Problem/Motivation

Executing the Drupal 7 menu link migration (d7_menu_link) triggers MigrateExceptions thrown by the d7_menu migration:

Config entities can not be stubbed.

I dived into and tried to determine why Drupal throws these exceptions. After setting up a breakpoint in EntityConfigBase it turned out that every time this exception was thrown the migrate_lookup plugin tried to get the destination ID of a menu shortcut-set-<#>.

I searched for that string in core and it turned out that the menu links which have this kind of menu_names are handled exclusively by the d7_shortcut migration: The d7_shortcut migration source plugin explicitly filters for this string: because these menu links are migrated into shortcut entities.

The menu_link migration is logging several error messages concerning shourtcuts. See #12

Proposed resolution

Since there is an another migration for shortcut menu links, let's add an another condition to the menu_link migration source plugin's query that explicitly excludes shortcut links.

With this change the menu_link migration test will not be generating errors.

Remaining tasks

User interface changes

API changes

Data model changes

Release notes snippet

Problem/Motivation

Block titles can currently be displayed or hidden by site-builders. When hidden, the heading element is omitted from the HTML entirely. Hiding titles might be desirable for a visual design, however block titles can be useful for visually impaired users, providing contextual clarity and navigational cues via screenreaders.

Proposed resolution

Add another option in block configuration, to output visually-hidden block titles, with a "visually-hidden" class.
In D7 this functionality is provided by the a11y_titles module.

We have already added equivalent functionality to D8 for the FieldAPI label display. Offering visually-hidden block titles will extend the options available for site builders to fine-tune the page structure.

Before

After

Remaining tasks

• Usability review: this accomodates an additional option by replacing a checkbox with a select element, similar to the label display for field formatters.
• Documentation: explain the visually-hidden option on the block help page?
• Update settings form in \Drupal\Core\Block\BlockBase::buildConfigurationForm()
• Update HTML output in block module, adding "visually-hidden" class to title_attribute twig variable via template_preprocess_block. The block twig template does not need to be changed.
• Update block settings config schema. Not necessary - block_settings.label_display is already type: string, not boolean.
• Update installation config in core profiles/modules, changing block_settings.label_display values of '0' to explicit 'hidden'. It would be a BC break so keep the '0' value for hidden titles.
• hook_update(). Change block_settings.label_display values of '0' to explicit 'hidden'. Not usefull anymore (see previous)
• Write tests.
• Some blocks have custom behaviour, e.g. menu blocks already have visually hidden titles, and Bartik uses it's own CSS to hide block titles in the header region. Come up with an approach for these - we might be able to remove custom templates and CSS, relying instead on installation config. Should be done in follow-up issues.

User interface changes

Block title display option changes from a boolean checkbox option to 3 options in a select element: Visible, Visually Hidden, Hidden.
Aim for consistency with the Field API options in entity manage-display settings.

Also descriptive help text may change (D7 a11y_titles module says "Block titles can provide context to users who can’t rely on visual cues").

API changes

None expected.

Data model changes

We are introducing a third option to Block title display: 'visually-hidden'. Effect on data model are as follows:

• Config Schema: NO CHANGE. While we are introducing an additional option ('visually-hidden') for the core data type block_settings.label_display, this is already of type: string, which accommodates all proposed values (visible, visually-hidden, hidden).
• Installation Config: CHANGED. Block configuration files in config/install folders will need to be updated, changing block_settings.label_display values of '0' to explicit 'hidden'. Removed for BC
• Existing Sites' Config: UPDATE HOOK required, changing block_settings.label_display values of '0' to explicit 'hidden'. Removed for BC

Problem/Motivation

I have a content type that displays a mix of user generated data and data from a web service. The content type has about 10 fields and about 5 of them include data from a web service (I use cURL for that).

I've been using hook_preprocess_field(&$variables) to add data from the web service to the fields. I noticed this preprocess functions is called once for every field. That means that I do many calls to that same web service, which slows the rendering down.

Is there any way for me to create all the variables (data from the web service) in one go for all the fields?

