Drupal Core Updates for Aug 4, 2014

What's new with Drupal 8?

It's been an exciting two weeks as Twig Autoescaping was turned on by default, the menu links system was completely revamped, entity caching was finally added to core, and we switched Drupal 8 version numbers to Semantic Versioning!

The switch to semantic versioning means that if you have a clone of Drupal 8 core, you shouldn't patch the 8.x branch anymore: use 8.0.x instead. To switch branches, simply run git fetch origin && git checkout -t origin/8.0.x. See jhodgdon's announcement to the Core group for more information.

The valiant efforts of the 15-person team at the Drupal 8 Code Sprint at the Jersey Shore saw 30 issues move forward, 12 of which have already been committed. For more information, read this recap of the event by Kalpana Goel of Forum One.

Finally, thank you to all the contributors who helped us fix 378 Drupal 8 issues in July, 101 more than in June! The fast turnaround in the RTBC queue from our awesome core maintainers has been really motivating — as of right now the RTBC queue is totally empty, meaning that every RTBC issue has either received committer feedback or been committed. (Also noteworthy, Alex Pott of Chapter Three committed a remarkable 70% of July's many commits. Wow!)

Where's Drupal 8 at in terms of release?

In the past week, we've fixed 9 critical issues and 22 major issues, and opened 4 criticals and 35 majors. That puts us overall at 104 release-blocking critical issues and 656 major issues.

Only 3 of 173 beta blockers remain before we can release a Drupal 8 beta. This means Drupal 8 will soon be in beta, so now is the time to take a close look at the remaining critical issues and beta deadline issues. In each issue, help clarify:

1. If it's critical or major, why?
2. What would be the implications of not fixing the issue?
3. What would be the implications of fixing the issue between betas? (Code changed for modules, upgrade path, etc.)
4. What would be the implications of fixing the issue after the first release candidate?
5. What is the next step to make progress? What are the remaining tasks?

Where can I help?

Top criticals to hit this week

Each week, we check with core maintainers and contributors for the "extra critical" criticals that are blocking other work. These issues are often tough problems with a long history. If you're familiar with the problem-space of one of these issues and have the time to dig in, help drive it forward by reviewing, improving, and testing its patch, and by making sure the issue's summary is up to date and any API changes are documented with a draft change record, we could use your help!

• Issue #1934152: Figure out if we want global config overrides to stick (settings.php overrides don't work on all pages) aims to determine if it would be more secure/sane to apply global configuration overrides hard-coded into settings.php even when they wouldn't normally (for example, when editing/previewing a the configuration of a view in the Views UI, where request/URL don't apply because they're intended for the edit page, not the view itself), or whether it would be better to provide a 2-tiered override system (one for global overrides and one for "soft" request/URL overrides).
• Issue #2313159: [meta] Make multilingual views work is a collection of problems related to making multi-lingual views in Drupal 8. A number of the sub-issues are "Major", meaning they have significant repercussions but do not render the whole system unusable.

More ways to help

• Issue #2189661: Replace $form_state['redirect_route'] with setRedirect() aims to make the Form API more consistent with the rest of core, but the patch is out-of-date and needs to be re-rolled.
• Pick a critical issue or beta deadline issue, take the time to thoroughly read the issue (including doing some background reading if necessary to understand the problem space), and then update the issue summary for the issue. Include a summary of the current status and remaining tasks for the issue, and identify any API changes the issue would introduce. Consider whether the change would require a change record or updates to existing change records. Consider what the implications of not resolving the issue would be, or of resolving it after the first beta or after release.
• We also need help writing help text for core modules like Entity, Contextual Links, Field UI, Image, Taxonomy and Toolbar. This is an easy way to learn the Drupal Core contribution process and start contributing to Drupal Core.
• Help brainstorm how to improve core's Contact module for Drupal 8.1 and beyond.

As always, if you're new to contributing to core, check out Core contribution mentoring hours. Twice per week, you can log into IRC and helpful Drupal core mentors will get you set up with answers to any of your questions, plus provide some useful issues to work on.

You can also help by sponsoring Drupal core development.

Notable Commits

The best of git log --since "2014-07-16" --pretty=oneline (180 commits in total):

