How to create a partial date field in Drupal (i.e. Year & Month without Day)

ashrafabed Fri, 04/26/2024

26 Apr 2024 3:54am GMT

25 Apr 2024 6:00pm GMT

The Drop Times delves into the dynamics of the Drupal community with a detailed analysis of LinkedIn data, revealing the distribution and growth trends of Drupal professionals worldwide. This comprehensive study sheds light on regional concentrations and potential areas for community engagement.

25 Apr 2024 1:32pm GMT

EDIT 2024-04-25: Clarified when a PHP application is vulnerable to this bug.Recently, a bug in glibc version 2.39 and older (CVE-2024-2961) was uncovered where a buffer overflow in character set conversions to the ISO-2022-CN-EXT character set can result in remote code execution. This specific buffer overflow in glibc is exploitable through PHP, which exposes the iconv functionality of glibc to do character set conversions via the iconv extension. Although the bug is exploitable in the context of the PHP Engine, the bug is not in PHP. It is also not directly exploitable remotely. The bug is exploitable, if and only if, the PHP application calls iconv functions or filters with user-supplied character sets. Applications are not vulnerable if: Glibc security updates from the distribution have been installedOr the iconv extension is not loadedOr the vulnerable character set has been removed from gconv-modules-extra.confOr the application passes only specifically allowed character sets to iconv. Moreover, when using a user-supplied character set, it is good practice for applications to accept only specific charsets that have been explicitly allowed by the application. One example of how this can be done is by using an allow-list and the array_search() function to check the encoding before passing it to iconv. For example: array_search($charset, $allowed_list, true) There are numerous reports online with titles like "Mitigating the iconv Vulnerability for PHP (CVE-2024-2961)" or "PHP Under Attack". These titles are misleading as this is not a bug in PHP itself. If your PHP application is vulnerable, we first recommend to check if your Linux distribution has already published patched variants of glibc. Debian, CentOS, and others, have already done so, and please upgrade as soon as possible. Once an update is available in glibc, updating that package on your Linux machine will be enough to alleviate the issue. You do not need to update PHP, as glibc is a dynamically linked library. If your Linux distribution has not published a patched version of glibc, there is no fix for this issue. However, there exists a workaround described in GLIBC Vulnerability on Servers Serving PHP which explains a way on how to remove the problematic character set from glibc. Perform this procedure for every gconv-modules-extra.conf file that is available on your system.Once an update is available in glibc, updating that package on your Linux machine will be enough to alleviate the issue. You do not need to update PHP, as glibc is a dynamically linked library.PHP users on Windows are not affected.There will therefore also not be a new version of PHP for this vulnerability.

24 Apr 2024 12:00am GMT

I'm a maintainer of several small open-source libraries. It's a fun activity. If the scope of the library is small enough, the maintenance burden is typically fairly low. They're usually mostly 'done', and I occasionally just need to answer a few questions per year, and do the occasional release to bring it back up to the current 'meta' of the ecosystem.

Also even though it's 'done', in use by a bunch of people and well tested, it's also good to do a release from time to time to not give the impression of abandonment.

This weekend I released a 2.0 version of my bigint-money library, which is a fast library for currency math.

I originally wrote this in 2018, so the big BC break was switching everything over to ESM. For a while I tried to support both CommonJS and ESM builds for my packages, but only a year after all that effort it frankly no longer feels needed. I was worried the ecosystem was going to split, but people stuck on (unsupported) versions of Node that don't support ESM aren't going to proactively keep their other dependencies updated, so CommonJS is for (and many others) in the past now. (yay!)

Probably the single best way to keep maintenance burden for packages low is to have few dependencies. Many of my packages have 0 dependencies.

Reducing devDependencies also helps. If you didn't know, node now has a built-in testrunner. I've been using Mocha + Chai for many many years. They were awesome and want to thank the maintainers, but node --test is pretty good now and has pretty output.

It also:

• Is much faster (about twice as fast with Typescript and code coverage reporting, but I suspect the difference will grow with larger code bases).
• Easier to configure (especially when you're also using Typescript. Just use tsx --test).
• It can output test coverage with (--experimental-test-coverage).

Furthermore, while node:assert doesn't have all features of Chai, it has the important ones (deep compare) and adds better Promise support.

All in all this reduced my node_modules directory from a surprising 159M to 97M, most of which is now Typescript and ESLint, and my total dependency count from 335 to 141 (almost all of which is ESLint).

Make sure that Node's test library, coverage and assertion library is right for you. It may not have all the features you expect, but I keep my testing setup relatively simple, so the switch was easy.