With regards, Logi

Problem/Motivation

There is a user called Umami in the Umami demo to whom all recipes are attributed. Users should be people.

Proposed resolution

Attribute recipes to actual users, as is the process for articles. Do not create a user called Umami on content import.

Remaining tasks

All the things.

User interface changes

None.

API changes

None

Data model changes

None

Problem/Motivation

(I can hardly imagine that this has never been discussed of considered before, but I couldn't find an issue. Please excuse me if this is a duplicate.)

Every region template (eg. core/modules/system/templates/region.html.twig) uses {{ content }} to render the blocks in that region. But unlike node templates (eg. core/modules/node/templates/node.html.twig), where you can do things like {{ content|without('field_example') }}, the content of a region cannot be manipulated. This is because the content variable of a region is not an array of renderable elements, but just a string of rendered HTML.

Sometimes you want to be able to have access to the separate blocks, for instance to do something like this:

<div class="grid-container">
    {{ content|without('special-block') }}
  </div>
  {{ content.special-block }}

Proposed resolution

The reason why blocks arrive in the template as an already rendered blob of HTML, can be found in the comments on line 439 and 440 of core/lib/Drupal/Core/Render/Renderer.php:

// If #theme is not implemented or #render_children is set and the element
// has an empty #children attribute, render the children now. [...]

This also points us in the direction of a solution: Build the render array of a region with a #theme property instead of a #theme_wrapper. As far as I can see, this results in the exact same output as the current situation, requiring no changes to twig templates, while adding additional flexibility for those who need it.

Remaining tasks

I did not find any downsides yet, but we have to think of reasons to not do this.

Are there performance implications?

Could caching be a problem when region output is made more dynamic? And if so, is that a problem for Drupal core to solve, or just a case of "with great power..."?

User interface changes

none

API changes

none

Data model changes

none

Release notes snippet

todo

Problem/Motivation

PHP is weakly typed and this can lead to bugs like https://bugs.php.net/bug.php?id=54547.
In addition, it causes our code to be less explicit than it could be; core is littered with 0/1 where it should be FALSE/TRUE, and strings where they should be integers.

Proposed resolution

Adopt a policy of always using the strongly typed comparison operators, and use them.
It might even expose a bizarre edge-case bug or two.

Create a child issue for each module. Take care of each conditions, only real strict comparison should be converted.
Ex:

// No needs changes because we potentially compare two differents types.
$nid = 1;
if ( $node->id() == $nid) {

}

// Needs changes, we are sure to have string in both.
if ( $node->id() === $node->original->id()) {

}

Remaining tasks

• #2984196: Replace Loose comparison by Strict comparison in core
• Core tests
• Module action: no changes
• Module aggregator: #2984220: Replace Loose comparison by Strict comparison in aggregator module
• Module automated_cron: no changes
• Module ban : #3073996: Replace Loose comparison by Strict comparison in ban module
• Module basic_auth: no changes
• Module big_pipe : #3073997: Replace loose (==) comparison with strict (===) comparison in big_pipe module
• Module block : #3073998: Replace Loose comparison by Strict comparison in block module
• Module block_content : #3073987: Replace Loose comparison by Strict comparison in block_content module
• Module block_place: no changes
• Module book : #3074086: Replace Loose comparison by Strict comparison in book module
• Module breakpoint
• Module ckeditor
• Module color: no changes
• Module comment
• Module config
• Module config_translation
• Module contact
• Module content_moderation
• Module content_translation
• Module contextual
• Module datetime: #3177993: Replace Loose comparison by Strict comparison in datetime module
• Module datetime_range
• Module dblog
• Module dynamic_page_cache: no changes
• Module editor #3178193: Replace Loose comparison by Strict comparison in editor module
• Module entity_reference: no changes
• Module field
• Module field_layout: no changes
• Module field_ui #3178131: Replace Loose comparison by Strict comparison in field_ui module
• Module file
• Module filter
• Module forum
• Module hal
• Module help
• Module history: no changes
• Module image
• Module inline_form_errors: no changes
• Module language
• Module layout_builder: no changes
• Module layout_discovery: no changes
• Module link
• Module locale
• Module media
• Module media_library: no changes
• Module menu_link_content
• Module menu_ui
• Module migrate
• Module migrate_drupal
• Module migrate_drupal_ui
• Module node
• Module options
• Module page_cache
• Module path
• Module quickedit
• Module rdf
• Module responsive_image
• Module rest
• Module search
• Module serialization
• Module settings_tray
• Module shortcut
• Module simpletest
• Module statistics
• Module syslog
• Module system
• Module taxonomy
• Module telephone: no changes
• Module text
• Module toolbar
• Module tour
• Module tracker
• Module update
• Module user
• Module views
• Module views_ui #3178334: Replace Loose comparison by Strict comparison in views_ui module
• Module workflows: no changes
• Module workspace

