Drupalicon graphic

An update was released to our development environment on Tuesday, November 22nd, 2016 and will be released to production sites on Thursday, December 1st, barring any security/emergency updates. The following updates have been applied:

Major Version Upgrade

  • 7.51 Issues – more than 10 updates/bugfixes. Please see 7.51 release notes for details.

Drupal Core Bug Fix/Security Updates

  • 7.52 Issues
    • Less Critical
      • Inconsistent Naming for Term Access Query
      • Incorrect Cache Context on Password Reset Page
    • Moderately Critical
      • Confirmation Forms Allow External URLs to be Injected
      • Denial of Service Via Transliterate Mechnism

New Modules Added

  • UUID – Universally Unique IDentifier. This module will not be turned on by default. CWS will enable it on an as-needed basis.

Contributed Module Updates

  • None

OSU Module Updates

  • None

OSU Theme Updates

  • None

If you have questions or concerns please contact us though our contact form.

From the session “Images 101: File Types, Web Optimization, Retina Screens, oh my” (https://2016.badcamp.net/session/images-101-file-types-web-optimization-retina-screens-oh-my) by Jessica Tate (http://www.jessicatate.com/).

Overview and JPEG

I found this session very helpful in understanding how to prepare images for web use. I learned that while JPEG images are ubiquitous they should only be used as the final image export. They can contain millions of different colors while maintaining a smaller footprint. What this means is you can keep the image tiny for websites but at the same time keep the colors looking great. The reason Jessica said that you should use JPEG as your main source is that every time you run a save command in a Photo Editor passes the JPEG through the image compressor and loses quality.

PNG

Jessica talked next about PNG next and how PNG has two common formats, PNG-8 and PNG-24. The difference between them is that PNG-8 holds 256 different colors where as PNG-24 is called true color where it holds as many colors as JPEG, but with a larger format. The reason she gave for using PNG as your source image and make your edits there is that they don’t lose quality when you export, but are often too large for the web. Jessica also went on to say when to use PNG-8 and PNG-24 and really the 8 format is perfect when you don’t need many colors or transparency. The resulting file size is tiny and great for icons.

GIF

The next image format she discussed was GIF (jif as the creator wanted it pronounced) and although it was a competitor to PNG it’s primary use is in animations. So if you need something to be animated, use a GIF.

SVG

The last image format Jessica talked about was SVG and although SVG is new in comparison to other image formats it differs completely in how the image is created. This format uses Vectors to create the image, this helps with Icons and other logos you wish to create but only have one copy of the file. SVG does not require you to export out different versions of the same image at different sizes as they scale and do not look pixelated. SVG also can be used in animations but it has not grown in popularity yet. A few fun things with SVG is you can use CSS and Javascript to alter the color and behavior of the image. SVG works across all browsers and there are many different free image creation tools out there that can create and work with SVG.

To wrap this up, use JPEG when you need lots of colors, but never use it as your RAW source. If you do not have access to RAW use PNG-24 for your images. GIF’s for animations or start playing with SVG’s for animations as well as Logos.

An update was released to our development environment on Tuesday, August 30th, 2016 and will be released to production sites on Tuesday, September 6th, barring any security/emergency updates. The following updates have been applied:

Major Version Upgrade

  • None

Drupal Core Bug Fix/Security Updates

  • None

New Modules Added

  • None

Contributed Module Updates

  • Webform 7.x-4.14:
    • This release contains two updates that have been rolled into one
    • 7.x-4.13 The update of most concern for us is the one that involves conditionals. Users can now actually nest conditional statements inside of other conditional statements. This is pretty exciting, but it also opens the door for some potential confusion. We ask of anyone who is using conditionals to give their form(s) a test in their dev environment to make sure everything is working correctly.
      • Additionally, there are more than ten other updates that have been introduced. For more information, see the referenced release notes.
    • 7.x-4.14 was not a security release, but there were two big security improvements that were added to let users better understand the security ramifications of two existing features
      • Changing disabled components. The description of the disabled option now clarifies that it is still possible for a user to use developer or JavaScript tools to modify the value of a disabled component. This is by design and is considered desirable. To store a submission value that cannot be changed by the user, use a hidden component with the “secure value” option.EntityInterface added to allow programming interfaces
      • Submission results downloaded as delimited text files (e.g. CSV). Some spreadsheets interpret cell data within a delimited text file as a formula, leading to a formula injection vulnerability in the spreadsheet. Data submitted by untrusted users that may be opened by a spreadsheet should be downloaded in Microsoft Excel format rather than delimited text format. The Webform submission download page makes this clear.
      • Additionally there are more than ten other updates that have been introduced. For more information, see the referenced release notes

