Come Monday, March 23rd, for a day devoted to Drupal in healthcare- a relaxed and friendly opening to DrupalCon with information-packed presentations plus two "table talk" sessions which will give everybody a chance to dive deeply into key topics, including privacy and overall takeaways. Whether you are in a state department of health, a non-profit hospital, a public health organization, or anyplace else in the broad healthcare space, there are unique needs in ensuring security, accessibility, compliance, and availability of important information and tools.
Online communication and emerging technologies promise improved access and capabilities for patients and professionals. Useful and inspiring digital experiences, however, must be built on a foundation of privacy, accessibility, and legal compliance. Come listen to healthcare technology practitioners share their experience solving these and more challenges in healthcare.
Ticket includes lunch, and we will be all wrapped up by 4pm.
Who Should Attend
Everybody interested in hearing and discussing how companies and the community are creating rich digital experiences in the healthcare space. All levels of colleagues in the pharma, medical, clinical, hospital, payers, caregivers, advocates, and healthcare professional space should go to DrupalCon and the Healthcare Summit!
Bring your needs to the table talks and we will embark on facilitated peer-to-peer problem solving with others who are affected and tech and healthcare industry experts.
COVID-19/DrupalFlu Safer Space
We will have a sensor in the room to monitor CO₂ levels and if they remain between at 800-1000 ppm.
Agaric will also have high-quality N95 masks available to anyone who wants them, and may bring our own MERV-13 Corsi-Rosenthal box fan filter, which provides appropriate filtration for reducing the spread COVID-19.
More about the Healthcare Industry Summit
The Healthcare Industry Summit brings together professionals and innovators to explore how Drupal can drive impact in healthcare. Through expert-led sessions, you'll gain insights into topics such as the responsible use of AI, personalization, content marketing, and streamlining migrations.
In addition to presentations, roundtable discussions will provide opportunities to share experiences, exchange ideas, and build connections with peers tackling similar challenges. Join us to discover innovative approaches and collaborative strategies that are shaping the future of healthcare with Drupal.
I'm setting up my Drupal Playground to experiment with AI coding agents. My previous post was about using Claude Code to establish a Drupal environment, and it felt a bit like crawling, but now I am ready to pick up the pace.
I've experimented and found that, in addition to sending effective code-generation prompts to an AI, providing metadata about the targeted codebase is equally important. The standard way to give this context is AGENTS.md. My initial experiments with Amazee.io's AGENTS.md produced much better results with PHPStorm's Junie. I'm inclined to think that Drupal core should include an AGENTS.md file or template.
Meanwhile, I've been experimenting with Claude's Chat UI without any context beyond knowing I am a Drupal developer. Despite this, Claude, with no background information, shows an impressive understanding of Drupal's API and developer workflow. For example, Claude can plan and develop an entire module, including automated tests. I look forward to seeing Claude attempt to build a Telephone Filter module, based on the one I created with ChatGPT a year ago. For now, I plan to continue setting up my environment to give Claude Code the necessary context to produce the most reliable results.
A recap shared by DevBranch outlines the 30th Drupal Cafe Lutsk meetup, marking an anniversary gathering with three talks and community participation. The event combined technical discussion, personal narratives, and organiser insights, while retaining its informal structure with food, certificates, and an afterparty. The summary reflects the continuing role of local meetups in sustaining Drupal community engagement.
If you study computer science or web development, you'll take an introductory JavaScript course. Everyone starts in a similar place: variables, let and const (or var if you're old enough), maybe even a conversation about the difference. You write a few functions, do some math, and concatenate some strings. It feels like learning a language in the abstract - technically correct, but removed from real work.
Before long, you are manipulating a web page. You grab an element, change its content, add a class, and attach a click handler. The browser responds. The page changes. It finally feels tangible.
But even then, JavaScript can feel like a layer you add on top rather than the foundation of the experience itself. And almost inevitably, you move to a library or framework. For many of us, that once meant jQuery.
Abstraction solved real problems
jQuery did not become dominant because developers were lazy. It solved real problems. Browsers were fragmented. There was no consistent way to select elements from the DOM. Event handling varied. AJAX required wrestling with verbose XMLHttpRequest code and awkward callback patterns. jQuery unified those concerns behind a clean, approachable interface: the dollar sign selector, the on method, simple get and post helpers, animations like fadeIn and slideUp.
It was a necessary abstraction at the time.