User interface changes

N/A

API changes

Policy change: never use == or !=, always === or !==

Original report by chx

I wanted to get rid of them at least since Paris (remember my presentation?) but now that https://bugs.php.net/bug.php?id=54547 is filed and turns out there's more than just filling a presentation and a blog with the quirkiness but there are dire security weaknesses as well (search for ximaz in the bug report), it's time to use === and cast if necessary. It won't be necessary mostly.

Problem/Motivation

This is easily reproducible on simplytest.me:

1. Install Drupal w/ standard profile
2. Add an article node with garbage info
3. Create a view with base table of Content Revisions, displaying fields.
4. Add field "Tags" under category "Content (historical data)"
5. In settings for that field, rewrite the field using "Override the output of this field with custom text" (actually doesn't matter what you pick, you just need something that exposes the replacement tokens)
6. Observe that the replacement token for that field contains a hyphen: "{{ field_tags-revision_id__target_id }}"

Before

The problem is that you cannot have hyphens in twig variables like that. I believe it should be two underscores instead based on what I've seen in some other issues.

Proposed resolution

- Use the field alias instead, but don't break things that use field name in the view.
- Views post-update that is run as batch to be scalable for sites with many views.
- Write a test to assert the problem.
- Write a test to assert the post-update.

After

Remaining tasks

- Re-roll patch for 8.8.x branch. :|. Done in #52, tested in #58.
- Review current patch, tested in #58
- Manually test the patch for views post-update to confirm that the view was updated automatically (See #50 for ideal testing plan steps), done in #58.
- Don't override possible '-revision_id' string added by the administrators on the override strings. Use Regexp to actually replace only instances of '-revision_id' inside {{ }}.

Completed

- Rewrote views post-update to use Batch API and added a test for views post-update.
- Patch #25 with views post-update, fix and test to assert the issue.
- Manual testing (DONE): Add Before/After screenshots.

Original report by bkosborne

This causes a couple issues:

1. There's an assertion in PluginBase::viewsTokenReplace() that checks if tokens are valid twig variables. So if the token replacement is performed for whatever reason, this assertion will fail and cause a 500 error.
2. I believe this would also prevent twig from performing the replacement correctly and/or using the proper field template for the field, but I can't be sure because I didn't test that behavior. The replacement token replaces the string 0 or 1, but not the actual value for the field.

I did a little big of digging and see that the token name for a given field is literally the "id" of the field, see FieldPluginBase::getFieldTokenPlaceholder(). Not sure on the solution here since I'm completely unfamiliar with this code.

The -webkit-search-cancel-button doesn't have enough contrast with the black background of the search input. This should be styled to a light gray X

Chrome:

Safari:

Problem/Motivation

Discovered at #2972224: Add .cspell.json to automate spellchecking in Drupal core, and pointed by @xjm in https://www.drupal.org/project/drupal/issues/3122088#comment-13628724