OSU Module Updates

  • None

OSU Theme Updates

  • None

If you have questions or concerns please contact us though our contact form.

An update was released to our development environment on Tuesday, August 23rd, 2016 and will be released to production sites on Tuesday, August 30th, barring any security/emergency updates. The following updates have been applied:

Major Version Upgrade

  • None

Drupal Core Bug Fix/Security Updates

  • None

New Modules Added

  • Metatag 7.x-1.17:
    • The information found at this Code Karate tutorial is a little dated, but it will get you started in the right direction. Please note that module configuration is an architect level activity.

Contributed Module Updates

  • CTools 7.x-1.10:
    • This update has more than ten changes. Please refer to the version link above for more details.
    • Please note that this module is a suite of APIs that are not testable via the User Interface. Many of the modules within our OSU Drupal 7 distribution are dependent upon it for base functionality.
    • Many of the fixes in this update relate to CTools modal forms, which appear in the Views User Interface.
  • Entity 7.x-1.7:
    • Views Row Plugin “Rendered Entity” adds reference to the view
    • EntityInterface added to allow programming interfaces
    • theme_entity_property() now respects “content” variable
    • Fixed error “Call to a member function label() on a non-object” in generated admin UI
    • Added a way to prevent exportable rebuild on cron run

OSU Module Updates

  • None

OSU Theme Updates

  • None

If you have questions or concerns please contact us though our contact form.

An update was released to our development environment on Tuesday, August 16th, 2016 and will be released to production sites on Tuesday, August 23rd, barring any security/emergency updates.  The following updates have been applied:

Major Version Upgrade

  • None

Drupal Core Bug Fix/Security Updates

  • None

New Modules Added

  • None

Contributed Module Updates

  • Acquia Connector 7.x-2.17:
    • Please note that this module is used for server connectivity at Acquia and is not something that our customers have access to.
    • Fixed bug that was breaking the status page
    • Updated the migrate form to expect non-2xx response codes from Acquia Cloud as the server side code changed
    • Fixed up the unit tests so they all pass now and make further development/maintenance easier
  • Colorbox 7.x-2.12:
    • Add missing gallery navigation buttons
    • Increased minimum required version of Colorbox plugin to 1.6.1 to encourage people to upgrade
      • CWS pulls from the Colorbox repo, so we already have 1.6.1 in use
  • Context 7.x-3.7:
    • More than 10 fixes/improvements (all minor), please see version notes by clicking on the version number above
  • Display Suite 7.x-2.14:
    • Previous update introduced a regression. This release fixes the resulting problems.
  • Features 7.x-2.10:
    • Fixed undefined index error
    • Fixed features_get_component_states() so that it passes its $reset param
    • Fixed Drush fl output issue
  • Field Collection 7.x-1.0-beta11:
    • Fixed array_filter() issue that was produced after upgrading to 7.x-1.0-beta10
  • Libraries API 7.x-2.3:
    • More than 10 fixes/improvements (all minor), please see version notes by clicking on the version number above

OSU Module Updates

  • None

OSU Theme Updates

  • None

If you have questions or concerns please contact us though our contact form.

The Drupal 7.50-cws-1.0.0 update was released to our development environment on Tuesday, July 26th, 2016 and will be released to production sites on Tuesday, August 2nd.  The following updates have been applied:

Major Version Upgrade

  • Drupal Core 7.50
    • This update has 64 bug-fixes/improvements, most of which should be transparent to our users. There are fixes, however, that involve field configuration access and text formats.
    • While we don’t expect any issues, we request that users double-check their development sites and report any errors via our contact form.