• Issue 1825952 by Fabianx, joelpittet, bdragon, heddn, chx, xjm, pwolanin, mikey_p, ti2m, bfr, dags, cilefen, scor, mgifford: Turn on twig autoescape by default
  Now, every string printed from a twig template (i.e.: between {{ and }}) is automatically run through String::checkPlain(). This makes it hard for themers and module developers to accidentally introduce XSS attack vectors in their code, which is a big win for security.
  If you notice a double-escaping issue, please update Issue #2297711: [meta] Fix double-escaping due to Twig autoescape.
  A follow-up issue was also committed: Issue #2289999 by dawehner, Cottser | Fabianx: Add an easy way to create HTML on the fly without having to create a theme function / template.. This makes it easier to generate tiny chunks of HTML where full Twig files would not be useful.
• Issue 2256521 by pwolanin, dawehner, Wim Leers, effulgentsia, joelpittet, larowlan, xjm, YesCT, kgoel, victoru, berdir, likin, plach, alexpott: [META] New plan, Phase 2: Implement menu links as plugins, including static admin links and views, and custom links with menu_link_content entity, all managed via menu_ui module.
  This critical beta-blocker completely revamped the menu link system on the back-end (the UI for managing menus and menu links remains largely the same). It added a common interface for menu links, to hide implementation details and let different storage methods work together in the same menu tree, condensed the crufty, confusing code that loads and renders menu trees down to just three methods, decoupled breadcrumbs and menu links, and broke down the code into multiple services to allow different behavior to be customized with a minimal amount of code.
• Issue 597236 by Berdir, catch, msonnabaum, Xano, Wim Leers, jhedstrom, amateescu, corvus_ch, swentel, moshe weitzman, Gábor Hojtsy, riccardoR, killes@www.drop.org, et al: Add entity caching to core.
  This issue, which has been around in various forms for about 10 years, increases overall peformance by caching entities so they don't have to be rebuilt every page request. Initial performance testing showed a performance increase of about 15%, although this varies based on the number of loaded entities.
• Issue 1986418 by tompagabor, LewisNyman, idflood, jamesquinton, lauriii, emma.maria, danmuzyka, rteijeiro, scronide, frankbaele, Coornail, ekl1773, oresh, philipz | Bojhan: Update textfield & textarea style.
• Issue 733054 by jhodgdon, mkalkbrenner, amitgoyal, ndewhurst: Fixed Watchdog logging of all searches is performance hit; need ability to turn it off.
• Issue 1288442 by jhodgdon | Wolfflow: Added search index status to the Status Report page.
• Issue 2062043 by eelkeblok, longwave, rhm50, InternetDevels, alvar0hurtad0, Xano: Replace user_access() calls with $account->hasPermission() in core files.
• Issue 2293773 by Gábor Hojtsy, alexpott, effulgentsia, penyaskito, hussainweb: Fixed Field allowed values use dots in key names - not allowed in config.
• Issue 2247049 by sqndr, herom, LewisNyman: Redesign password strength indicator so it's less fragile.
• Issue 2225353 by tim.plunkett: Convert $form_state to an object and provide methods like setError().

You can also always check the Change records for Drupal core for the full list of Drupal 8 API changes from Drupal 7.

Drupal 8 Around the Interwebs

If you want to keep up with the changes in Drupal 8, but you'd rather absorb yourself in articles than dig through diffs, here are some notable blog posts to read:

• Lizzie Hodgson explains user personas, why they're important, and how Deeson Online's content strategists came up with and contributed personas to the Drupal 8 landing page on Drupal.org based on Dries' keynote in Prague.
• Virginia Durikova of Mogdesign discusses the importance of the #d8rules Drupalfund project and analyzes why it was so successful.
• Kim Pepper of PreviousNext wrote a tutorial on how to use Drupal 8 Condition Plugins API.
• Thomas Seidl wrote a tutorial on how to create your own Drupal 8 service.
• Keenan Holloway of Forum One shares a presentation on how to get set up for Drupal 8 development.
• Pedro Rocha of SingleView blogged about his experience using the popular Bootstrap framework to theme a Drupal 8 site.
• Kyle Hofmeyer of Drupalize.Me lists some Drupal 7 modules that provide Drupal 8 features.
• Alex Pott of Chapter Three writes about reviewing Drupal 8 patches with PHPStorm.

Drupal 8 in "Real Life"

August will have many events for you to meet other Drupal contributors and collaborate on the issues you're passionate about! Some notable ones are:

• Aug 7-10: Twin Cities DrupalCamp in Minnesota, USA will have a sprint room for all four days and has a sprint sign-up. @TCDrupal
• Aug 7-10: Drupalaton at Lake Balaton, Hungary has Drupal 8 sessions and sprints. @drupalaton
• Aug 9: Vacation Code Sprint in Wrocław, Poland will be meeting to work together on Drupal 8 at the RatioWeb offices.
• Aug 16-17: Drupal Sprint Weekend in London, England will have new-contributor, core and contrib sprints.
• Aug 22: DrupalGov in Canberra, Australia features everything relating to Drupal and the Australian Government, including Drupal 8 sessions.
• Aug 23: Drupal 8 core sprint in Helsinki, Finland will focus on Drupal.fi and Drupal 8 Core.

Whew! That's a wrap!

Do you follow Drupal Planet with devotion, or keep a close eye on the Drupal event calendar, or git pull origin 8.0.x every morning without fail before your coffee? We're looking for more contributors to help compile these posts. You could either take a few hours once every six weeks or so to put together a whole post, or help with one section more regularly. Contact xjm if you'd like to help communicate all the interesting happenings in Drupal 8!