Web News

erdfisch: Drupalcon mentored core sprint - part 2 - your experience as a sprinter

Web - শনি, 05/12/2018 - 5:00পূর্বাহ্ন
Drupalcon mentored core sprint - part 2 - your experience as a sprinter 12.05.2018 Michael Lenahan Body:  Drupalcon mentored core sprint - part 2 - your experience as a sprinter

Hello! You've arrived at part 2 of a series of 3 blog posts about the Mentored Core Sprint, which traditionally takes place every Friday at Drupalcon.

If you haven't already, please go back and read part 1.

You may think sprinting is not for you ...

So, you may be the kind of person who usually stays away from the Sprint Room at Drupal events. We understand. You would like to find something to work on, but when you step in the room, you get the feeling you're interrupting something really important that you don't understand.

It's okay. We've all been there.

That's why the Drupal Community invented the Mentored Core Sprint. If you stay for this sprint day, you will be among friends. You can ask any question you like. The venue is packed with people who want to make it a useful experience for you.

Come as you are

All you need in order to take part in the first-time mentored sprint are two things:

  • Your self, a human who is interested in Drupal
  • Your laptop

To get productive, your laptop needs a local installation of Drupal. Don't have one yet? Well, it's your lucky day because you can your Windows or Mac laptop set up at the first-time setup workshop!

Need a local Drupal installation? Come to the first-time setup workshop

After about half an hour, your laptop is now ready, and you can go to the sprint room to work on Drupal Core issues ...

You do not need to be a coder ...

You do not need to be a coder to work on Drupal Core. Let's say, you're a project manager. You have skills in clarifying issues, deciding what needs to be done next, managing developers, and herding cats. You're great at taking large problems and breaking them down into smaller problems that designers or developers can solve. This is what you do all day when you're at work.

Well, that's also what happens here at the Major Issue Triage table!

But - you could just as easily join any other table, because your skills will be needed there, as well!

Never Drupal alone

At this sprint, no-one works on their own. You work collaboratively in a small group (maybe 3-4 people). So, if you don't have coding or design skills, you will have someone alongside you who does, just like at work.

Collaborating together, you will learn how the Drupal issue queue works. You will, most likely, not fix any large issues during the sprint.

Learn the process of contributing

Instead, you will learn the process of contributing to Drupal. You will learn how to use the issue queue so you can stay in touch with the friends you made today, so that you fix the issue over the coming weeks after Drupalcon.

It's never too late

Even if you've been in the Drupal community for over a decade, just come along. Jump in. You'll enjoy it.

A very welcoming place to start contributing is to work on Drupal documentation. This is how I made my first contribution, at Drupalcon London in 2011. In Vienna, this table was mentored by Amber Matz from Drupalize.Me.

This is one of the most experienced mentors, Valery Lourie (valthebald). We'll meet him again in part 3, when we come to the Drupalcon Vienna live commit.

Here's Dries. He comes along and walks around, no one takes any notice because they are too engaged and too busy. And so he gets to talk to people without being interrupted.

This is what Drupal is about. It's not about the code. It's about the people.

Next time. Just come. As a sprinter or a mentor. EVERYONE is welcome, we mean that.

This is a three-part blog post series:
Part one is here
You've just finished reading part two
Part three is coming soon

Credit to Amazee Labs and Roy Segall for use of photos from the Drupalcon Vienna flickr stream, made available under the CC BY-NC-SA 2.0 licence.

Schlagworte/Tags:  planet drupal-planet drupalcon mentoring code sprint Ihr Name Kommentar/Comment Kommentar hinzufügen/Add comment Leave this field blank
বিভাগসমূহ: Web

KnackForge: How to update Drupal 8 core?

Web - শনি, 03/24/2018 - 1:01পূর্বাহ্ন
How to update Drupal 8 core?

Let's see how to update your Drupal site between 8.x.x minor and patch versions. For example, from 8.1.2 to 8.1.3, or from 8.3.5 to 8.4.0. I hope this will help you.

  • If you are upgrading to Drupal version x.y.z

           x -> is known as the major version number

           y -> is known as the minor version number

           z -> is known as the patch version number.

Sat, 03/24/2018 - 10:31
বিভাগসমূহ: Web

Bugatti's 3D-printed titanium brake calipers are insanely cool - Roadshow

Webware - 9 ঘন্টা 18 min আগে
French automaker reveals ultra-lightweight brake components made from titanium dust and laser beams.
বিভাগসমূহ: Web

Get a folding portable Bluetooth keyboard for $16 - CNET

Webware - 9 ঘন্টা 26 min আগে
It's the lowest price to date for this super-handy phone and tablet accessory. Plus: An Apple Watch that's affordable(ish) and the probably-brief return of my favorite AIO printer.
বিভাগসমূহ: Web

