►
From YouTube: Backdrop Weekly June 21
Description
Today’s development agenda: https://goo.gl/CrUSMn
A
All
right
we're
on
air,
it
is
Thursday
June
21st,
and
this
is
a
meeting
to
check
in
on
active
m2
tasks.
For
a
backdrop,
hopefully
111,
let's
see
new
this
week
and
while
the
backdrop
contributes,
are
a
new
project
called
CSS
grid,
four
cores
and
layouts.
So
thanks
Wes
for
people
who
are
tired
of
using
flex
I
want
to
use
grid.
No.
B
Use
it
there's
just
no
reason
to
I
might
I
might
actually
put
layouts
in
there
that
are
hard
to
accomplish
with
Flex
box,
but
for
now
it's
just
like
hey.
If
you
want
to
mess
with
grid,
you
could
do
it.
It
falls
back
to
flex
box
if
they
don't
support
grid
and
if
it
still
as
the
flute
fallback,
if
they
can't
support
that.
So
it
really
it's
really
just
some
extra
CSS.
It's
not
a
whole
lot.
A
Let's
see
and
then
on
our
websites
did
you
meet
just
talk
about
the
backed
up
CMS
site
in
the
last
minute?
Yeah?
Okay,
so
we
don't
need
to
go
over
that
and
today's
meeting,
but
if
you're
curious
about
what's
going
on,
in
fact,
I've
seen
us
at
work
feel
free
to
watch
our
design
and
usability
meeting
that
happened
in
our
video
okay.
So
then
up
next
is
backdrop
CMS
project
progress
and
we
have
a
lot.
So
my
president
birthday.
C
So
I
might
skip
over
some
things
that
don't
have
updates
this
week,
so
we
can
discuss
the
ones
to
do,
but
the
next
bug
fix
release
is
going
to
be
one
top
10.2
and
the
one
issue
that
we
have
that
is
surfaced.
Is
this
long-standing
issue
2904
regarding
database
credentials,
the
encoding
changing
they're
still
no
updates
on
that
this
week,
so
I'm
going
to
just
skip
over
that
and
keep
rolling.
C
We
also,
of
course,
have
the
issue
tracker
for
1:10
two
issues.
We
have
had
a
couple
more
items
being
merged
in
for
the
next
release.
Next
book
fix
release
and
let
me
see
if
there
are
I
there's
currently
no
are
TBC
issues,
which
is
always
a
good
thing
for
10.2,
but
there
are
a
couple
of
additional
pull
requests
out
there.
That's
our
our
TVC
but
they're
either,
not
in
that
they're,
either
for
1.11
or
or
not
typed,
for
a
milestone.
So
anyway,
that's
great
okay.
C
C
This
is
an
issue
that
almost
got
into
one
to
ten,
but
we
could
reach
a
compromise
before
that
happened
no
update
since
last
week.
The
status
is
still
like
that
the
pull
request
needs
to
be
reworked
using
the
new
compromise,
and
that
has
a
path
forward.
Just
needs
to
be
implemented.
I
think
Jen
is
taking
the
lead
on
that.
C
One
issue:
704
is
configured
translation
and
we
continue
to
surface
this
issue
every
week,
just
because
it
is
a
highly
important
issue
for
us
to
make
it
so
the
translations
can
be
pulled
out
of
config
files
more
easily.
No
updates
this
week,
though,
that
we
still
have
a
pretty
solid
plan
there
in
issue
7
up
for
contact
module
improvements.
C
C
What
that
settings
form
includes
is
adds
the
check
box
for
send
a
copy
sent
me
a
copy.
You
can
turn
and
turn
on
and
off
that
check
box
now,
which
is
what
Hopi
was
originally
hoping
for,
but
I
also
combined,
that
with
some
of
her
bills,
excellent
work
to
expose
the
rate
limiting
settings
that
right
now,
there's
two
places
where
rate
limiting
is
in
place
on
the
log
in
form
and
on
the
contact
module,
and
we
combined
the
rate
limiting
settings
into
this
new
settings
form.
C
There
are
a
bunch
of
other
sub
items
that
are
in
that
30:23
issue,
including
like
turning
contact
module
on
by
default
and
making
a
menu
item.
