam, “Future-proof your Drupal 7 Site”, in which he outlines a number of well-established best practices in Drupal 7 that will help you have a smooth migration when it is time - as well as a number of deprecated modules and practices to avoid.

 

2) What is the importance of maintaining API and module compatibility in future versions of Drupal and how does Acquia balance that with innovation that may necessitate new/alternative hooks and functions?

 

The Drupal community, which is not maintained or directed by Acquia or any company, has always chosen innovation over backward compatibility. Modules and APIs of one version have never had to be compatible with other versions. The new point-release system that will be used from Drupal 8.0.0 onwards - along with new thinking among core contributors and the broader community - may change this in future. There has been discussion, for example, of having APIs valid over two releases, guaranteeing that a Drupal 8 module would still work in Drupal 9 and that a Drupal 9 module would work in Drupal 10. Another possibility is that this all may be obviated in the future as moves toward broad intercompatibility in PHP lead to the creation of PHP libraries with Drupal implementations rather than purely Drupal modules.

 

3) Which Free/libre software project do you consider to be the biggest competitor of Drupal?

 

The “big three” FOSS CMSs – Drupal, Wordpress, and Joomla! – seem to have settled into roughly defined niches. There is no hard and fast rule to this, but Wordpress runs many smaller blogs and simpler sites; Joomla! projects fall into the small to medium range; and Drupal projects are generally medium to large to huge and complex. Many tech people with vested interests in one camp or another may identify another project as “frenemies” and compete with these technologies when bidding for clients, but the overall climate between the various PHP and open source projects is friendly and open. Drupal is one of the largest free/libre projects out there and doesn’t compete with other major projects like Apache, Linux, Gnome, KDE, or MySQL. Drupal runs most commonly on the LAMP stack and couldn’t exist or work at all without these supporting free and open source technologies.

 

NB – I use the term “open source” as synonymous shorthand for “FOSS, Free and Open Source Software, and/or Free/libre software”.

 

4) Which program -- proprietary or Free/libre software -- is deemed the biggest growth opportunity for Drupal?

 

Frankly, all things PHP. Drupal’s biggest growth opportunity at present is its role as an innovator and “meta-project” in the current “PHP Renaissance”. While fragmented at times in the past, the broader PHP community is now rallying around common goals and standards that allow for extensive compatibility and interoperability between projects. For the upcoming Drupal 8 release, the project has adopted object-oriented coding, several components from the Symfony2 framework, a more up-to-date minimum version of PHP (5.4 as of October 2014), and an extensive selection of external libraries.

 

On the one hand, Drupal being at the heart of the action in PHP-Land allows it and its community of innovators to make a more direct impact and spread its influence. On the other hand, it is now also able to attract even more developers from a variety of backgrounds to use and further develop Drupal. A Symfony developer (who has had a client website running on Drupal 8 since summer 2014) told me that looking under the hood in Drupal 8, “felt very familiar, like looking at a dialect of Symfony code.”

 

NB – I use the term “open source” as synonymous shorthand for “FOSS, Free and Open Source Software, and/or Free/libre software”.

5) To what degree did Drupal succeed owing to the fact that Drupal and all contributed files are licensed under the GNU GPL (version 2 or 3)?

 

“Building on the shoulders of giants” is a common thread in free and open source software. The GPL licenses clearly promote a culture of mutual sharing. This certainly applies to Drupal, where I can count on huge advantages thanks to benefitting from more than twelve years of development, 100k+ active users, running something like 2% of the Web for thousands of businesses, and millions of hours of coding and best practices by tens of thousands of active developers. Our code being GPL-licensed and collected in a central repository on Drupal.org has allowed us to build upon the strengths of each other’s work in a Darwinian environment (”bad code dies or gets fixed” - Jeff Eaton) where the best code rises to the top and becomes even better thanks to the attention of thousands of site owners and developers. The same repository has contributed to a reputation economy where bad actors and dubious or dangerous code has little chance of survival.

 

The GPL 2 is business friendly in that the license specifically allows for commercial activity and has been court tested. As a result, there is very little legal ambiguity in adopting GPL-licensed code. It also makes clear cases for when code needs to be shared as open source and when it doesn't (allowing for sites to use Drupal but still have "proprietary" code). The so-called “Web Services Loophole” caused some controversy and discussion, but also opened the way to SaaS products being built on free/libre GPL code. Drupal Project Lead Dries Buytaert explained this back in 2006 (read the full post here):

 

“The General Public License 2 (GPL 2), mandates that all modifications also be distributed under the GPL. But when you are providing a service through the web using GPL'ed software like Drupal, you are not actually distributing the software. You are providing access to the software. Thus, a way to make money with Drupal is to sell access to a web service built on top of Drupal. This is commonly referred to as the web services loophole.”