Facebook seeks to train 1M Europeans on online media, safety - CNET

Webware - 9 ঘন্টা 34 min আগে
The social network is opening sites in Spain, Italy and Poland to teach media literacy and online protection.
বিভাগসমূহ: Web

Facebook admits social media is bad for democracy, sometimes - CNET

Webware - 9 ঘন্টা 36 min আগে
In a series of posts, Facebook’s leaders open up on all the ways social media can hurt politics.
বিভাগসমূহ: Web

See a creepy robot baby crawl on dirty carpet for science - CNET

Webware - 10 ঘন্টা 4 sec আগে
Babies breathe up to four times the amount of bacteria, fungus and debris, compared with adults. Should parents worry?
বিভাগসমূহ: Web

Mediacurrent: Power your Drupal 8 Project with Docksal

Web - 10 ঘন্টা 13 min আগে

Hello and welcome to my first blog post for Mediacurrent! Today’s post will be all about Docksal and how it can help you get up and running developing on Drupal 8 quickly and easily. This post was inspired by the great session I saw at DrupalCon 2017 and will explain how using Docksal will save you time getting up and running for a new Drupal development project. I’ll also talk about some of the technologies behind Docksal such as Docker and Oracle VM VirtualBox.
 

বিভাগসমূহ: Web

Microsoft adds Chemistry to Minecraft, $190 Lenovo laptop - CNET

Webware - 10 ঘন্টা 23 min আগে
Microsoft's first education announcements of 2018 run the gamut of ages and tools.
বিভাগসমূহ: Web

Kim Dotcom sues New Zealand government for up to $6.8B - CNET

Webware - 10 ঘন্টা 40 min আগে
Dotcom, founder of file-sharing site MegaUpload, is suing for damages over the destruction of his business and damage to his reputation.
বিভাগসমূহ: Web

Nissan Energy Solar plugs into home green-energy business - Roadshow

Webware - 10 ঘন্টা 41 min আগে
Japanese car company's solar and energy storage solution follows Tesla and Mercedes-Benz into the residential market.
বিভাগসমূহ: Web

Google Doodle focuses on montage pioneer Sergei Eisenstein - CNET

Webware - 12 ঘন্টা 2 min আগে
The Soviet director of "Battleship Potemkin" believed a collage of shots could be used to manipulate the audience's emotions.
বিভাগসমূহ: Web

Apple partners with Malala to support education for girls - CNET

Webware - 12 ঘন্টা 20 min আগে
Apple did not reveal a figure showing the size of its financial commitment, but it expects to double the number of grants the organization offers.
বিভাগসমূহ: Web

Amazee Labs: What the hell is GraphQL?

Web - 14 ঘন্টা 7 min আগে
What the hell is GraphQL?

With the growing popularity of GraphQL, the obligatory host of more or less founded opinions - trying to tell you that it's all just a hype - is also on the rise throughout the internet. 

Some of them have a point, some don’t, and you bet we have an opinion too.

Philipp Melab Mon, 01/22/2018 - 11:16

The end of the year is now way past us and I crunched some numbers. The most frequent question I’ve been asked was: «Philipp, could you mute yourself? Your keyboard is very loud.» But that one wouldn't promise a good blog post. So, instead, I will write about the second most frequently asked question: «Why would you use GraphQL instead of REST?»

Honestly, because I wanted to avoid a discussion, which I knew would take too long, I often gave one of the following diplomatic answers: «They serve different use cases.», «It’s a matter of taste.», «GraphQL can’t do everything …»

So here’s my new years' confession: I lied

Common perception of GraphQL

When reading opinions about GraphQL distinct patterns keep popping up. Let's have a look at them. 

GraphQL is there to reduce HTTP requests

When fetching complex related data sets with REST, you need to issue multiple requests. GraphQL avoids that by specifying all information requirements upfront. This is true, but just a small part of the picture. HTTP2 would be a better option to just reduce the overhead of multiple requests, without turning everything else upside down.

GraphQL is a supplement to React

That is a widespread misunderstanding since GraphQL was born out of requirements that emerged with complex Javascript clients, which in turn happen to be implemented with React quite often these days. But GraphQL doesn’t make any assumptions about the client technology it is consumed with. It doesn’t even assume it’s used above HTTP.

GraphQL is not cacheable

A GraphQL query may contain information from different entities, varying fields with arbitrary naming and therefore responses can’t be cached. Responses can be cached, but it’s harder. Besides, it is part of the client’s responsibility to construct queries intelligently, so they can be cached instead of blindly cramming everything into one request.

GraphQL is insecure

Or a less drastic wording: GraphQL has a larger attack surface. Depending on your application, that’s true. Since one query can request a cascading amount of related entities, there’s a lot more potential for something going south. This can be mitigated by designing the schema in a way that doesn’t allow funky constructs or using static query complexity analysis to reject queries that could get out of hand. But both approaches require experience and engineering. It’s definitely easier to safeguard a REST API.