Over the years, though, the platform evolved. Browsers standardized. APIs matured. ES6 modernized the language. CSS grew far more capable. Many of the problems jQuery once addressed were absorbed directly into the browser.
The platform changed.
When thoughtful choices become defaults
We may be living through a similar moment with modern frameworks. React and other tools solve meaningful problems. They help teams move quickly and provide structure, especially for developers early in their careers. In many cases, they are exactly the right choice.
But over time, thoughtful decisions can quietly become defaults. A subtle assumption can creep in: if something feels modern or interactive, it probably requires a framework.
The shift is not dramatic. It is behavioral. Instead of beginning with the problem, we sometimes begin with the stack. If an interaction feels dynamic or app-like, we assume it needs something larger.
Frameworks offer guardrails and shared patterns, and that consistency is valuable. But when the tool becomes the starting point for every conversation, it can narrow the range of options we consider. We stop asking what the browser already provides. We begin to treat complexity as the baseline for modern work.
This is not bad architecture.It is often just unexamined architecture.
It shows up in small ways: adding a dependency before exploring a native API, reaching for a heavy client-side solution when progressive enhancement might be enough, and introducing new tooling because that is what modern projects tend to do. Each decision is understandable on its own. Over time, though, they expand the surface area of a project: more dependencies, more upgrades, more maintenance. Fewer dependencies can mean fewer upgrades to manage, fewer compatibility conflicts, and a smaller maintenance surface over time.
The foundation is stronger than we remember
While we have been refining our build pipelines and debating frameworks, the browser has continued to evolve. Quietly and steadily. Modern JavaScript is not what it was 10 or even five years ago. Today's browsers ship with stable, well-documented APIs that address many of the use cases we once handled with libraries.
Need to know when something enters the viewport? There is Intersection Observer.
Need to react to changes in the DOM without polling? Mutation Observer is built in.
Need to respond to screen size changes? MatchMedia handles that cleanly.
Need to persist data between sessions? Local storage is there.
Need to integrate with a device's native share dialog? There is an API for that.
CSS has evolved as well. Layout systems, transitions, scroll behaviors, and positioning features eliminate entire categories of JavaScript we once considered unavoidable.
And the language itself has matured. Modules, promises, async and await, richer array methods, cleaner syntax. These are no longer experimental features. They are part of the platform.
None of this is particularly flashy. It is simply what the browser now provides.
The hard part is not writing JavaScript. It is knowing what exists.
The important point is not that every project should avoid frameworks. It is that many of the problems we once solved with external libraries now have first-class support in the browser itself. So, what does that mean in practice?
Add one small pause to your workflow. Before installing a dependency, check the platform. Search MDN. Look up "browser API for…" and see what comes back. You might discover that Intersection Observer replaces the scroll library you were about to add. Or that CSS handles the animation without JavaScript at all.
It means reframing how you evaluate tradeoffs. When a feature request comes in, write down the requirement in plain language before you write down the stack. What actually needs to happen? A modal opens. Content animates on scroll. State persists between visits. Once the behavior is clear, ask whether the browser can already do it.
It means keeping a short list of native capabilities in your mental toolkit: MatchMedia. Local storage. Native form validation. ResizeObserver. The goal is not to memorize every API. It is important to remember that vanilla JavaScript is an option.
It also means normalizing this conversation on your team. When someone suggests a new library, ask a simple question: is there a native way to do this? Not as a challenge. As due diligence.
None of this requires abandoning modern tooling. It simply widens your decision tree. And it costs almost nothing but attention.
Join us at DrupalCon Chicago
In our session, "Elevating Drupal Experiences with Vanilla JavaScript," we'll share how we've used modern browser capabilities to build rich, interactive experiences within Drupal - not by rejecting frameworks, but by pairing Drupal's strengths with what the browser already does well.
We'll walk through:
Where native APIs replaced heavier dependencies
Where progressive enhancement simplified complexity
Where we had to rethink our own assumptions
More than anything, we hope it sparks a conversation.
If you go
If you're going to DrupalCon Chicago 2026, please make sure to attend the session with Mari and Andrés.
Where: Hilton Chicago, 720 S. Michigan Ave., Chicago, IL 60605, Salon A-2 (LL)
Three complete rewrites with three AI coding tools over 14 months. Each rewrite passed the same test suite. The spec and the tests are not interchangeable. The AI tool is.
