09 Jul 2026

feedDrupal.org aggregator

Dries Buytaert: License-only versus Stewarded Open Source

Near the end of most Open Source licenses, usually in capital letters, sits a clause that disclaims almost everything: no warranty, no liability, use at your own risk.

For an organization that depends on that code, the clause is harsh. If the code fails and takes your data or revenue with it, the license owes you nothing. No fix, no refund, and no one to explain what went wrong.

That is the license doing its job. It makes the code available and protects the people who share it. Without that protection, sharing code could become a gift that backfires: a generous act turned into unlimited legal risk.

But the license can only answer the legal questions: who may use the code, on what terms, and what risk the authors are willing to accept. It cannot tell you what kind of Open Source project you are working with.

Some Open Source is "License-only Open Source": code released under an Open Source license, without active stewardship or any promise of ongoing care. There is no guarantee of updates, fixes, security response, or long-term support.

Other Open Source is "Stewarded Open Source": code cared for as shared infrastructure. Maintainers review contributions, fix bugs, respond to security issues, manage releases, provide long-term support, and much more. Organizations fund maintainers, support core development, donate infrastructure, and absorb costs end users never see.

Both types of projects are Open Source, but they are not the same. A weekend hobby project and business-critical software can ship under the exact same license. Legally, they look identical. Practically, they are worlds apart.

The difference is stewardship. The license makes code available; stewardship makes it dependable. And the more people or organizations depend on a project, the more stewardship it often requires.

Responsibility is the tax on relevance.

Distinguishing license-only from stewarded Open Source gives us the vocabulary to describe two very different realities that the words "Open Source" alone do not capture.

For example, the distinction becomes useful when we talk about contribution. If a company depends on Open Source, should it give back?

For license-only Open Source, the answer can be simple: no one is required to contribute, and that is the point. The code was shared freely, without a promise of care or an expectation of return.

Stewarded Open Source is different. The license may still require nothing, but the work does not happen for free. Someone is paying to keep your code usable, secure, and available. When you depend on that work, the question is not only what the license allows, but who helps carry the responsibilities beyond what the license requires.

The license says use at your own risk. Stewardship is what happens when people decide you should not have to.

09 Jul 2026 9:26pm GMT

Drupal.org blog: GitLab issue migration: thank you Ripple Makers, your projects are next

This is the fifth post in our GitLab issue migration series. So far we've covered the immediate changes, the new workflow for migrated projects, how to use it, and what the migration looks like from a contributor's perspective. This post is about which projects we're migrating next, and why.

We are now migrating projects maintained by Ripple Makers, the individual members of the Drupal Association. If you're a Ripple Maker who maintains one or more contrib projects, this is our thank you for your membership.

Why members first?

Migrating issues to GitLab, and running GitLab itself, has a real cost. There is engineering time for the migration tooling, upgrades for git.drupalcode.org, and ongoing work on the integrations that keep contribution credit, issue forks, and the rest of the Drupal.org glue working smoothly.

That cost is covered by the people and organizations who fund the Drupal Association: Ripple Makers and Drupal Certified Partners. As we schedule migration batches, we are prioritizing projects maintained by members and projects supported by Drupal Certified Partners.

To be clear: every project will eventually be migrated. Membership doesn't change whether your project moves; it changes when. Prioritizing members is a small way to say thank you to the people whose contributions make the infrastructure itself possible.

Not a member yet?

If you'd like your projects prioritized, and, more importantly, if you'd like to support the infrastructure that the whole Drupal ecosystem runs on, this is a good moment:

Membership funds don't just pay for GitLab. They keep Drupal.org, project packaging, GitLab CI, automatic updates infrastructure, and more running for everyone, members and non-members alike.

Reporting bugs and getting help

Found a bug in the migration itself or in the integration between Drupal.org and GitLab? Please file it in the Drupal.org customizations issue queue.

Have a question, or want to share feedback on the new workflow? Join the #gitlab-issues-feedback channel on the Drupal community Slack.

