Sign up to be notified when Agaric gives a migration training:

We can look at the recent popularity of some widely used platforms like Zoom and ask ourselves some questions as to why we still use them when we know a lot of terrible things about them. Agaric prefers to use a free/libre video chat software called BigBlueButton for many reasons, the first one being the licensing, but there are many reasons.

Zoom has had some major technology failures, which the corporation is not liable to disclose. At one point, a vulnerability was discovered in the desktop Zoom client for MacOS that allowed hackers to start your webcam remotely and launch you into a meeting without your permission. The company posted a note saying that they fixed the issue. Unfortunately, the Zoom source code is proprietary and we are not even allowed to look at it. There is no way for the community to see how the code works or to verify that the fix was comprehensive.

The Zoom Corporation stated early on that the software was encrypted end-to-end (E2EE) from your device to the recipient's device. This was untrue at the time, but the company states that it has been corrected for users on their client app. While it is no longer true that E2EE is unsupported, it does require that you use the proprietary Zoom client for E2EE to work. Without E2EE, any data that is retrieved on its way from your computer to a server can be accessed! The only real security is knowing the operators of your server. This is why Agaric uses trusted sources like MayFirst.org for most of our projects and we have a relationship with our BigBlueButton host. The Intercept also revealed that Zoom users that dial in on their phone are NOT encrypted at all

BigBlueButton does not have a client app and works in your browser, so there is no E2EE. The idea for E2EE is that with it,  you "do not have to trust the server operator and you can rely on E2EE" because the model implies that every client has keys that are protecting the transferred data. However: you MUST still use a proprietary client in order to get the benefits of E2EE support, so once again you MUST trust Zoom as you have no permission to examine the app to determine that the keys are not being shared with Zoom.

Of course there is always the fact that hackers work day and night to corrupt E2EE and a Corporation is not obligated to tell you the customer every time there has been a security breach, and this information is usually buried in the terms of service they post - sometimes with a note saying the terms are subject to change and updates. A Corporation is not obligated to tell you, the customer when there has been a security breach" unless any personal information is exposed. There are now mandatory timely disclosure requirements for all states: https://www.ncsl.org/research/telecommunications-and-information-technology/security-breach-notification-laws.aspx ...Can Zoom really be trusted? As with some laws, the fine that is applied is low and affordable and subject to the interpretation of the courts and the status of knowledge your lawyer is privvy to - meaning most Corporations normally have a battery of lawyers to interpret the law and drag the case out until you are... broke.

In the case of BigBlueButton encryption, E2EE would only make sense if there are separate clients using an API to connect to the BBB server so a user does not have to trust the BBB server operator. If the user trusts the server operator, then there would be no need for E2EE." Lesson learned: It is always best practice to know and trust your server hosts as they are the ones that have the keys to your kingdom. 

Some technology analysts consider Zoom software to be malware. Within companies that use Zoom, employers are even able to monitor whether or not you are focusing on the computer screen during meetings which seems excessively intrusive. Speaking of intrusive, the Zoom Corporation also shares your data with FaceBook, even if you do not have a FB account - that could be a whole blog in itself, but just being aware of some of the vulnerabilities is a good thing to pass on. Some of the bad stuff remains even if you uninstall the Zoom app from your device! Even though a class action suit was filed over privacy issues, the company stock still continued to rise.

Those are many reasons why we do not support Zoom. But there are also many reasons why we prefer BBB over Zoom. Besides, BBB has many great features that Zoom lacks:

1. Easily see who is speaking when their name appears above the presentation.

2. Chat messages will remain if you lose your connection or reload and rejoin the room.

3. Video is HD quality and you can easily focus on a persons webcam image.

4. Collaborative document writing on a shared Etherpad.

5. Easily share the presenter/admin role with others in the room.

6. Write closed captions in many languages, as well as change the language of the interface.

7. An interactive whiteboard for collaborative art with friends!

One huge advantage of free software, like BBB, is that you can usually find their issue queue where you can engage with the actual developers to report bugs and request feature enhancements. Here is a link to the BigBlueButton issue queue.