This covers the many options it offers developers for fine-tuning their module code, from dependency injection to plugin inheritance, entity base fields, form elements, permissions, library asset files, and more.
Meanwhile, the latest release of Module Builder adds a feature I've wanted to implement for a very long time: when a new form section is added to add a new component (such as a plugin, hook class, or entity type), the form scrolls up to the new section that's just been added with AJAX. This makes it much clearer to understand what's just been changed, and helps with navigating around Module Builder's forms.
Undocumented trick to make Composer copy a local package repository
I needed to test a Drupal module I was working on in a Docker container. The code was not in a location accessible to Docker. I tried to use Composer to copy it over. This would have worked if the code contained a composer.json file. I could have used a Composer path repository with symlink set to false. But it did not contain a composer.json file, so I had to use a Composer package repository. Composer kept symlinking instead of copying.
As accessibility deadlines approach, a DrupalCon Chicago 2026 session examines how government and university teams can move beyond compliance-driven approaches and integrate accessibility into design, development, and content workflows. Drawing on real project experience, the session positions accessibility as an ongoing practice shaped by systems, not a final checkpoint.
Matthew Saunders will present a talk on neuro-inclusive system design at DrupalCon Chicago 2026, focusing on how organisational structures create friction for neurodivergent individuals. The presentation outlines practical changes to hiring, team operations, and leadership practices, positioning neuroinclusion as a systems-level design problem rather than a policy concern.
Join us THURSDAY, March 19 at 1pm ET / 10am PT, for our regularly scheduled call to chat about all things Drupal and nonprofits. (Convert to your local time zone.)
We don't have anything specific on the agenda this month, so we'll have plenty of time to discuss anything that's on our minds at the intersection of Drupal and nonprofits. Got something specific you want to talk about? Feel free to share ahead of time in our collaborative Google document at https://nten.org/drupal/notes!
All nonprofit Drupal devs and users, regardless of experience level, are always welcome on this call.
This free call is sponsored by NTEN.org and open to everyone.
Just one week after beta 3, we are happy to announce the release of Display Builder 1.0.0-beta4! This is a focused stabilization release, shipping a solid batch of bug fixes - in particular around Entity view overrides - alongside improved API error logging and a handful of developer-facing improvements.A big thank you to the 6 contributors who made this release possible: anruether, fmb, ipumpkin, mogtofu33, nickolaj, and pdureau.
At Tag1, we believe in proving AI within our own work before recommending it to clients. This post is part of our AI Applied content series, where team members share real stories of how they're using Artificial Intelligence and the insights and lessons they learn along the way. Here, Stefanos Petrakis, maintainer of the File Upload Secure Validator module, shows how he used AI to modernize a small but widely used Drupal security module and prepare it for Drupal 12.
From "I'll Get to It" to Done: Modernizing File Upload Secure Validator
I've been meaning to clean up the File Upload Secure Validator project and get it ready for Drupal 12 for a while now. This small, focused module has been around for nearly a decade. Despite its simplicity, it continues to serve more than 10,000 reported sites, and adoption has only accelerated with the introduction of Drupal AI. With the help of Cline and Claude, I finally did a full overhaul of the codebase: switching to Drupal 11-only support, expanding the automated test suite, and positioning the project for Drupal 12.
Figure 1: Weekly File Upload Secure Validator usage report, that refects an increase in usage post Drupal AI release.
A Decade-Old Module Meets Drupal 12
This was the kind of maintenance work I kept putting off, the same feeling I get when I need to sit down and do my taxes. I knew the project needed cleanup and modernization, but I wanted a little push and some company in doing the work. The missing motivation and sense of camaraderie were, in many ways, the biggest challenges.
On top of that, I had a clear vision for how I wanted to extend the test suite, and I knew it would be time-consuming. Time, or the lack of it, was a major factor, especially for this kind of detailed, behind-the-scenes work on an open source module.
Turning a Wish List Into a Working Plan
To move things forward, I turned to Cline and Claude to help plan the future of the module. I started by writing down a list of "wishes" for the project: the improvements I wanted to see in the code, tests, and overall quality.
Cline turned that list into a detailed execution plan. It also generated questions about the approach, which led us into a few iterations before we settled on the final course of action. That planning process gave structure to the work and made it much easier to tackle in focused sessions.