21 Apr 2024 3:00am GMT

jQuery's influence on the web will always be evident. When it was first introduced in 2006, jQuery became a fundamental tool for web developers almost immediately. It simplified JavaScript programming, making it easier to manipulate HTML documents, handle events, perform animations, and much more. Since then, it has played and continues to play a major … Continue reading →

17 Apr 2024 5:00pm GMT

Concealing Cacophony

Tuesday, April 16th 2024, 14:30 BST

London, UK

Over the last few weeks I have been publishing a series of videos on writing PHP extensions.

I record these videos through OBS, and then slice and dice them with Kdenlive. This editing is necessary to make up for my mistakes, shorten the time we wait for things to compile, and to remove the noise of me hammering away on my keyboard.

Editing takes a lot of time, and I still wasn't always pleased with the result as there was still a fair amount of noise while I am talking.

For the PHP Internals News podcast, I used a set of noise cancellation filters, which worked wonders. But it turns out that Kdenlive does not come with one built in.

I had a look around on the Internet, and learned that there is a LADSPA Noise Suppressor for Voice plugin. LADSPA is an open API for audio filters and audio signal processing effects. LADSPA plugins can be used with Kdenlive.

Some Linux distributions have a package for this LADSPA Noise Suppressor for Voice, but my Debian distribution bookworm does not.

I found instructions that explain how to build the plugin from source. These instructions worked after some tweaks. I ended up creating the following script:

#!/bin/bash

sudo apt install cmake ninja-build pkg-config libfreetype-dev libx11-dev libxrandr-dev libxcursor-dev
git clone https://github.com/werman/noise-suppression-for-voice /tmp/noise
cd /tmp/noise
cmake -Bbuild-x64 -H. -GNinja -DCMAKE_BUILD_TYPE=Release
sudo ninja -C build-x64 install

After running this script, and restarting Kdenlive, I found the installed plugin when I searched for it.

With the plugin loaded, I now have much clearer sound, and I also don't have to edit the sections where I am typing, as the plugin automatically handles this.

I will still have to edit out my mistakes.

I then also had a look at how it worked. It turns out that this plugin uses neural networks to cancel the noise.

In the background, it uses the RNNoise library which implements an algorithm by Jean-Marc Valin, as outlined in this paper. There is an easier to read version of how the algorithm works on his website.

The data to train the model is also freely available, and uses resources from the OpenSLR project. Noise data is also available there. From what I can tell, all this data was contributed under reasonable conditions, and not scraped from the internet without consent. That is important to me.

Hopefully, from the third video in the series, you will find the sound quality much better.

16 Apr 2024 1:30pm GMT

Breakouts Day 2024 was the first experiment with a fully remote version of the breakouts sessions popular at W3C's annual big meeting. In this post we summarize key aspects of the event.

03 Apr 2024 4:19pm GMT

This blog post introduces an analysis of the systemic impact, on the Web, of AI systems, and in particular ones based on Machine Learning models, and the role that Web standardization may play in managing that impact.

13 Mar 2024 9:08pm GMT

In this blog post, W3C CEO Seth Dobbs depicts how from a humble beginning 35 years ago, the Web is now central to the daily lives of billions of people.

12 Mar 2024 2:10pm GMT

jQuery 4.0.0 has been in the works for a long time, but it is now ready for a beta release! There's a lot to cover, and the team is excited to see it released. We've got bug fixes, performance improvements, and some breaking changes. We removed support for IE<11 after all! Still, we expect disruption … Continue reading →

06 Feb 2024 4:43pm GMT

jQuery 3.7.1 has been released! This release fixes a regression from jQuery 3.6.0 that resulted in rounded dimensions for <tr /> elements in Chrome and Safari. Also, a (mostly) internal Sizzle method, jQuery.find.tokenize that was on the jQuery object was accidentally removed when we removed Sizzle in jQuery 3.7.0. That method has been restored. As … Continue reading →

28 Aug 2023 1:40pm GMT

When it comes to crafting an article, the headline is crucial for grabbing the reader's attention and enticing them to read further. In this post, I'll explore the 7 types of article headlines and provide examples for each using the subjects of product management, user experience design, and search engine optimization. 1. The Know-it-All The […]

The post 7 Types of Article Headlines: Craft the Perfect Title Every Time first appeared on Smiley Cat.

29 May 2023 10:20pm GMT

Product management is one of the most exciting and rewarding careers in the tech world. But it's also one of the most misunderstood and misrepresented. There are many myths and misconceptions that cloud the reality of what product managers do, how they do it, and what skills they need to succeed. In this blog post, […]

The post 5 Product Management Myths You Need to Stop Believing first appeared on Smiley Cat.

09 Apr 2023 5:28pm GMT

The role of a product manager is crucial to the success of any product. They are responsible for managing the entire product life cycle, from conceptualization to launch and beyond. A product manager must possess a unique blend of skills and qualities to be effective in their role. Strong strategic thinking A product manager must […]

The post The Key Strengths of the Best Product Managers first appeared on Smiley Cat.

11 Dec 2022 4:43pm GMT