So, why do people keep using a platform like Zoom, even though there are many features in BigBlueButton that are much better? 

There is very little publicity for free software and not many know it exists and that there are alternative solutions. You can find some great suggestions of software and switch to it by using this site called switching.software. The marketing budget for Zoom is large and leads you to believe it has everything you will need. Sadly their budget grows larger everyday with the money people pay for subscriptions to the platform. As a result, many people go with it as it is already used by their friends and colleagues, even though there are reports of irresponsible behavior by the Zoom Corporation. This is why the New York school system does not use Zoom and many organizations are following suit. The company gives people a false sense of security as it is widely used and very popular.

Of course, there are reasons to avoid other proprietary chat platforms too...

Agaric offers BigBlueButton for events and meetings. Check out our fun BBB website at CommunityBridge and test drive the video chat yourself!

If this discussion interests you, please share your thoughts with us in the comments.

Looking to learn more about problems with Zoom? There are a lot of articles about Zoom scandals.

• If you need to leak a zoom video without being identified, you need to be very careful!
• Zoom censorship of Palestine seminars sparks fight over academic freedom
• Zoom encryption is not suited for secrets
• Zoom is unclear about whether or not the app is actually end-to-end encrypted, which it isn't.
• And, yes - the wikipedia page has a good summary of some issues
• Stallman provides resources on what is bad about Zoom also

Looking to learn more about protecting your privacy online? These links have some helpful information and videos for tech-savvy people and organic folks alike!

• The Hated One
• Rob Braxman Tech
• Safe Services

2021 could be the year we all begin to STOP supporting the Corporations that oppress us. 

Special thanks to Keegan Rankin for edits!

The program for DrupalCon is evolving constantly. Among the changes for Nashville 2018 new tracks have been added and some have been merged. That is the case for the Symfony and PHP tracks.

Many topics clearly belong to a single track, but others could fit in more than one. When we had a dedicated Symfony track a session about Twig could be submitted to the Symfony or front end tracks. A session about Drupal Console could be submitted to the Symfony, the PHP, or back end tracks. In an effort to reduce confusion in the call for proposal process, the track team has agreed on the following:

• The back end development track is for sessions focused on Drupal coding and development practices.
• The PHP track is for sessions that cover the broader PHP ecosystem. These sessions can be related to Drupal, but focused on an external project/library like composer, or PHPUnit, Symfony components.
• The Symfony track merged with the PHP track.

Undoubtedly Symfony plays a key role in Drupal. Symfony 4 has just been released and it would be great to learn about what the future looks like. We want to learn about what is new in the latest version and what benefits adopting it would bring. We are also interested in sessions that would allow developers to learn from each other. What does a Symfony developer need to know to write Drupal code? What does a Drupal developer needs to know about Symfony to become a better developer? In other words - how to make proper use of Symfony components and related best practices.

Other session ideas include best practices on using Composer, PHPUnit, and third party libraries; new features in PHP 7; functional, asynchronous, and reactive programming; machine learning; micro services; etc.

If you want to attend DrupalCon Nashville, but the cost of attending is too high there are some ways to reduce the expenses:

• Getting a session selected gives you a DrupalCon ticket.
• You can get a $350 stipend to help cover expenses if your session is selected and you identify yourself within at least one of the "Big Eight" Social Identifiers. This is part of an effort to increase diversity at DrupalCon.
• If you volunteer as a mentor, you can get a free ticket. No need to be a speaker for this one.
• There are grants and scholarships that can provide a ticket and/or money to cover expenses. No need to be a speaker for this one.

The track team for DrupalCon Nashville 2018 is here to help you during the session submission process. We can help review proposals, suggest topics, and clear any doubt you might have. For the PHP track, Chad Hester, Tim Millwood, and myself are ready to help.