 

Business models remain challenging in a GPL world; nothing is stopping me from selling you GPL code, but nothing is stopping you from passing it on to anyone else either. App stores, for example, are next to impossible to realise under these conditions. Most Drupal businesses are focused on value add services like site building, auditing and consulting of various kinds, hosting, and so on, with a few creating SaaS or PaaS offerings of one kind or another.

 

NB – I use the term “open source” as synonymous shorthand for “FOSS, Free and Open Source Software, and/or Free/libre software”.

 

6) What role do companies that build, maintain and support Drupal sites play in Acquia's growth and in Drupal's growth?

 

Acquia was the first company to offer SLA-based commercial support for Drupal (a Service Level Agreement essentially says, “In return for your subscription, Acquia promises to respond to your problems within a certain time and in a certain manner”). The specifics of response time and action vary according to the level of subscription, but these allowed a new category of customer to adopt Drupal: The Enterprise.

 

Enterprise adoption – think Whitehouse.gov, Warner Music, NBC Universal, Johnson & Johnson – of Drupal resulted in increased awareness and therefore even further increased adoption (and improvement) of the platform over time. Everyone who delivers a successful Drupal project for happy clients improves Drupal for everyone else involved. The more innovative projects there are, the more innovation flows back into our codebase. The more happy customers there are, the more likely their peers are to adopt Drupal, too. Finally, the open source advantage also comes into play: it behooves Drupal service providers to give the best possible service and deliver the highest-quality sites and results. If they don’t, there is no vendor lock-in and being open source at scale also means you can find another qualified Drupal business to work with if it becomes necessary. Acquia and the whole, large Drupal vendor ecosystem simultaneously compete, cooperatively grow the project (in code and happy customer advocates), and act as each other’s safety net and guarantors.

 

NB – I use the term “open source” as synonymous shorthand for “FOSS, Free and Open Source Software, and/or Free/libre software”.

 

7) How does Acquia manage and coordinate the disclosure of security vulnerabilities, such as the one disclosed on October 15th?

Acquia as an organisation is an active, contributing member of the Drupal community and it adheres strictly to the Drupal project’s security practices and guidelines, including the Drupal project’s strict procedure for reporting security issues. Many of Acquia’s technical employees are themselves active Drupal contributors; as of October 2014, ten expert Acquians also belong to the Drupal Security Team. Acquia also works closely with other service providers, whether competitors or partners, in the best interests of all of us who use and work with Drupal. This blog post, “Shields Up!”, by Moshe Weizman explains how Acquia, in cooperation with the Drupal Security Team and some other Drupal hosting companies, dealt with the recent “Drupalgeddon” security vulnerability.

First open source enterprise resource planning app for Drupal unveiled

Filed under
OSS
Drupal

ERPAL for Service Providers is the world's first open source ERP built on Drupal, a popular content management system.

Read more

Is Your Small Business Website Like a Bad First Date?

Filed under
OSS
Drupal
Web

Open source platforms like Drupal and WordPress provide a backend framework that small businesses can use to build and customize their websites while managing key functions like registration, system administration, layout and RSS. Users can also create their own modules to enable new functions or change the website's look and feel.

Smaller companies can use open source content management systems (CMS) to reduce or eliminate the need for coding while delivering rich media online, including text, graphics, video and audio. They can use open source assets to create responsive design sites that optimize content for viewing across multiple device types, including smartphones, tablets and laptops, while eliminating the need to scroll from side to side.

With open source tools available to help small businesses establish an online presence with robust front and backend functions quickly and affordably, there's never been a better time to focus on content excellence. And the best way to do that is to concentrate on the customer. Engage with your target customers and find out what they value the most. Use that information to develop your content, and speak directly to your customers' needs.

Read more

Acquia to deliver government's cloud-hosted, open source CMS

Filed under
Drupal

Boston-headquartered Drupal services company Acquia will deliver the federal government’s govCMS project.

The project to create a standard content management system for federal government agencies was announced in May.

Read more

3 Drupal education distros reviewed

Filed under
Drupal

Drupal is a powerful and flexible open source content management system that powers a large number of sites on the Internet. Drupal's flexibility means that sites built with Drupal can vary widely in form and function. In most cases, this flexibility is a benefit, but it can sometimes also be overwhelming. Growing a Drupal powered website from Drupal Core to a finished, customized site, by selecting from a wide variety of modules and themes, can be a complicated and time consuming process.

Read more

Cloud, open source power TransLink's Web presence

Filed under
OSS
Drupal

It was an aging bespoke application that drove TransLink to seek a new content management system, but it was the strength of the community surrounding the open source project that helped the Queensland public transport agency choose Drupal.