We're continuing to iterate on this transition based on what we hear from maintainers and contributors in migrated projects. Your feedback now shapes the experience for the rest of contrib later.


Related blog posts in this series:


Related issues

09 Jul 2026 2:53pm GMT

Drupal AI Initiative: Distributed Leadership: How the Drupal AI Initiative is Scaling for 2026

By the Drupal AI Initiative

Following our announcement last week introducing Inside AI and Outside AI, we are excited to share how we are scaling our leadership and organizational structure to support these two parallel workstreams.

What started as an ambitious vision originally founded by Jamie Abrahams from FreelyGive quickly gained community-wide momentum. In June 2025, our founding partners - 1xINTERNET, Acquia, Dropsolid, FreelyGive, and Salsa Digital - came together to establish the official Drupal AI Initiative, providing a cohesive strategy, baseline funding, and dedicated staff. Since then, the initiative has grown rapidly to encompass over 30 partner organizations, with many of their team members stepping directly into key leadership and execution roles.

To support our rapid growth and ensure effective daily coordination, we are evolving our structure into a more robust, three-tier governance model comprising a Drupal AI Board, a Drupal AI Leadership Team, and our existing community of AI Partners.

The Drupal AI Leadership Team

The purpose of the Drupal AI Leadership Team is to coordinate day-to-day project execution, align technical and cross-functional work streams, and ensure all initiative activities successfully deliver on our strategic goals.

At the center of this governance evolution, this team formalizes leadership roles that have organically emerged and evolved over the past year. Rather than introducing a brand-new operational layer, this structure officially empowers the individual contributors who have already been actively driving the initiative's day-to-day work.

By having dedicated, individual leads taking ownership of specific subject-matter areas, we ensure that every key aspect of the initiative has focused guidance. This structure also provides a natural avenue for our partner organizations to showcase their technical talent and gain visibility within the ecosystem, while placing experienced contributors in charge of critical technical and horizontal areas.

Leadership structure

The Leadership Team's execution is divided into two distinct, cooperative disciplines:

  • Functional Leads: Individuals who maintain direct ownership of specific functional modules or recipes (such as Agents, Search, or the Context Control Center) and align development roadmaps with the broader goals of the initiative.
  • Cross-Functional Leads: Leads who provide horizontal support across the entire initiative for critical non-feature disciplines like UX, QA, Marketing, Documentation, and Community coordination.

This division ensures that technical teams can focus on delivering robust functionality, while cross-functional leads act as an internal agency to validate, test, document, and promote those features before they reach users.

In an upcoming post, we will share more details about the leadership team structure, introduce our current domain leads, and outline vacant positions.

The Drupal AI Board

Our founding partners, who previously made up the initiative's core steering group, are transitioning to become the members of the Drupal AI Board.

The Board serves as the strategic and supporting foundation for the Leadership Team, establishing a strong, predictable operational environment. Rather than individual developers having to balance ecosystem coordination, funding allocations, and administrative hurdles alongside daily coding, the Board takes on these responsibilities.

Composed of our founding partner companies, the Board is responsible for setting the high-level strategy, defining the general initiative direction, and prioritizing our long-term roadmap. In addition to guiding this overarching strategy, the Board provides baseline initiative funding and staff, manages overall ecosystem alignment, and secures ongoing partner resource commitments. This structural backing ensures a stable operational runway, allowing the Board to focus on defining leadership functions, appointing execution leads, and securing the necessary resource allocations so developers can focus strictly on build and delivery.

What Changes? (And What Stays the Same)

For the developers, builders, and content creators actively contributing to the initiative, the day-to-day experience will feel familiar, but with clearer support structures.

Our established sprinting procedures remain completely unchanged. The community and partner teams will continue to collaborate on their scheduled sprints.

However, we are introducing two key improvements:

  1. Clear Authority and Direction: Our leads now have clear authority over their respective subject-matter areas. They will provide structured guidance and continuously groomed, public backlogs of issues for the contributors to Drupal AI.
  2. Improved Delivery and Speed: With structured coordination, individual contributions will integrate more seamlessly into the broader roadmap. Distributing this responsibility across more shoulders allows us to increase our overall delivery speed and execute on more complex strategic goals simultaneously.