For people who have not presented before and for those of underrepresented groups, the Drupal Diversity and Inclusion Initiative has created a channel in Slack to help them with the proposal project. Mentoring is available at drupal.org/slack

The call for proposals closes in less than a month on January 17. Do no leave things until the last minute. We look forward to your session submissions!

You've built sites with Drupal and know that with a few dozen modules (and a ton of configuring), you can do nearly everything in modern Drupal.

But what do you do when there's not a module for that? When the modules that exist don't meet your needs, and cannot be made to by contributing changes?

You make your own.

This blog post accompanies the New England Drupal Camp session and helps you take that step. All you need to do is write two text files. The first file tells Drupal about the module; it is not code so much as information about your code. The second file can have as little as three lines of code in it. Making a module is something that anyone can do. Every person developing a module is still learning.

Slides source code: https://gitlab.com/agaric/presentations/when-not-a-module-for-that

(Site with slides coming.)

This is about the simplest module you can make, and—unlike the popular implications of its name—is not growing by adding bits and pieces of other modules as we build a monstrosity (that is what we will do later, as exhuming and incorporating adaptations of other modules' code is our main technique for making new modules).

Frankenstein (example) | Drupal.org

Sharing your module out into the world

Put your module on Drupal.org: drupal.org/node/add/project-module

(I honestly do not know where they hide that link, but remember on any Drupal site you can go to /node/add and see what content you have access to create, and that includes creating projects on Drupal.org!)

It will start its life as a "sandbox" module by default.

Tip: Do not try to choose a part of core under "Ecosystem", and always check that the node ID it references is really one you want— there are a lot of projects with similar or even the same name.

Do not get overwhelmed; you can come back and edit this page later.

Press Save.

Then press the Version control tab to go to a page with Git instructions tailored to your module.

If you have already started your module and made commits in a repository dedicated to only your module, make certain your commits are on a branch named 1.0.x (the instruction included there git checkout -b 1.0.x will be enough to do that) and then follow only the git remote add and git push steps.

Double-checked to make certain the "Frankenstein" example module would not be better an example of when already "There's a module for that" and discovered the sad backstory— it exists in Drupal 7, people wanted it ported to modern Drupal, someone did port it to modern Drupal, but in a private GitHub repository and module maintainers did not take action and now that repo is gone.

Contributing to an existing module

(To do: Make into its own post.)

I apologize, on behalf of all of Drupal, that this is harder than it ought to be.

First, create an issue (if there is not one already) stating the needed feature or bug fix.

Before you start modifying the module's code, go into your project's composer.json and edit the version of the module you are using and want to contribute to and make it the dev version.

If you have gotten the module as ^3.0@RC for example, change that to ^3.0.x-dev@dev.

Run composer update.

Now, so long as you do not have a restriction in your composer.json, composer will get the git repository of that module for you and put it in the usual place for contributed modules, such as web/modules/contrib.

From the command line (terminal), change directory to the module you are modifying and have filed an issue against (for instance, cd web/modules/contrib/example).

Back on your issue, press the light green "Create issue fork" button and follow the instructions it adds to the issue to issue under the "Show commands" link, to the right of the issue fork.

The lines you want to copy paste are under the first "Add & fetch this issue fork’s repository" and the "Check out this branch" copy code sections in that expanded "Show commands" section.

Make your code changes and git add them. You can copy the entire line to git commit from the bottom of the issue. And finally, git push.

Now you need to make a merge request.

In the issue, press the link to your issue fork. If you do not see a blue button "Create merge request" at the top of this page, you need to log in. Pressing "Sign in" is likely to log you in automatically because you are already logged in to Drupal.org, but you have to press it.

Press the blue "Create merge request" button at the bottom of the form pressing the first blue "Create merge request" button took you to.