Becalled
Isnew
describedby this is from aria-describedby, I don't think there's anything to fix -- this needs to stay in the word list.
Bytouched
Entitiesto
Fieldby
Groupby
Librariesby
Urlto
intefacewithconstants
invalidateby
mydistro
mydriver
myeditor
myeditoroverride
myfragment
myfrontpage
myfunctions
mymenu
mymodule - too many instances of this, this can be done separately
mynewpassword
myothermenu
mypath
myprimarykey
myprofile
myproject
myrootuser
myroute
mysetting
mysite - too many instances of this, this can be done separately
mytab
mytable
mytheme
mytube
mytype
myvalue
myvar
myverylongurl
myverylongurlexample
nosuchcolumn
nosuchindex
nosuchscheme - part of XssTest which has many spelling issues, should be done separately
nosuchtable
nosuchtag - part of XssTest which has many spelling issues, should be done separately
testid
testnoschema
wrongparam

Proposed resolution

Make sure everything isProperlyCamelCased or snake_cased as appropriate.

Remaining tasks

Pick out all applicable words from #2972224: Add .cspell.json to automate spellchecking in Drupal core and fix them.

User interface changes

API changes

Data model changes

Release notes snippet

The original designs for the social bar included icons for FB, Twitter, etc. I do not want to ship those with the theme, however that use case is still very valid.

Currently, it would be nice if we could create a block with the social media icons, and place it there. However, the way the CSS is currently architected is that any images (all elements really) will be rotated 90deg.

We could do several things:

1) Include an icon upload form in the theme's settings. This is a big lift because it requires configuration changes, and may require tests (despite being an experimental theme).
2) Re-architect the CSS to not rotate the images with a certain CSS class. This would be easier, but would also be more difficult from an end-user perspective.

Original summary

On the screenshots like e.g. https://www.drupal.org/files/project-images/Drop%20Menu%20%28Desktop%29%... -> there is a left section (region/block?) that looks really cool: it contains social media icons - SHARE THIS POST. I don't see these social icons on https://8-x-1-x-dev-2t4d1epwkj8tgwxduizmixhzevqwzi8w.tugboat.qa/ though - is it available (and requires a config)?

Problem/Motivation

If the Entity used by an EntityResource implements `EntityChangedInterface` this is not updated when a patch method is used to update the entity via the rest API.

Steps to reproduce

Create an entity that implements EntityChangedInterface and a subclass of EntityResource which uses this Entity. Update the entity via the rest API, the updated timestamp is not modified.

Proposed resolution

This is a fairly simple enhancment

Before the entity is saved in the Patch method

if ($original_entity instanceof EntityChangedInterface) {
      $original_entity->setChangedTime(time());
    }

This is a core interface so it would be nice to see it supported.

Remaining tasks

User interface changes

None

API changes

None

Data model changes

None

Before going any further, know this:

Much of the work on this task took place here: #2346973: Improve usability and accessibility of long select lists. It eventually became apparent that this needed its own issue

• Are you looking for the issue regarding a drop-in replacement for jQuery UI autocomplete, for stuff like entity reference fields? this is that issue
• Are you looking for the issue regarding UX improvments to <select> elements, making it easier to deal with long lists of options? That is a different issue, and it is here: #2346973: Improve usability and accessibility of long select lists

Problem/Motivation

We are in the process of deprecating jQuery UI in core. jQuery UI's autocomplete is among the components that need to be removed/replaced.
As mentioned in the parent issue: #3067261: [Plan] Remove jQuery UI components used by Drupal core and replace with a set of supported solutions
The OpenJS Foundation lists jQuery UI as an Emeritus project in https://openjsf.org/projects/ which is described as:

Emeritus projects are those which the maintainers feel have reached or are nearing end-of-life

Well before the need to deprecate jQueryUI emerged in mid-2019, there has been interest in replacing jQueryUI with something with better UX and accessibility (which is evident in this issue being created several years prior to mid-2019).

