Issue 336 - April, 26th 2018

News

This vulnerability is already being exploited so hopefully you already patched your site.

The Media module has multiple security releases for the various branches currently supported.

"CKEditor, a third-party JavaScript library included in Drupal core, has fixed a cross-site scripting (XSS) vulnerability. The vulnerability stemmed from the fact that it was possible to execute XSS inside CKEditor when using the image2 plugin (which Drupal 8 core also uses)."

If you still manage a Drupal 6 site you should apply this patches to your site.

From Our Sponsor

DrupalCon

Summary of decoupled Drupal related things.

Though this is a click-bait like session title the talk and discussion is well worth watching.

Very important session by Jeff Eaton.

Articles

"These figures and graphs seem to confirm that decoupled Drupal is rapidly gaining popularity, although Drupal 8 usage still has not reached Drupal 7 level."

"This year at DrupalCon Nashville the Drupal Community awarded Kevin the Aaron Winborn award. The Aaron Winborn award is presented annually to an individual who demonstrates personal integrity, kindness, and above-and-beyond commitment to the Drupal community."

Sponsored

We recently spoke with Alex Burrows from the Digidrop agency about local development.

Tutorials

Sponsored

Learn how to create a Bootstrap theme for Drupal 8. We'll cover the process of creating a Bootstrap subtheme in Drupal 8 and how to customize it for your site's design. This on-demand webinar includes: structuring your sub-theme files, using Compass to compile CSS from SCSS, overriding Bootstrap variables & custom variables, twig template file customization and Bootstrap options for Panels, Views, Display Suite.

Projects

Releases

Podcasts