To keep using the improvements you contributed to the module while waiting for them to be reviewed and, with lots of luck, eventually merged in, make a couple more modifications to your project composer.json file. The information you need is the same as you put into the module's git configuration with the issue fork repository and branch checkout commands you copy and pasted above. We can get that information again most easily by opening up the .git/config file in the module (or theme) you have been contributing to, and use the URL under "origin" in your "repositories" section of your composer.json and the branch name at the bottom of the .git/config in the "require" section, like this:

    "repositories": {
        "drupal/example": {
            "type": "git",
            "url": "https://git.drupalcode.org/issue/example-123456.git"
        }
    },
    "require": {
        "drupal/example": "dev-123456-issue-fork-branch-name",
    },

Resources

• How to become project owner, maintainer, or co-maintainer | Offering to become a project owner, maintainer, or co-maintainer | Drupal Wiki guide on Drupal.org

Drupal Slack channels

First, join Drupal Slack if you need to; more info on that at drupal.org/slack.

• #support
• #general
• #contribute
• #maintainers

Drupal Hooks

Old-style hooks take the hook name ("hook_something_cool") and replace hook with the module machine name ("example") and so having a function example_something_cool— this was the old way of doing namespaces with a sort of honor system. You do not have to worry about that anymore except insofar as you can recognize this style of hook in existing code to use as examples when you are writing new, cool hooks that use actual PHP namespaces.

The Drupal API's listing of all hooks (at api.drupal.org/api/drupal/core!core.api.php/group/hooks) opens with examples of implementing and changing the order of hooks.

The main thing it leaves out is where you actually put the hook implementations: In your module's folder inside a src/Hook subdirectory. Each set of hooks that will be called at the same time or that . At the top of this file goes a namespace declaration:

namespace Drupal\example\Hook;

Not changing example (or whatever it is in the example you copy) to match your module's machine name, or forgetting or making a typo in this line, is the first thing to check for if your hook does not seem to be having any effect.

The listing of hooks to see ways you can, well, hook into Drupal is a bit lower down on that page.

You have been successfully signed up to learn about data migration training opportunities.

This month, the National Institute for Children's Health Quality is celebrating Agaric's support in making the most of the digital health revolution, part of their 20th anniversary campaign.

It got us thinking about how long we've been working in the space. Indeed, Agaric is proud to have been helping medical and scientific communities almost from our founding.

In 2008, we started building biomedical web communities enriched by semantic data. Working with researchers Sudeshna Das of Harvard University and Tim Clark of Massachusetts General Hospital, both affiliated with Harvard's Initiative in Innovative Computing, we were the primary software developers for the Scientific Collaboration Framework, a reusable platform for advanced, structured, online collaboration in biomedical research that leveraged reference ontologies for the biomedical domain. Making use of academic groups actively publishing controlled vocabularies and making data available in the Resource Description Framework (RDF) language, we built on work done by Stéphane Corlosquet, a lead developer in adding RDF to the Drupal content management system, to build the Science Collaboration Framework. SCF supported structured ‘Web 2.0’ style community discourse amongst researchers when that was a new thing, and made heterogeneous data resources available to the collaborating scientist, and captured the semantics of the relationship among the resources giving structure to the discourse around the resources.

Read more about it in Building biomedical web communities using a semantically aware content management system in Briefings in Bioinformatics from Oxford Academic.

Agaric led the work of building the website for an online community of Parkinson's disease researchers and research investors, on the Science Collaboration Framework, for the Michael J. Fox Foundation for Parkinson's Research.

In 2012, we worked with Partners In Health to create a site for people on the front lines of combatting tuberculosis to share and discuss approaches.

In 2015, we began contributing to the Platform for Collaborative and Experimental Ethnography. PECE is "a Free and Open Source (Drupal-based) digital platform that supports multi-sited, cross-scale ethnographic and historical research. PECE is built as a Drupal distribution to be improved and extended like any other Drupal project." We primarily worked on the integration of PECE's bibliography capabilities with Zotero's online collaborative bibliography services.