Proposed resolution

Replace jQuery autocomplete with the Awesomplete library. Awesomplete was one of ten libraries evaluated as a replacement for jQueryUI autocomplete. The full evaluation (with a prototype that can be used with taxonomy fields) is in comment on the issue this originated from: #223. This was chosen over the others for several reasons, including

• It was the only library reviewed to not have any glaring accessibility issues
• Unlike most candidates, the functionality is applied to the existing text field. Most of the other options require select elements or hide the text field and create pseudo-inputs from other elements, creating entirely new markup that could result in broken forms and frustrated contrib developers.
• Awesomplete is in the Joomla 4 alpha, which means another large project has vetted it and has interest in its continued support
• A review of its Github suggests that important issues actually get addressed

(in other words, it's easily the most accessible, least disruptive option chosen so far)

Steps taken prior to the proposed resolution

Several other options were evaluated. Note that all links to evaluations go a separate issue: #2346973: Improve usability and accessibility of long select lists, the issue that this originated from.

• https://github.com/jshjohnson/ChoicesEvaluation (#189)
• https://harvesthq.github.io/chosen/Evaluation (#194)
• https://github.com/Mobius1/SelectrEvaluation (#195)
• https://github.com/alphagov/accessible-autocomplete (prototype at #182, great accessibility but not considered as it does not support select/multiselect It is strictly for providing suggestions to single-value text fields)
• https://github.com/HemantNegi/jquery.sumoselectEvaluation (#201)
• http://ivaynberg.github.io/select2 (of which https://github.com/woocommerce/selectwoo is a fork of, created to improve accessibility) Evalulation (#193)
• Custom library based on https://react-select.comEvaluation (#200)
• https://selectize.github.io/selectize.js/Evaluation (#199)
• https://leaverou.github.io/awesomplete/Evaluation and prototype (#223)
• https://github.com/github/auto-complete-elementEvaluation (#222)

Other than Awesomplete, nontrivial accessibility problems identified in each evaluation. These problems were discovered from general accessibility testing. In each case, enough issues were found that it wasn't worth devoting additional time to strictly checking against W3 specs.

Remaining tasks

• Accessibility review
• JS review
• FE Manager review
• UX review
• Product Manager review
• (probably more reviews, this is a major change)

Unlike most experimental module additions, this is an allowed change in 8.9.x/9.0.x because it's not just a feature; it's also a critical security hardening task.

User interface changes

Yes.

API changes

Yes.

Problem/Motivation

In core/modules/views/tests/src/Functional/Handler/FieldEntityOperationsTest.php, $admin_user variable was unused.

From #3088378: Designs for new front-end theme for Drupal 9

When viewing the proof of concept (https://olivero-poc.netlify.com/), @bnjmnm & @johndevman brought up the fact that not much content is visible on a 13" MBP screen, which is 1280 by 800 pixels.

It might be useful exploring options (height based media queries?) to remedy this.

See #1530652: [META] Switch from == to === to prevent mistakes and make brute force password attacks harder

The way that we're implementing the layout CSS class is a bit confusing. We can make it more clear.

1) We can remove the node--article--full.html.twig file, and add the layout--content-narrow class via preprocess.
2) We need to remove the layout variable from node--teaser.html.twig.

Original summary

Here is the content of node--article--full.html.twig;

{% include '@olivero/node.html.twig' with
  {
    'layout': 'content-narrow',
  }
%}

The layout variable is concatenated by after in node.html.twig like this:
{% set layout = layout ? 'layout--' ~ layout|clean_class %}

Question 1: Why over-complicate with the concatenation? The themer needs to know that he/she have to use part of the class name (without the starting layout--)... a more simple way would be 'layout': 'layout--content-narrow',

Question 2: Why using an include if it is used only once? More over, in the case of a subtheme @olivero could lead to an issue for someone who have edited node.html.twig [I am completely open to hear a good reason for that...]

Question 3: why using the layout variable in node--teaser.html.twig as I don't see where it is populated?... But maybe I missed something.

Problem/Motivation

now that Olivero has been committed to Drupal core, development will continue in Drupal core. The issue that are in an non-closed or non-fixed state should be moved to Drupal core's new "Olivero theme" component.

Conversation with Gábor Hojtsy (he/him) in Drupal slack:
https://drupal.slack.com/archives/CJT807H7T/p1602848128144500

Steps to reproduce

N/A

Proposed resolution

1. Edit any issues that have the status of Active, Needs review, Needs work, Postponed, and Reviewed & tested by the community
2. Change the Project to Drupal core (3060)
3. Change the component to Olivero theme
4. Save the issue

Reference:

Remaining tasks

Do it.