This structural evolution ensures that everything built by both Inside AI and Outside AI integrates seamlessly with the broader Drupal AI roadmap and aligns directly with our collective short term and long-term goals.

How to Get Involved

As we step into this new phase of growth, we are looking for dedicated partners and brilliant minds to help execute our goals.

  • Become a Lead: If you have proven leadership within the Drupal AI ecosystem and want to actively guide a subject area (committing 1-2 days per week), we want to hear from you. Board-appointed lead positions are open to active, dedicated contributors.
  • Contribute to the Initiative: You can get involved with the initiative's next phase by:

Our AI Partners

The Drupal AI Initiative is made possible by the generous funding, resources, and technical contributions of our partner network. We are incredibly grateful to these companies for driving the future of open-source AI:

Founding Partners

Gold Partners

Silver Partners

You can view the full list and status of our contributing sponsors on the official Drupal AI Partners directory.

09 Jul 2026 2:44pm GMT

05 Jul 2026

feedSymfony Blog

A Week of Symfony #1018 (June 29 – July 5, 2026)

This week, Symfony released Twig 3.28.0, with improvements to macros and the sandbox. In addition, we published a case study on using Symfony in the industrial sector. Lastly, we proposed a redesign of the exception page for Symfony applications. Symfony…

05 Jul 2026 7:18am GMT

03 Jul 2026

feedSymfony Blog

Twig 3.28.0 released

Twig 3.28.0 is out. This release sharpens error reporting with column numbers, brings back dynamic macro calls through the dot operator, and continues to polish the sandbox with less runtime overhead and finer-grained allow-listing. As usual, it also ships…

03 Jul 2026 8:52pm GMT

02 Jul 2026

feedSymfony Blog

Case Study: Driving Green Innovation: How Symfony Empowered Veolia’s Digital Shift in Industrial Waste Management

When dealing with over 10 million tons of hazardous waste every year, IT operational efficiency is a prerquisite and a critical environmental and public health responsibility As the European leader in treating hazardous industrial waste and restoring…

02 Jul 2026 12:30pm GMT

01 Apr 2004

feedPlanet PHP

ezSystems are classy folks

cover
Last week I helped the folks at ezSystems debug some APC problems they were having. The problems ended up being a 64bit architecture problem (they have uber-fast Opterons) and the bug is now fixed in 2.0.3.

Today I received Python & XML from them (off my Amazon wishlist). Thanks guys!

On a side note, my wishlist seems borked. The list I get when I search on my email address or name is not the same one I can edit when I log into the site.

01 Apr 2004 6:53pm GMT

PHP april fools...

1st of April 2004 get's to it's end and I guess it's time, to summarize the recent April fools a bit. Not that I think anyone in the world believes in them, but some were quite funny:

1. Changes to case sensitivity in PHP.
Alan Knowles announced that PHP will change to the studlyCase API and therefor will get everything broken by changing established functions.

2. IBM takes over Zend.
Myself hacked a little article about IBM taking over Zend to make PHP a compete of Java.

3. The first PHP virus has been seen.
Wasn't there one last year, too?

4. PHP has been overtaken by Micro$oft.
Mhhh... a little bit unreliable, if they had been taken over by IBM this morning... Maybe one should first look, what others wrote...

5. And finally, PHP4 and 5 showed their real faces...
Take a look at a phpinfo() output!

I guess I missed some, so feel free to comment on this entry, if you found another!

01 Apr 2004 5:49pm GMT

PHP Virus Attacking Web Hosts

Symantec have a report of the virus here. I've yet to see any of the PHP news sites picking up on it but, using a virtual host account, managed to deliberately expose some PHP scripts to it. From examining the infected scripts, what's disturbing is once infected, every tim...

01 Apr 2004 12:19pm GMT