Also in 2015, we took on the exciting work of rebuilding the Collaboratory—a platform designed specifically to help improvement teams collaborate, innovate, and make change—for the National Institute for Children's Health Quality.  We're proud to be NICHQ's 2020 partners in making the most of the digital health revolution.

All in all, we're impressed by our twelve years of building sites for the scientific and medical communities, and looking forward to helping shape a healthy future.

Video embed

Learning objectives

• When it makes sense to make a module (the hierarchy of code usage).
• Options for extending and overriding functionality provided by Drupal core and other modules.
• How to write a module that plays well with Drupal core and other modules.
• How to build a contrib-worthy module.
• Working with version control and Drupal's GitLab instance.
• The steps to opting in to Drupal security coverage and collaborating with the security team.
• Ways to contribute to or even maintain an existing module (avoiding making one!).
• And how to continue learning on your own.
• After this training you will be able to make Drupal modules, and contribute and maintain them on Drupal.org!

Prerequisites

The only prerequsite is having done some site building with Drupal, and so having familiarity with Drupal configuration and its limits. Information gained will be equally relevant to any version of modern Drupal, including 10, 11 and the coming Drupal 12.

This training is targeted to beginners, but as it is chock full of tips we expect people at intermediate and even advanced levels with Drupal to get significant benefit.

Making a module is something that anyone can do.  A useful one may be only two files with a few lines each.  There are many (mostly simple) rules to follow and tons of tools to use—and lots of exploration to do. Every person developing a module is still learning!

Setup instructions

A working Drupal 11 installation using DDEV will be provided.

This training will be provided over Zoom. You can ask questions via text chat or audio. Sharing your screen is optional, but you might want to do it to get assistance on a specific issue. Sharing your camera is optional.

What to expect

Prior to the training

Attendees will receive detailed instructions on how to setup their development environment. In addition, they will be able to join a support video call days before the training event to make the the local development environment is ready. This prevents losing time fixing problems with environment set up during the training.

On the days of the training

• The training totals 7 hours of instruction, which we usually split into 2 sessions
• A team of developers available to answer questions and help with training-related issues

After the training

• Attendees will receive a copy of the training recording.
• Attendees will receive a certificate of completion.

Full participation in Agaric's Drupal 8 migrations quickstart (half-day training) and Drupal 8 content migrations (full-day training) courses requires a working, local installation of Drupal 8.

The morning can be done online with a Pantheon.io free development site or SimplyTest.me (only web browser and working internet connection required).

Development Environment

The afternoon portion of the training requires a local dev environment— if you aren't able to get this set up ahead of time, we can help you during a break.  The two approaches we have tested:

• DrupalVM (requires VirtualBox and Vagrant)
• Alternatively and as a fallback, Drupal's quick start with PHP's built-in server

All of these approaches work on GNU/Linux, MacOS, and Windows.

Prerequisites

Although no prior Migrate module knowledge is required, it is expected that you have a basic understanding of nodes, content types, and fields. You can learn about these and other Drupal concepts by watching this session recording.

A working Drupal 8 installation is required. It is possible to follow some examples using a hosted Drupal service like pantheon.io To get the most out of the training a local installation is needed. Installing Drupal locally using composer is recommended.

Drush needs to be installed in order to run migrations from the command line. Xdebug and PHPStorm are used for the debugging example (techniques apply for other debuggers and IDEs).

It is recommended to use DrupalVM and configure it to use the drupal composer template.

Follow the quickstart guide to install DrupalVM with the xdebug extra package.

Install the following contrib modules:

• address
• entity_reference_revisions
• migrate_plus
• migrate_source_csv
• migrate_tools
• paragraphs

Assistance can be provided before the training starts, but it is better to come with your local environment already set up.

Anthropologist Kasey Qynn Dolin noted, of our societal moment that COVID-19 has thrown into sharp relief:

We expected going online would lead to mass democratization and access to information that empowers large groups of people.