Before this overhaul, the project had accumulated a number of issues:
Multiple GitLab CI failures
Drupal 11.3+ deprecation warnings
Unit test failures (including static method and TranslatableMarkup issues)
Limited test coverage
383+ PHPCS violations
CSpell errors
PHPStan attribute errors
After the overhaul, the picture looks very different:
All GitLab CI tests passing
Zero deprecation warnings
23 tests with 164 assertions
0 PHPCS errors and 0 warnings
0 CSpell errors
0 PHPStan errors
100% CI quality checks passing
This overhaul gave me the "manpower" and momentum I was missing to push the project forward. Just as importantly, it gave me confidence that I can continue supporting this module in the future.
AI-Amplified Maintenance for Critical Dependencies
Maintaining and supporting open source libraries can often become demanding because of limited time and resources. In client projects, dependencies on under-maintained open source projects can increase the effort required to maintain or upgrade the client's own platform.
Partners like Cline and Claude can change the game in an advantageous way. Such a change can help teams keep critical open source dependencies up to date, improve quality, and reduce risk without requiring a huge amount of extra human capacity.
This post is part of Tag1's AI Applied content series, where we share how we're using AI inside our own work before bringing it to clients. Our goal is to be transparent about what works, what doesn't, and what we are still figuring out, so that together, we can build a more practical, responsible path for AI adoption.
Bring practical, proven AI adoption strategies to your organization, let's start a conversation! We'd love to hear from you.
Dave has been crafting websites since 2003 and has been active with Drupal communities around the world, sharing a passion for improving effectiveness, editorial experience, and long-term success.
January 1, 1970
A dashboard isn't just a summary page. It's a statement of priorities. Every item that appears, and everything that doesn't, tells editors what the organization believes actually matters.
That's worth thinking carefully about, because most dashboards aren't designed that way. They're assembled. A few shortcuts here, some default widgets there. The result is a starting screen that reflects what was easy to build rather than what editors actually need.
We help manage a Drupal platform that supports 500 editors across 130 sites. Getting a dashboard right for that kind of scale required us to ask some uncomfortable questions about what we actually valued, and what we'd been ignoring.
The quarterly PDF problem
Before we built our dashboard, someone on our platform team was manually generating reports for each of the 130 sites every quarter. Accessibility problems. Broken links. Duplicate content. All compiled, formatted, and sent out as a PDF.
It was better than nothing. But it had two serious problems.
First, people were unlikely to act on it. A PDF that arrives by email, detached from the website itself, is easy to file away and forget. Second, even the editors who did read it had no way of knowing whether they were improving until the next quarter's report showed up. The feedback loop was three months long.
This is a pattern that's common across organizations: the information that would most help editors do better work exists somewhere, but it's separated from the moment when they're actually ready to act on it. Updates get coordinated in chat threads. Content issues arrive by email. Broken link reports live in spreadsheets.
Editors are expected to carry all of that context across multiple tools and respond when something surfaces. For people whose primary job isn't web publishing, that's a lot to ask.
A dashboard brings that context back into the CMS, the place where the work actually happens.
The right moment to surface information
Editors don't log into a CMS at random. They arrive with a purpose: fixing a typo, publishing a new story, or checking whether a content import ran correctly. Whatever the task, they're already in the right mindset. They're thinking about the website and are ready to make changes.
That makes login the ideal moment to surface what needs attention.
On our dashboard, we highlight the pages with the most accessibility errors. We show a list of broken links. We surface draft content that never got published. These aren't things editors have to go hunting for. They appear right when editors are ready to do something about them.
We also use the dashboard to answer questions editors commonly ask us. One recurring one: how does content get into the site from other university systems? Faculty profiles, events, and course data. All of it comes in through automated imports. Drupal has robust tools for this, but its default interface exposes every option and setting, which is overwhelming for a content editor. So we'd never exposed it to them at all. Editors had no visibility into something that was working fine. They just didn't know it.
The dashboard gave us a place to show a simplified view of those imports: here's when faculty profiles last synced, here's the kinds of courses that are imported to this site. Just enough to answer the question and build confidence. Support requests about content imports dropped significantly after we added that.
From awareness to action
Information alone doesn't change much. The problem usually isn't awareness. It's timing.
When a broken link shows up in a quarterly report, the path from seeing it to fixing it is long and uncertain. Someone reads the report, makes a mental note, hopes they remember. Most of the time, they don't. By integrating that same information into the dashboard, the cycle changes:
The feedback loop collapses from months to minutes. A broken link becomes a clickable item. A page stuck in draft becomes a quick decision. A list of accessibility errors becomes something an editor can start working through today.