Drupal Core Bug Fix/Security Updates

None

New Modules Added

  • Module Missing Message Fixer: a utility module used to clean up database elements that linger after a module is uninstalled. This module is used by Central Web Services to help keep a site’s database clean.

Contributed Module Updates

None

OSU Module Updates

None

OSU Theme Updates

None

If you have questions or concerns please contact us though our contact form.

With our transition to Acquia for hosting our Drupal 7 sites from our servers we manage with aegir, we’ve set up our releases to be easier and more rapid. Our process will be going from 2 week releases for a large batch of patches and updates to going to small updates more often and without requiring a developer to oversee the process, while still giving us control of when we release large features and updates. The new tools available to also allow us to automate some of the release process and gives us more time to work on cool new features and updates.

Because of this, we have made the decision to freeze code pushes on aegir. Security updates will still be made to protect sites from any malicious access, but new features and bug fixes to our modules will only be going to sites on Acquia.

The transition to Acquia will be seamless for our sites, and no action is required on the part of the site owners. Many of our smaller impact sites, such as drupal.oregonstate.edu, are already on Acquia, and we are in the process of transitioning all our other Drupal 7 sites to Acquia. This process should be completed very soon, with many sites completing their transition early next week.

As always, you can contact us if you have any questions about this transition.

The Drupal 7.41-cws-1.4.0 update was released to our development environment on Wednesday, January 20th, and will be released to production sites on Tuesday, January 26th.  The following updates have been applied:

Major Version Upgrade

  • None

Drupal Core Bug Fix/Security Updates

  • Field Group: 7.x-1.4 – > 7.x-1.5

    • Moderate Security Issue: When adding an HTML element as a field group, the user had the option of adding custom HTML attributes on the group. Via this option, a malicious user could embed scripts within the page, resulting in a cross-site scripting (XSS) vulnerability. This was mitigated by the fact that the attacker would have to be able to configure field display settings, which usually needs a higher level permission.
    • 18 additional fixes/updates. View the Field Group Release Notes for detailed information

New Modules Added

  • None

Contributed Module Updates

OSU Module Updates

  • Highlights: Updated view to use caching.
  • Live Feeds: Fix underline for calendar months in Firefox 40 and above.

OSU Theme Updates

  • Doug Fir: Added small changes to prepare theme for larger, full-screen changes in the future.

If you have questions or concerns please contact us though our contact form.

CWS has added the Simple Calendar plugin to blogs.oregonstate.edu.

This plugin allows for connecting Google Calendars to your blogs.

As a site administrator, you can turn the plugin from the Plugins menu. When activated, a new menu item appears on the left called ‘Calendars’

Here, you create templates which are then added to widgets or posts.

For example to display the event title and if present a location and description.


<div class="gce-list-event gce-tooltip-event">[event-title]</div>
[if-location]<div><span>Location:</span> [location]</div>[/if-location]
[if-description]<div><span>Description:</span> [description]</div>[/if-description]
<div class="gce-list-event gce-tooltip-event"></div>

Plugin documentation can be found at http://docs.simplecalendar.io/

The Drupal 7.41-cws-1.2.0 update was released to our development environment on Tuesday, November 24th, and will be released to production sites on Tuesday, Dec. 1st.  The following updates have been applied:

Major Version Upgrade

  • None

Drupal Core Bug Fix/Security Updates

  • None

New Modules Added

  • None

Contributed Module Updates

  • FileField Paths: 7.x-1.0-rc2 -> 7.x-1.0
    • Official Release Status
    • Added variable module integration.

OSU Module Updates

  • OSU Drupal: Updated parent unit pathauto settings
  • OSU Profiles: Added missing module dependencies
  • OSU Groups: Architects can now remove the top level book page of an organic group. Style updates added to the dashboard.
  • Feature Page: Page title now appears at the same place, no matter the browser size. Page title now appears if a feature page is the home page of a site.

OSU Theme Updates

  • Doug Fir: Science variant font and size updates

If you have questions or concerns please contact us though our contact form.