Instead, we got outsourced.

Online connectivity gave people who own means of production the ability to outsource work in a way that offloads expenses— the cost of the things which generate the conditions for the wealthy and powerful to profit in the first place. Some of this, like shifting the expenses of maintaining fleets of vehicles off of a corporation's balance sheet, have been celebrated as technology-enabled innovations in business models. This is usually a big charade, a technological gloss on what is just another, relatively minor, attempt to concentrate wealth and power. Meanwhile, the biggest return on capital and the biggest harmful effects on people come from practices that business media don't focus on.

The world going online has helped the owning class shift the costs of workers simply living (health care, child care, retirement, sustenance or more-than-sustenance wages) onto people, communities, and whole nations less able to hold global corporations to account.

There are a couple big reasons this happened.

First, technology is not neutral, and it tends to serve the needs of those who shape it.

Even with the incredible historical happenstance of US military money flowing to academic researchers who developed and incubated an Internet that was computer-to-computer rather than hierarchical…

…and even with the impressive tradition of technologists making decisions openly and favoring adopting standards by rough consensus that allow unaffiliated parts to work with one another…

…the services built on the Web and other Internet-based protocols and standards reflect the desire for control (for wealth and for power) held by corporations, governments, and venture capitalists— because these are the entities that have been spending the money and increasingly calling the shots for the past twenty years.

Second, the same reason a miracle was required to make the Internet distributed in the first place has worked against many of the technologies built on the Internet being peer-to-peer— it is hard to come to agreement on protocols and hard to make them easy to use. It is easier to build software and services which are ultimately within one organization's control, and the organizations with the resources to do even this have tended to be the same ones centralizing power (with notable exceptions such as Wikipedia and the Internet Archive).

Similarly to networked computers, in the world of organized humans it is very hard to develop ways to build shared power. It is much easier to use communications technology to move work and consequences farther from those who already hold centralized power.

However, these facts working against us don't mean we have to take our struggle for our human rights and for justice entirely offline. And struggle we must, because the people who hold wealth and power now are seeing, in this health and economic crisis, just how much can be denied us without threatening their wealth and power.

A lot of the technology developed for business as usual, even the proprietary stuff we don't actually control like Slack and Google Docs, can be put to use by movements for justice and liberty. There are a lot of similarities in tools people need in order to work together, whether in companies or in community groups. That is not to say that the movement to build truly free as in freedom alternatives to these is not good and important. Indeed, the development of free libre open source software is downright great and vital when led by or done in direct collaboration with groups marginalized by capitalism that do have different needs, such as a threat model that must take into account government repression and fascist threats.

But we need to concentrate our finite time on building technology corporate and political masters would never want built.

We need to focus on that which builds shared power. We need to build ways to share power.

Power is organization. People organized in large groups can hold even global corporations to account. We can replace existing structures, as proves needed, to gain the sustenance needed for life; to gain the justice of a common share of all that nature has given and all that humanity has worked for; and to gain the freedom to do what we choose with it all.

Any group with that level of power is unlikely to keep true to universal human rights and and all the rest unless power stays distributed within it— ideally throughout all society.

Formal democracy, however flawed or perfected, has never been enough and will never be enough.

We need ways of communicating and making decisions that work well and keep power distributed.

Sharing the power which is inherent in controlling communication and in making decisions requires sharing the work of both.

There's endless creativity required in getting people to see a better world is possible, and infinite strategy needed to achieve it. Thinking about how to share power while building power is necessary, but it is too much to have to figure out from scratch while doing everything else. It is as unrealistic to expect every group of people who give a damn to craft tech for mass democracy and distributed power as it is to expect every group of people to make their own word processing and web publishing software.

Which is why we need to build online tools for sharing the power that we achieve by organizing.