GraphQL is a replacement for REST

That's the big misunderstanding. In my opinion, GraphQL shouldn’t be perceived as an alternative to REST, but as the layer underneath. Conceptually, a REST endpoint is nothing but a persisted GraphQL query.

From a consumers perspective, GraphQL can do anything REST can. Period. There is no valid reason to choose REST over GraphQL.

From a providers perspective, the reduced subset of actions and predictable responses of a REST API are a lot easier to manage.

GraphQL’s elevator pitch

This brings me to the 3rd most asked question of 2017: What’s GraphQL’s elevator pitch?

GraphQL shifts control from data storage and structures to client and product development.

This also answers the question of “when” to use GraphQL: Whenever you want your client to be more powerful. This might not be the case for a public HTTP API. But whenever you control the client, GraphQL is the better choice. And keep in mind that “client” doesn’t necessarily mean web browser, React frontend or smartphone application. GraphQL provides a structured way to describe information requirements that are not limited to HTTP.

It is for example possible to use GraphQL in combination with Twig to turn Drupal’s push-based rendering model upside down and give theme developers all the power they longed for. But this story has already been told.

বিভাগসমূহ: Web

These PlayStation Nikes will level up your sneaker game - CNET

Webware - 14 ঘন্টা 49 min আগে
They've got the familiar PlayStation colours -- and its logos light up like the PlayStation 4's power light.
বিভাগসমূহ: Web

'Game of Thrones' is halfway through filming final season - CNET

Webware - 19 ঘন্টা 21 min আগে
Star Peter Dinklage says cast and crew are taking their time as the HBO hit prepares to wrap up for good in 2019.
বিভাগসমূহ: Web

PreviousNext: Managing Composer Github access with Personal Access Tokens

Web - রবি, 01/21/2018 - 10:20অপরাহ্ন

All PreviousNext Drupal 8 projects are now managed using Composer. This is a powerful tool, and allows our projects to define both public and private modules or libraries, and their dependencies, and bring them all together.

 

However, a if you require public or private modules which are hosted on GitHub you may run into the API Rate Limits. In order to overcome this, it is recommended to add a GitHub personal access token to your composer configuration.

 

In this blog post, I'll show how you can do this in a secure and manageable way.

by Kim Pepper / 22 January 2018

It's common practice when you encounter a Drupal project to see the following snippet in a composer.json file:

"config": { "github-oauth": { "github.com": "XXXXXXXXXXXXXXXXXXXXXX" } },

What this means is, everyone is sharing a single account's personal access token. While this may be convenient, it's also a major security risk should the token accidentally be made public, or a team member leaves the organisation, and still has read/write access to your repositories.

A better approach, is to have each team member have their own personal access token configure locally. This ensures that individuals can only access repositories they have read permissions for, and once they leave your organisation they can no longer access any private dependencies.

Step 1: Create a personal access token

Go to https://github.com/settings/tokens and generate a new token.

You will need to specify all repo scopes.

Finally, hit Generate Token to create the token.

Copy this, as well need it in the next step.

Step 2: Configure Composer to use your personal access token

Run the following from the command line:

composer config -g github-oauth.github.com XXXXXXXXXXXXXXXXXXXXXXX

You're all set! From now on, composer will use your own individual personal access token which is stored in $HOME/.composer/auth.json

What about Automated Testing Environments?

Fortunately, composer also accepts an environment variable COMPOSER_AUTH with a JSON-formatted string as an argument. For example:

COMPOSER_AUTH='{"github-oauth": {"github.com": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"}}'

You can simply set this environment variable in your CI Environment (e.g. CircleCI, TravisCI, Jenkins) and have a personal access token specific to the CI environment.

Summary

By using Personal Access Tokens, you can now safely remove any tokens from the project's composer.json file, removing the risk this gets exposed. You can also know that by removing access for any ex-team members, they are no longer able to access your organisations repos using a token. Finally, in the event of a token being compromised, you have reduced the attack surface, and can more easily identify which user's token was used.

 

Tagged Composer, Security, Drupal Security
বিভাগসমূহ: Web

Tom Brady's giant coat is heading back to the Super Bowl - CNET

Webware - রবি, 01/21/2018 - 9:39অপরাহ্ন
Blake Bortles and his awesomely alliterative name had no shot against Brady and his hand full of rings.
বিভাগসমূহ: Web

Vikings battle Eagles for right to lose to Tom Brady - CNET

Webware - রবি, 01/21/2018 - 9:38অপরাহ্ন
Crisco was involved, plus Rocky got a makeover. But really, does the NFC winner even have a shot against New England?
বিভাগসমূহ: Web

Tractor beam breakthrough could lead to levitating humans - CNET

Webware - রবি, 01/21/2018 - 7:00অপরাহ্ন
Yes, really. Sci-fi technology that can float objects in mid-air like magic could become reality.
বিভাগসমূহ: Web

পৃষ্ঠাসমূহ