fidzu : Drupal

28 Nov 2025 10:13am GMT

The Drop Times spoke with Witze Van der Straeten about his AI-driven Figma-to-Drupal workflow and how experimenting with SDCs, Canvas, and MCP shaped his approach to front-end work. He also reflects on how the Drupal community influenced his growth as a developer.

28 Nov 2025 8:54am GMT

With Oaisys 25 just days away, QED42 Engineering Manager Vidit Anjaria sits down with The DropTimes to talk about the evolution of engineering culture, the lessons that shaped his approach to architecture, and why this weekend's open-source AI practitioners' event could mark a turning point for the community.

27 Nov 2025 2:32pm GMT

Today is Thanksgiving in the US. I know it's not a global holiday, but it has me thinking about gratitude, and specifically about a team that rarely gets the recognition it deserves: the Drupal Security Team.

As Drupal's project lead, I'm barely involved in our security work. And you know what? That is a sign that things are working really well.

Our Security Team reviews reports, analyzes vulnerabilities, coordinates patches across supported Drupal versions, and publishes advisories. They work with Drupal module maintainers and reporters to protect millions of websites. They also educate our community proactively, ensuring problems are prevented, not just fixed. It can be a lot of work, and delicate work.

To get an idea of the quality of their work, check out recent advisories at drupal.org/security. I know it's maybe strange to point out security advisories, but their work meets the highest standards of maturity. For example, Drupal is authorized as a CVE Numbering Authority, which means our security processes meet international standards for vulnerability coordination.

Whether you're running a small blog or critical government infrastructure, the Security Team protects you with the same consistency and professionalism.

While I'm on our private security team mailing list, they do all this without needing me to oversee or interfere. In fact, the team handles everything so smoothly that my involvement would only slow them down. In the world of open source leadership, there is no higher compliment I can pay them.

Security work is largely invisible when done well. Nobody celebrates the absence of breaches. The researchers who report issues often get more recognition than the team members who spend hours verifying, patching, and coordinating fixes.

All software has security bugs, and fortunately for Drupal, critical security bugs are rare. What really matters is how you deal with security releases.

To our Security Team: thank you for your excellence. Thank you for protecting Drupal's reputation through consistent, professional, often invisible work, week after week.

27 Nov 2025 1:00pm GMT

Vector databases have become a key component of modern AI applications in Drupal. Thanks to integration with the AI Search module, they enable semantic content search, reduction of hallucinations in AI chatbots, and implementation of advanced RAG (Retrieval Augmented Generation) functions. Choosing the right VDB provider can significantly impact the performance, cost, and scalability of your AI solution in your Drupal project.

27 Nov 2025 10:24am GMT

LocalGov Drupal Week 2025 recap: Explore key takeaways from the conference that brought together brilliant minds to advance public sector digital transformation and build better citizen services.

27 Nov 2025 10:00am GMT

AI has sped up proposal writing-but made them all sound the same. In this DrupalCon Vienna session, Monisha Navlani explores how Drupal agencies can rise above the noise with real-world context, trust, and a human voice.

27 Nov 2025 7:39am GMT

Several years ago, I built a photo stream on my Drupal-powered website. You can see it at https://dri.es/photos. This week, I gave it a small upgrade: infinite scroll.

My first implementation used vanilla JavaScript using the Intersection Observer API, and it worked fine. It took about 30 lines of custom JavaScript and 20 lines of PHP code.

But Drupal now ships with htmx support, and that had been on my mind. So a couple of hours later, I rewrote the feature with htmx to see if it could do the same job more simply.

It's something I love about Drupal: how we keep adding small, well-chosen features like htmx support. Not flashy, but they quietly make everyday work nicer. Years ago, Drupal was one of the first CMSes to adopt jQuery, and our early adoption helped contribute to its widespread use. Today, we're replacing parts of jQuery with htmx, and Drupal may well be among the first CMSes to ship htmx in core.

If, like me, you haven't used htmx before, it lets you add dynamic behavior to pages using HTML attributes instead of writing JavaScript. Want to load content when something is clicked or scrolled into view? You add an attribute like hx-get="/load-more" and htmx handles the request, then swaps the response into your page. It gives you AJAX-style interactions without having to write JavaScript.