One indispensable piece, unsolved in practice but in theory solvable technically, is distributing the power of coordinated messaging. Coordinated messaging, in turn, is the root of both collective decision-making and coordinating action.

We need to build up this power to coordinate and communicate while being confident we will be able to use this power collectively. Here is a way that could work:

A person who is part of a movement has a piece of information they think every person in the movement should know, or that they think should be spread as widely as possible to the public. They have to go through some process that is the same for everybody, such as getting any two people in the movement to approve the content and crafting of the message. Then the proposed communication goes not to a standing committee but to a small group of people randomly drawn from the movement and asked to decide if it's something everybody should see now, or not.

That's the technology I want to build to make us all going online finally lead to mass democratization and power for all people over their own lives.

Join me.

About the trainers:

Agaric builds websites and online platforms that give people more control over their technology, including working with Drupal for more than thirteen years. They bring their expertise in backend development and Drupal migrations to projects for clients in different sectors including government, education, businesses, and not-for-profits/NGOs. Agaric is committed to giving back to the community. Over the last few years, they have presented 40+ sessions and full day trainings in 16+ DrupalCamps and DrupalCons in the Americas and Europe.

Benjamin Melançon (mlncn on drupal.org) has been working with Drupal since 2005.  He led the 36 author project that produced the Definitive Guide to Drupal 7 and contributed dozens of modules to Drupal 5, 6, 7, and 8.  For client projects, Benjamin uses this deep understanding of Drupal internals along with more general frontend, backend, and infrastructure knowledge to make sure requirements and expectations are met. He is a frequent speaker at Drupal and other technology events in North America.

Mauricio Dinarte is passionate about teaching. He is creating educational material in English, Spanish, and French to help break the language barrier when learning Drupal and other technologies. Check out his educational project at https://understanddrupal.com.

MASS Design Group is an innovative non-profit architecture firm that collaborates with the communities and individuals they serve. Their belief that “Architecture is never neutral. It either heals or hurts.” is a powerful parallel to our own assertion that digital architecture shapes how we communicate and congregate online.

Benjamin Melançon of Agaric helped with a patch for the Drupal 7 version of Insert module.

Agaric adapts our approach to fit each project. Some building blocks to our approach are so fundamental that we use them on nearly every Drupal project we work on. These are those fundamental aspects to our approach.

Results-Driven Design

Design decisions will be made whether intentionally or not, so it pays to go in with a plan. Design can be a nebulous, subjective process.  We give that process structure and purpose by focusing on the results. The design system we create speaks to your audience and meets your goals. We share our designs early, with real content, and in as interactive of a way as possible with your key stakeholders.

Content Strategy and Information Architecture Approach

We will work closely with your team to define an effective content strategy for your website and a clean, scalable information architecture. These will result in the following deliverables:

• Website goals
• User personas
• Content style guide
• Sitemap
• Technical architecture

Knowing that design is never truly done, we like to get the design "80% of the way there", and then apply it to the actual site. That way we can improve and refine along the way using the actual site, not static files open to misinterpretation.

We begin with a clean, responsive theme.  We then identify and implement the customizations that will set your website apart and best tell your story, reflecting the unique voice and tone of your organization.  By launch time your site will have a design that is:

• On-brand – speaks to your audience
• Results-driven – prioritizes the right content in the right contexts
• Secure – built on a theme covered by the Drupal security team and implementing security best practices
• Accessible – works with assistive devices and keyboard-only navigation
• Responsive – looks beautiful on any device
• Extensible – well organized templates to easily adjust or add new design components as your site evolves.

Development Approach

After defining the information architecture we will write user stories to clearly define the site's functionality. We use the agile methodology to prioritize together the critical functionality first, getting a functional site in your hands as soon as possible for review.

We continue this iterative and collaborative development cycle in two week sprints, always building the most relevant functionality.

Digital Commons Development

Drupal is a free software project built by thousands of designers and developers. As a result, your site benefits from security coverage and high quality code that follows best practices and ongoing maintenance and improvement.