Some
of
those
are
going
to
be
kind
of
controversial,
but
one
that's
I
think
is
a
really
great
idea
and
will
probably
be
the
next
one
to
go
in
as
issue
3053,
which
is
making
it
so
that
you
can
have
the
contact
module,
make
not
just
a
page
but
also
a
block.
C
Also,
in
the
category
of
long-neglected
modules
that
are
getting
some
love,
this
releases
color
module.
Color
module
has
a
large
meta
at
issue.
19:05
some
of
I
think
that
meta
actually
was
opened
quite
a
while
ago
by
Wes,
when
we
building
out
the
basis
theme
that
collar
module
is
difficult
to
work
with
and
when
basis
was
being
built
out.
We
thought
that
we
could
revamp
color
module
at
the
same
time,
but
we
tabled
that
so
that
we
could
finish
basis
and
basis.
Right
now
is
non
color,
risible
and
I.
C
C
1949
is
an
issue
that
aimed
to
revamp
the
way
color
module
has.
Does
it
settings
entirely
and
the
pull
request
that
is
on
there
right
now
is
not
a
let's
revamp,
all
of
color
modules
user
interface,
but
merely
let's
just
tidy
up
the
implementation
of
the
form
that
we
already
have.
So
that
is
another
pull
request
that
needs
review.
That
I
haven't
had
a
chance
to
look
at
yet,
but
I
was
like
I'm
really
appreciative
of
your
efforts
to
make
it
so
the
color
module,
because
deke
ruff
deed,
because
it's
got
some
craft.
C
C
Let's
see
makes
issue
is
bringing
back
node
preview,
which
is
issue
30
62.
There
hasn't
been
any
updates
on
this
issue
since
last
week.
So
I
won't
recap
it
there.
We
still
need.
We
still
need
a
little
bit
more
work
on
that
making
it
so
that
this
new
preview
mechanism
works
with
layouts,
but
I.
Think
more
feedback
would
be
appreciated
there.
If
you
haven't,
given
it
a
shot,
you
can
check
it
out.
I
think
the
live
sandbox
for
that
is
is
up
and
running.
C
Let's
see
something
that
has
seen
some
action
this
past
week
is
issued,
2198
and
per
dock.
Let's
request:
we've
added
it
here
to
the
agenda
and
I
think
it's
a
great
issue
which
is
adding
the
editing
of
media.
It's
really
not
media,
it's
just
images,
adding
an
image
browser
to
the
image
dialog
in
ckeditor.
C
So
this
issue
ads
of
view
that
makes
it
so
that
when
you
select
the
file,
you
can
not
only
upload
one,
you
can
select
a
pre-existing
one,
which
is
a
really
great
piece
of
functionality
right
now
that
I
think
this
is
only
integrated
exclusively
into
ckeditor.
So
only
when
creating
content
with
the
rich
text
editor,
it
doesn't
really
affect
the
normal
file,
upload
widget
in
any
way,
but
I
think
that
we're
still
having
some
JavaScript
related
problems
there
that
we're
getting
some
JavaScript
air
when
fuse
is
using
the
Ajax
setting
I.
C
Think
that's
still
the
case
and
there's
some
discussion
about
a
it's
there
as
well.
How
large
the
modal
should
be,
how
the
images
should
be
sized
how
they
should
be
displayed
so
that
one
is
currently
and
it
needs
to
review
state
probably
actually
need
some
work,
but
I
think
soliciting
more
feedback
on
that
issue
would
be
great,
especially
design
and
UX
feedback
to
get
some
information
on
or
get
some
thoughts
on.
A
C
A
C
C
C
On
it
for
a
backdrop,
and
we've
put
those
up
into
a
number
of
smaller
issues
that
we're
trying
to
tackle,
we
probably
won't
get
full
automatic
updates
into
the
next
release,
but
we
can
make
some
incremental
improvements
to
make
that
more
possible
in
the
future.
First
issue
is
3105
that
Jeff
took
a
stab
at
a
couple
weeks
ago,
and
Gregory
did
some
reviewing
on
this
past
week.
Thank
you
for
doing
that
and
effectively
breaking
everything.