To make the photo stream load more images as you scroll, I added an "htmx trigger". When it scrolls into view, htmx fetches more photos and appends them to the right container. The resulting HTML looks like this:

<div hx-get="/photos/load-more?offset=25"
         hx-trigger="revealed"
         hx-target="#album"
         hx-swap="beforeend">
  <figure>
   ...
  </figure>
</div>

The hx-get points to a controller that returns the next batch of photos. The hx-trigger="revealed" attribute means "fire when scrolled into view". The hx-target="#album" tells htmx where to put the new content, and hx-swap="beforeend" appends it at the end of that #album container.

I didn't want users to hit the last photo and have to wait for more to load. To keep the scrolling smooth, I added the trigger a few photos before the end. This pre-fetches the next batch before the user even realizes they are running out of photos. This is what the code in Drupal looks likes:

// Trigger 3 images before the end to prefetch the next batch.
$trigger = array_keys($images)[max(0, count($images) - 4)];

foreach ($images as $key => $image) {
  …

  if ($key === $trigger) {
    // Add htmx attributes to the <div> surrounding the image.
    $build['#attributes']['hx-get'] = '/photos/load-more?offset=' . ($offset + $limit);
    $build['#attributes']['hx-trigger'] = 'revealed';
    $build['#attributes']['hx-target'] = '#album';
    $build['#attributes']['hx-swap'] = 'beforeend';
  }
}

And the controller that returns the HTML:

public function loadMorePhotos(Request $request) {
  $offset = $request->query->getInt('offset', 0);
  $limit = 25;
  $photos = PhotoCollection::loadRecent($offset, $limit);
  if (!$photos) {
    return new Response('');
  }

  $build = $this->buildImages($photos, $offset, $limit);
  $html = \Drupal::service('renderer')->renderRoot($build);
  return new Response($html);
}

Each response includes 25 photos. It continues fetching new photos as you scroll down until there are no more photos, at which point the controller returns an empty response and the scrolling stops.

As you can tell, there is no custom JavaScript in my code. It's all abstracted away by htmx. The htmx version took less than 10 lines of PHP code (shown above) instead of 30+ lines of custom JavaScript. The loadMorePhotos controller I needed either way.

The savings are negligible. Replacing a couple dozen lines of JavaScript won't change the world. And at 16KB gzipped, htmx is much larger than the custom JavaScript I wrote by hand. But it still feels reasonable. My photo stream is image-heavy, and htmx adds less than 0.5% to the initial page weight.

Overall, I'd say that htmx grew on me. There is something satisfying about declarative code. You describe what should happen, and the implementation disappears. I may try it in a few more places to improve the user experience of my site.

26 Nov 2025 10:55pm GMT

Florida DrupalCamp voted best DrupalCamp on the planet (and sessions are now open)! mherchel Wed, 11/26/2025 - 16:24

26 Nov 2025 9:24pm GMT

"Where did I put the key?" - you might ask yourself this when searching for your house or car keys, and the same can happen on a Drupal site. Almost all modern websites rely on keys for integrations with other services, secure authentication, and sensitive data protection. They can be used by anyone - a developer wiring up a complex integration or a marketer adding credentials from a user-friendly service like Mailchimp.

26 Nov 2025 3:45pm GMT

26 Nov 2025 2:09pm GMT

Since 2019, DevBranch hasn't attended DrupalCon in person due to war and pandemic disruptions. Yet from their Lutsk office, the Ukrainian team continues to gather for every Driesnote-sharing insights, staying connected, and embodying the Drupal community spirit through challenging times.

26 Nov 2025 11:49am GMT

Email testing isn't broken - the method often is. Katherine Pay outlines the five most common mistakes marketers make with A/B testing and introduces the Holistic Testing Methodology to fix them. From missing hypotheses to shallow metrics and isolated tests, this guide explains how to run smarter experiments that drive real insight and long-term results.

25 Nov 2025 5:45pm GMT

How the Irish Government's "Build to Share" Vision Comes to Life: A New Public Consultations Module for All

markconroy 25th Nov 2025

25 Nov 2025 12:29pm GMT

SEO today is all about intent and clarity, not keyword counts. Read this blog to find out how relevance optimization can strengthen your Drupal site's discoverability.

25 Nov 2025 10:58am GMT

24 Nov 2025 11:34pm GMT