Prior to the switch to Drupal, which began last year, the former TransLink site was partly based on static files and partly on a "home-grown CMS that managed a lot of our custom content such as service disruption and events, so that we could do a little bit of distributed authoring within the organisation," said Natalie Gorring, manager, online products and services, at TransLink.

Read more

Introduction to 4 Open Source CMS

Filed under
OSS
Drupal

A content management system (CMS is a computer application that allows publishing, editing and modifying content, organizing, deleting as

well as maintenance from a central interface. CMS’s are often used to run websites containing blogs, news, and shopping. Many corporate and marketing websites use CMS’s. CMS’s typically aim to avoid the need for hand coding, but may support it for specific elements or entire pages.

Read more

How Card.com Is Securing Itself and Its Users With Open Source

Filed under
OSS
Drupal
Security

"We're heavily involved in Drupal. I'm a member of the Drupal security team and the former lead of the team for over two years," Knaddison said. "So it's an area where we have a fair amount of expertise and depth, and we feel that our situation is best served by fixing vulnerabilities directly in the software itself."

Read more

3 open source content management systems compared

Filed under
OSS
Drupal

Whether you need to set up a blog, a portal for some specific usage, or any other website, which content management system is right for you? is a question you are going to ask yourself early on. The most well-known and widely used open source content management system (CMS) platforms are: Joomla, Wordpress, and Drupal. They are all based on PHP and MySQL and offer a wide range of options to users and developers alike.

Read more

PBJ100: No. 9 ThinkShout leans on the open source movement for growth

Filed under
OSS
Drupal

How has operating in the Portland area worked to your advantage? Portland is a hotbed of technical innovation, and open source in particular. It’s also fast becoming a hub for Drupal, the open source framework we use for many of our projects. Finally, Portland is a magnet for people who care about more than just a paycheck. Our team is made up of folks who care as much, if not more, about the nonprofits we’re helping as the technology we use and user experiences we craft.

Read more

Syndicate content

More in Tux Machines

Leftovers: OSS and Sharing

  • Making your OpenStack monitoring stack highly available using Open Source tools
    Operators tasked with maintaining production environments are relying on monitoring stacks to provide insight to resource usage and a heads-up to threats of downtime. Perhaps the most critical function of a monitoring stack is providing alerts which trigger mitigation steps to ensure an environment stays up and running. Downtime of services can be business-critical, and often has extremely high cost ramifications. Operators working in cloud environments are especially reliant on monitoring stacks due to the increase in potential inefficiency and downtime that comes with greater resource usage. The constant visibility of resources and alerts that a monitoring stack provides, makes it a fundamental component of any cloud.
  • InfraRed: Deploying and Testing Openstack just made easier!
  • The journey of a new OpenStack service in RDO
    When new contributors join RDO, they ask for recommendations about how to add new services and help RDO users to adopt it. This post is not a official policy document nor a detailed description about how to carry out some activities, but provides some high level recommendations to newcomers based on what I have learned and observed in the last year working in RDO.
  • Getting to know the essential OpenStack components better
  • Getting to know core components, speed mentoring, and more OpenStack news
  • Testing LibreOffice 5.3 Notebookbar
    I teach an online CSCI class about usability. The course is "The Usability of Open Source Software" and provides a background on free software and open source software, and uses that as a basis to teach usability. The rest of the class is a pretty standard CSCI usability class. We explore a few interesting cases in open source software as part of our discussion. And using open source software makes it really easy for the students to pick a program to study for their usability test final project.
  • [Older] Drupal member sent out after BDSM lifestyle revealed

    Drupal, like many other open source projects, has a stated goal of welcoming and accepting all people, no matter their heritage, culture, sexual orientation, gender identity or other factors.

  • Controversy Erupts in Open-Source Community After Developer's Sex Life Made Public
    Drupal is a popular open-source content-management system, used to build websites. Like many other open-source projects, Drupal is guided by several committees that are supposed to be accountable to the community and its code of conduct, which enshrines values like "be considerate" and "be respectful." Also like many other open-source projects, Drupal attracts all sorts of people, some of whom are eclectic. Last week, under murky circumstances, Drupal creator Dries Buytaert banned one of the project's technical and community leaders, Larry Garfield. Buytaert attributed the decision to aspects of Garfield's private sex life. Many Drupal users and developers are up in arms about the perceived injustice of the move, exacerbated by what they see as a lack of transparency.
  • HospitalRun: Open Source Software for the Developing World
    When open source software is used for global health and global relief work, its benefits shine bright. The benefits of open source become very clear when human health and human lives are on the line. In this YouTube video, hear Harrisburg, Pennsylvania software developer Joel Worrall explain about HospitalRun software – open source cloud-based software used at developing world healthcare facilities.
  • Scotland emphasises sharing and reuse of ICT
    Scotland’s public administrations should focus on common, shared technology platforms, according to the new digital strategy, published on 22 March. The government says it wants to develop “shared infrastructure, services and standards in collaboration with our public sector partners, to reduce costs and enable resources to be focused on front-line services.”
  • [Older] OpenSSL Re-licensing to Apache License v. 2.0 To Encourage Broader Use with Other FOSS Projects and Products