One practical note from experience: some data sources introduce delays. Our broken link list comes from Siteimprove via API, which means that when an editor fixes a broken link, it won't disappear from the dashboard immediately. We didn't think about that until after we launched. It's not a dealbreaker, but it's worth designing around. At minimum, set expectations with editors so a fixed link that still appears on the list doesn't feel like a bug.
Every dashboard reflects a choice
Dashboards aren't neutral. They're curated.
Every item that appears is there because someone, explicitly or quietly, decided it mattered. Looking at our current dashboard, I can tell you what it says about our priorities: we value accessible content (pages with the most accessibility errors are one of the most prominent blocks), and we value simplicity and iteration over comprehensiveness.
What's not on the dashboard is equally revealing. We don't have traffic metrics or analytics. For this particular higher ed institution, that's a deliberate choice. The focus is on content quality and editor success, not marketing outcomes. For other clients we work with, traffic data would need to be front and center. The dashboard has to reflect what that organization actually cares about.
The conversations that happen while building a dashboard are often more valuable than the dashboard itself. When you ask your team what should appear on it, you surface competing priorities that usually haven't been written down anywhere:
What are editors most commonly asking us for help with?
What do we wish editors were doing that they aren't?
What should be the first thing someone sees when they log in?
What action should be easiest to take?
Those questions don't always have obvious answers. But asking them is how you build something useful rather than something that just looks like a dashboard.
And don't let perfect be the enemy of good. Our first dashboard was basic: simple tables, in a single column, nothing animated or interactive. If you get a dozen useful things on a dashboard, the organization as a whole is going to be better for it. Start there, then build up.
Guidance, not enforcement
There's a real risk that a dashboard drifts into feeling like a compliance tool, a place that exists primarily to point out what's wrong. If the only things editors see when they log in are warnings and error counts, the dashboard starts to feel like surveillance.
The same information can be framed very differently. A list of pages with accessibility errors isn't a punishment; it's a prioritized to-do list. A reminder about draft content that was never published helps an editor finish work that might otherwise be abandoned. A note that a component has recently changed gives editors a heads-up to check their pages before finding out something looks broken.
That last one is something we've gotten real value from. Our platform has 130 sites, which means making a breaking change to a component has a wide impact. Before we had the dashboard, that kind of communication was difficult. We still do targeted communications about breaking changes. But now we also use a simple announcements block (it pulls from a Google spreadsheet where each row is an announcement) to reach editors right where they're working. It's low-tech, but it means we can flag an upcoming change and tell editors exactly what to check. That's made us more comfortable shipping improvements we might otherwise have sat on.
The goal isn't to catch mistakes. It's to help editors succeed.
Supporting editors at scale
When your platform supports hundreds of editors across dozens of sites, traditional support breaks down fast. You can't train everyone personally. You can't answer every Slack message. And the editors who log in only a few times a year don't have the context that frequent users build up over time.
The platform itself has to take on more of that responsibility.
One thing that helped clarify our thinking: on the back end, your audience is actually more focused than it might seem. On the front end of a university website, you're trying to serve prospective students, current students, faculty, staff, donors, and more. But in the CMS, your primary audience is your content editors. There might be a few other users (stakeholders who log in occasionally to get a lay of the land, or interns assigned to clean up a single page), but by and large, you're designing for a pretty clear group.
For us, that meant focusing our first version on the editors who log in regularly and need to take action. We can add more guidance for infrequent users in later iterations. Starting with the core use case meant we shipped something useful without trying to solve everything at once.
A well-designed dashboard becomes a quiet guide embedded in the platform, helping editors move forward without needing someone from the platform team to step in. At scale, that kind of built-in guidance isn't just helpful. It's essential.
If you're struggling with taxonomy references in Drupal Canvas, you must read this! Add entity reference autocomplete fields using a simple $ref, no custom code needed.
A DrupalCon Chicago session titled "Future-Proofing Accessibility: Strategies for Government & University Platforms" will examine practical approaches to accessibility implementation as compliance requirements evolve in the United States. Speakers from Lullabot will present lessons from government and university projects, highlighting Drupal's accessibility capabilities, common pitfalls, and strategies for building compliant digital services.
Quarterly report → read → maybe remember → maybe act later