As leaders in the Drupal community, we contribute to Drupal Core and maintain dozens of public modules (called "contributed modules" in the Drupalsphere) used by thousands of sites. For nonprofits in particular we are helping to build a Drupal 8 distribution putting together and providing ready-to-go configuration for key modules, many of which we also contribute to.

We draw from shared solutions whenever possible, tapping into and contributing back to this digital commons, because it saves time by not reinventing the wheel, and ensures your site continues to be maintainable and benefits from ongoing improvements from the community.

Accessibility

It is critical that your site be accessible to as many people as possible, including those using screen readers. To that end, all of our work is built to support compliance with W3C Web Content Accessibility Guidelines (WCAG) 2.0. The WCAG Guidelines, however, are not comprehensive and so we go beyond those guidelines to ensure high accessibility. Lastly, much of what makes a site accessible happens on the content entry and management side. We will provide resources for your content team so that after the site launches, you can rest assured that what you are creating is reaching as many people as possible.

Search Engine Optimization

Our developers will also follow SEO best-practice development and utilize Drupal’s range of SEO-related features that allow administrators to edit page titles, implement human-readable and editable URLs, enter meta tag information, and more. For further SEO-related services, we can also recommend SEO consultants.

While working on making a module compatible with Drupal 9 I found that the module was using an obsolete function that had been replaced with a new service. It was something like this:

/**
 * My plugin.
 *
 * @SearchPlugin(
 *   id = "my_plugin",
 *   title = @Translation("My plugin")
 * )
 */
class MyPluginSearch extends SearchPluginBase implements AccessibleInterface, SearchIndexingInterface {

  /**
   * {@inheritdoc}
   */
  public static function create(
    ContainerInterface $container,
    array $configuration,
    $plugin_id,
    $plugin_definition
  ) {
    return new static(
      $configuration,
      $plugin_id,
      $plugin_definition
    );
  }

  /** ... **/
  public function indexClear() {
    search_index_clear($this->getPluginId());
  }
}

The function search_index_clear is now part of the new search.index service that was added in Drupal 8.8. In order to keep this working on Drupal 8.8+ and Drupal 9 we need to inject the service in the create function. But if we do this unconditionally, we will get an error in Drupal 8.7 because that service was added on 8.8. What to do then?

Fortunately years ago I read an article that addressed a similar need. It talked about how to safely extends Drupal 8 plugin classes without fear of constructor changes. In my case I didn't want to change the constructor, so as to keep it compatible with Drupal 8.7 and below. At the same time, I wanted to inject the new service to use it in Drupal 8.8+ and Drupal 9. I just modified a bit my code to something like this:

/**
 * My plugin.
 *
 * @SearchPlugin(
 *   id = "my_plugin",
 *   title = @Translation("My plugin")
 * )
 */
class MyPluginSearch extends SearchPluginBase implements AccessibleInterface, SearchIndexingInterface {

  /** ... */
  protected $searchIndex;

  /**
   * {@inheritdoc}
   */
  public static function create(
    ContainerInterface $container,
    array $configuration,
    $plugin_id,
    $plugin_definition
  ) {
    $instance =  new static(
      $configuration,
      $plugin_id,
      $plugin_definition
    );

    // Only inject the service in Drupal 8.8 or newer.
    if (floatval(\Drupal::VERSION) >= 8.8) {
      $instance->searchIndex = $container->get('search.index');
    }

    return $instance;
  }

  /** ... **/
  public function indexClear() {
    if (floatval(\Drupal::VERSION) >= 8.8) {
      $this->searchIndex->clear($this->getPluginId());
    }
    else {
      search_index_clear($this->getPluginId());
    }
  }
}

And that's it, Drupal 8.8 and newer will take advantage of the new service while we keep this compatible with Drupal 8.7. This will give users more time to upgrade to Drupal 8.8+ or Drupal 9.