As
usual,
we
could
use
some
more
feedback
and
more
testing
on
that
one.
It's
it's
difficult
to
test.
C
Oh
did
I
mention
what
it
is
it'll
allowing
core
updates
via
the
user
interface
they're.
Just
the
same
way,
you
can
update
contribs,
where
a
new
version
of
a
module
comes
out.
You
just
click
the
Update
button
and
it
downloads
the
new
versions
of
the
module.
This
adds
that
same
functionality
for
court
looks
like
we
encountered
some
problem
where
installer
module
does
some
sanity
checking
to
make
sure
that
all
modules
have
a
type
and
a
name
inside
of
them?
C
But
it
looks
like
we
have
a
bug
where,
when
core
is
updated,
it's
not
clear
if
this
happens
for
everybody,
but
for
some
people
when
core
is
updated,
some
of
the
test,
dot
info
files
get
parsed
and
the
whole
thing
blows
up,
which
is
not
good.
So
there's
a
suggestion,
there's
actually
a
cross-referenced
bug.
That's
happened
in
the
past
that
we
could
potentially
address
that
issue
and
then
it
would
fix
this
automatic
updates
question
with.
C
C
They
don't
need
one
at
all
and
actually
the
way
that
they're,
structured,
thought
and
profiles
for
tests
are
they're
all
grouped
into
like
categories.
There's
no
like
name
of
it's,
not
it
of
every
defining.
Just
one
thing:
it's
always
defining
multiple
things.
So
there's
not
one
name
or
type
for
the
whole
thing
there
could
be
I
suppose.
But
what
do
we
have
a
type
equals
test,
something
we
could,
but
we
also
could
talk.
C
C
C
This
issue
covers
both
md5
validation,
to
make
sure
that
the
archives
that
was
downloaded
is
not
corrupted
in
any
way
and
also
package
signing,
which
makes
it
so
that
if
there
were
to
be
men,
the
middle
attacks
or
some
kind
of
modification
to
our
update
feeds
and
people
decided
to
make
back
drop
point
back
to
a
BMI
stored
point
at
other
archives
of
modules
that
were
not
from
a
valid
source
that
backdrop
when
it
expanded.
Those
archives
would
be
like
hey.
This
wasn't
officially
signed.
C
This
archive
was
not
packaged
by
backdrops
named
Esther
Oregon,
so
I
will
refuse
to
install
it
or
potentially
show
a
warning
to
the
user
saying
you
know
this
package
is
unsafe.
Are
you
sure
you
want
to
install
it,
and
that
is
a
general
security
improvement
to
make
it?
So
that's
the
package
is
sent
that
the
packages
that
are
downloaded
are
essentially
or
will
be
essentially
impossible
to
tamper
with,
once
they've
been
created,
that
one
is
coming
along.
Actually
there's
a
lot
of
moving
parts.
C
C
Jl
Franklin
has
suggested
that
we
use
open
SSL,
which
could
also
perform
that,
and
we
also
could
even
use
things
like
PGP
also
has
digital
signing
capabilities.
The
arguments
for
sodium
is
basically
that
it's
easy.
The
arguments
for
something
else
like
open,
SSL
and
PGP
is
that
they
are
possibly
more
widely
available.
C
We
don't
really
quite
know
yet,
and
so,
if
it
turns
out
that
using
another
signing
mechanism
is
doable
and
secure
and
relatively
easy
like,
we
might
choose
those
over
sodium
just
because
sodium
requires
a
backwards,
compatibility
shim
for
older
versions
of
PHP
and
on,
but
it
is
available
in
PHP,
7.2
and
higher
out
of
the
box.
So.
C
Like
it's,
it's
in
every
version
of
PHP
going
back
to
like
pH
before
so
it
like,
we
wouldn't
need
a
backwards
compatibility
shim
if
we
went
with
open
SSL,
we
just
use
what's
in
PHP
itself,
however,
there's
a
question
of
just:
do.
We
know
that
it's
actually
installed
in
pH
in
people's
out-of-the-box
PHP
installations,
because
it's
an
optional
module,
so
you
can
compile
it
without
open,
SSL
support
and
then
we'd
be
introducing
a
new
dependency
that
might
be
uncommon
or
not
sure.