User interface changes

N/A

API changes

N/A

Data model changes

N/A

<div class="js-text-full text-full description" data-drupal-selector="edit-field-testet-0" id="edit-field-testet-0--description">testing</div>

`js-text-full text-full` should not adding to help text element.

API page: https://api.drupal.org/api/drupal/core%21lib%21Drupal%21Core%21TypedData...

There are no docs on what "setInternal" or "internal" property does.

Some info is here: https://www.drupal.org/node/2916592 but far from complete explanation.

Proposed resolution

Add more information about the internal property:

/**
   * Sets the whether the data value should be internal.
   *
   * Internal fields and properties should not be exposed to outside
   * systems.
   *
   * This can be used in a scenario when it is not desirable to expose data of
   * this entity type to an external system.
   *
   * The implications of this method are left to the discretion of the caller.
   * For example, a module providing an HTTP API may not expose entities of
   * this type or a custom entity reference field settings form may 
   * deprioritize entities of this type in a select list.

Remaining tasks

1. Write patch
2. Review and confirm documentation change is accurate

User interface changes

N/A

API changes

N/A

Data model changes

N/A

Release notes snippet

N/A

Issue Summary Updates

The original issue discovery by OP was finding email's content and it's recovery reset URL doesn't aligned to the preferred langcode of the user, when site is set to multilingual with path prefix. In short, we see that the email content is french, but the password reset URL comes as "/en/user/reset/..." .

There are a total of three API setting $langcode along the way to set the language of recovery email.

1. submitForm() in UserPasswordFrom.php, taking the current browsing langcode and passed to _user_mail_notify().
2. _user_mail_notify in user.module line 1042, it has a condition written to use the $langcode as $account->getPreferredLangcode if not specified. Here is where it sends an email request by invoking MailManagerInterface::mail() service and passing $langcode in its parameter, which goes through user_mail (hook_mail) to modify it's email contents.
3. user_mail in user.module line 772, it has set to retrieve it's email content base on getPreferredLangcode of User while token option was set to follow the $message[langcode] variable from MailManagerInterface::mail().

The descriptions above reveals the bug how email's text content doesn't align with content replaced by tokens (URL with langcode prefix in this case) is within user_mail, whereas it should use the langcode that _user_mail_notify() provided as said by @jonathanshaw #23.

To understand the details of discussion, you can start from #21.

On the aspect of account recovery email does not respect user account's preferred language is due to the $langcode set in submitForm (UserPasswordForm.php), further discussion can be found at #86287: "reset password" page ignores the user's language selection.

Original Problem/Motivation

In the user_mail function, the language manager is set to the preferred langcode of the user.

$language = $language_manager->getLanguage($params['account']->getPreferredLangcode());
$original_language = $language_manager->getConfigOverrideLanguage();
$language_manager->setConfigOverrideLanguage($language);

In some cases if we load config, the mail_config is translated in the language of the user:

$mail_config = \Drupal::config('user.mail');

While loading the token options, an other langcode is set?!

Steps required to reproduce the bug

While sending a "Password Recovery" mail, the mail subject and body is in the language of the user.
The [user:one-time-login-url] token is in another language.

Solution, see patch.

Proposed resolution

New proposal

Quoting #23:

The only thing we need to fix is in user_mail():

$language = $language_manager->getLanguage($params['account']->getPreferredLangcode());

should become

$language = $language_manager->getLanguage($langcode);

user_mail() should use the langcode that _user_mail_notify() has provided.

Original proposal

Set the correct langcode in $token_options array:

  $token_options = ['langcode' => $language->getId(), 'callback' => 'user_mail_tokens', 'clear' => TRUE];

See Patch.

Remaining tasks

Review patch.

User interface changes

None

API changes

None

Data model changes

Assures the language content from token replacement is the same as email content by allowing user_mail() to following the same langcode passed from it's parameter.