One of my clients has started using a automated security scanning tool to regularly crawl their Drupal site looking for vulnerabilities. In their first run of the tool, it identified only one issue: a "predictable resource location" vulnerability based on the presence of the web.config file in the Drupal docroot.
"The only thing that saves us from the bureaucracy is inefficiency. An efficient bureaucracy is the greatest threat to liberty."
I wrote the following piece after looking into the Executive Order on Open Data. The original is published at https://www.acquia.com/blog/what-does-white-houses-executive-order-mean…
Recently at work, one of the site managers asked for a listing of which nodes on the site were using the auto-generated Pathauto paths and which were not. Should be easy, right? Just figure out where Pathauto stores whatever variable it uses to indicate if a node has the "Automatic alias" parameter set and dump the list. Turns out, actually no, it's not that simple. Pathauto doesn't store a variable.
One of the initiatives begun since I came on board at USP is to convert the team from using CVS for version control to using Git. CVS was performing adequately in most respects, but the leadership recognized that Git is the de facto industry standard these days and that, beyond the technical benefits of moving to Git, there was value in keeping up with the standards of the industry and the Drupal community. The question, then, was how to best accomplish the change.
On July 13th, I'll bid farewell to GDIT and the EOP and move on to the next step in my career. It's been an honor to work with the team there and I've learned more in the past year than I would have imagined possible, a small sampling of which are below.
The openid_selector_inline submodule of OpenID Selector provides interface elements that replace the core OpenID input field with provider icons that users can click to authenticate to their identity provider. The module provides no real configuration options, though. When enabled, it automatically places its icons on the /user/login form and on the login block.
This morning, I went looking for a means to automatically create a Taxonomy term when a new node of a given type is published. To my surprise, though, the old Taxonomy action set which appeared in the D6 version of Rules was missing from the D7 version of Rules. A quick search of the Rules issue queue revealed that I wasn't the only one looking for Taxonomy actions. Several more minutes of poking around the interface revealed that the solution is there, it's just obscured in the interface.