    OpenSSL Launches New Website to Organize Process, Seeks to Contact All Contributors

  • Austria state secretary promotes open data
    The State Secretary at Austria’s Federal Chancellery, Muna Duzdar, is encouraging the making available of government data as open data. “The administration must set an example and support the open data culture by giving society its data back”, the State Secretary for Digitalisation said in a statement.
  • Study: Hungary should redouble open data initiatives
    The government of Hungary should redouble its efforts to make public sector information available as open data, and actively help to create market opportunities, a government white paper recommends. The ‘White Paper on National Data Policy’ was approved by the government in December.
  • Williamson School Board OKs developing open source science curriculum
    Science textbooks may be a thing of the past in Williamson County Schools. The Williamson County school board approved a proposal Monday night to use open source science resources instead of science textbooks. The switch will require a team of nine teachers to spend a year developing an open source curriculum.
  • How Elsevier plans to sabotage Open Access
    It was a long and difficult road to get the major publishing houses to open up to open access, but in the end the Dutch universities got their much awaited ‘gold deal’ for open access. A recently revealed contract between Elsevier and the Dutch research institutes lays bare the retardant tactics the publishing giant employs to stifle the growth of open access.
  • #0: Introducing R^4
  • RcppTOML 0.1.2

Security Leftovers

  • Security updates for Monday
  • FedEx Will Pay You $5 to Install Flash on Your Machine
    FedEx is making you an offer you can’t afford to accept. It’s offering to give you $5 (actually, it’s a discount on orders over $30) if you’ll just install Adobe Flash on your machine. Nobody who knows anything about online security uses Flash anymore, except when it’s absolutely necessary. Why? Because Flash is the poster child for the “security-vulnerability-of-the-hour” club — a group that includes another Adobe product, Acrobat. How unsafe is Flash? Let’s put it this way: seven years ago, Steve Jobs announced that Flash was to be forever banned from Apple’s mobile products. One of the reasons he cited was a report from Symantec that “highlighted Flash for having one of the worst security records in 2009.” Flash security hasn’t gotten any better since.
  • Every once in a while someone suggests to me that curl and libcurl would do better if rewritten in a “safe language”
  • An insecure dishwasher has entered the IoT war against humanity

    Regel says that he has contacted Miele on a number of occasions about the issue, but had failed to get a response to his missives, and this has no updated information on the vulnerability.

    He added, bleakly that "we are not aware of an actual fix."

  • Monday Witness: It's Time to Reconize a Civil Right Not to be Connected
    Along with death and taxes, two things appear inevitable. The first is that Internet of Things devices will not only be built into everything we can imagine, but into everything we can't as well. The second is that IoT devices will have wholly inadequate security, if they have any security at all. Even with strong defenses, there is the likelihood that governmental agencies will gain covert access to IoT devices anyway. What this says to me is that we need a law that guarantees consumers the right to buy versions of products that are not wirelessly enabled at all.
  • Remember kids, if you're going to disclose, disclose responsibly!
    If you pay any attention to the security universe, you're aware that Tavis Ormandy is basically on fire right now with his security research. He found the Cloudflare data leak issue a few weeks back, and is currently going to town on LastPass. The LastPass crew seems to be dealing with this pretty well, I'm not seeing a lot of complaining, mostly just info and fixes which is the right way to do these things.

Lightroom and Darktable: the verdict two years after switching

In summer 2015, I posted a detailed account of my tentative switch from Windows7 and Lightroom to Linux and Darktable. This was sparked by sudden crashes that were afflicting my system, but in a deeper sense grew from frustration with Windows and, to a lesser degree, with Lightroom. Once I headed for Linux, I decided to plunge in fully and commit to using Ubuntu and free, open-source photo software for several months – at least until the end of that year. That would give me a chance to see whether I could actually run my photography business on the new system. Read more

7 Linux Mainstream Distros Alternatives

Linux Mainstream Distros are quite popular as they have a large number of developers working on them as well as a large number of users using them. In addition, these distros also have strong support system. People often search alternatives for Linux Mainstream Distros but often get confused about which is the best one for them. So listed below are 7 best Linux mainstream distros alternative choices for you. Read more