Yet,.
E
C
Exactly
it
is
that,
like
open,
SSL
was
also
chosen
by
PHP
years
and
years
ago,
but
just
actually
just
like
PHP
7.2,
it's
not
necessarily
going
to
be
compiled
in
all
PHP
installations.
Sodium
will
actually
have
the
same
problem
that
it
also
could
be
not
compiled
at
PHP
7.2.
However,
we
can
shim
it
if
we
need
to
so.
Actually
the
shim
could
serve
a
purpose
even
after
7.2
becomes
commonplace
so
that
it
does.
C
C
C
Okay,
great
also
related
to
core
updates.
Is
this
peripheral
issue
about
the
profiles
directory
right
now?
The
profiles
directory
just
sits
in
the
root
of
a
backdrop.
Install
and
issued
25
fifty-five
moves
the
profiles
directory
underneath
the
core
directory
so
that
it
would
get
updated
when
the
rest
of
court
is
updated.
C
That
issue
needs
review
Gregory
thanks
for
taking
a
look
at
it,
I
did
reroll
it
since
you
last
I
have
reviewed
it,
so
it
should
be
good
to
test
again.
Here.
Are
some
discussion
happening
in
that
issue
about
whether
or
not
we
should
make
a
route
profiles
directory
that
just
contains
a
readme
file
as
well
we're
soliciting
more
opinions
on
that
I'm
kind
of
thinking.
It's
not
necessary.
D
And
then
fact,
okay,
only
the
the
the
thought
behind
that
was
that
we
have
this
think
I
don't
have
a
ticket
number
about
a
creating
recipes
or
what
would
be
the
profiles,
but
there
is
a
sort
of
like
a
space
there
for
contributing
to
have,
but
there's
no
reason
to
hold
the
ticket
back.
We
can
add
that
the
route
profiles
thing
later
when
we
need
it.
If
what
you
call
it
tidiness
is
national
yeah.
C
C
C
Well,
let's
yeah
continue
discussing
and
then
we
can
move
forward
on
that
one
and
then
eventually
automatic
updates
themselves
right
now
we
don't
have
a
dedicated
issue
for
the
automatic
updates.
We
could
just
lump
that
into
the
2018
issue.
C
C
Functionality
is
issue
285,
which
is
better
statistics
tracking,
and
this
one
has
been
a
long-standing
issue
in
discussion.
The
only
thing
that
has
changed
since
last
week
is
that
we
have
opened
a
new
issue
and
you've
sub-issue
3168.
That
is
the
idea
to
separate
update,
checking
from
statistics
tracking,
so
question.
A
C
C
B
C
D
A
C
C
I,
don't
know
I,
guess
you
kind
of
like
project
module,
it's
likely
that
you
know
they're
receiving
it
like
we'll,
probably
I'm,
not
sure.
If
we're
putting
a
project
fund-
oh
I
guess
it
would
make
sense
if
we
put
like
the
receiving
end
should
probably
be
part
of
project
module.
Just
like
the
update
checking
is,
but
it
should
be
a
separate
sub
module
for,
like
I,
guess,
project
metrics
and
then
the
the
calling
module
I
can
probably
wouldn't
want
them
both
to
be
called
project.
Metrics.
A
D
A
C
Whoa
what
I
was
getting
at
was
that
project
module
theoretically
is
not
backdrop
CMS
org
specific,
although
really
I,
don't
know
I,
don't
know,
I
really
feel
like
we
could
treat
it
as
such.
For
the
most
part,
I
mean
not
very
many.
Other
people
are
going
to
be
running
your
own
update
servers,
so
it
seems
a
little
unnecessary
to
abstract
that
idea
come
on
well
anyway.
Let's
discuss
that.
C
3168
is
open
for
discussion.
That's
the
issue
or
we're
just
talking
about
separating
that
update,
checking
tasks
from
statistics
tracking
a
side
effect
of
this
would
be.
We
were
to
remove
the
check
box
from
the
Installer
that
says
check
for
updates
and
we
would
just
always
check
for
updates,
but
checking
for
updates,
wouldn't
necessarily
report
your
site
as
being
active.
So
instead
we
would
replace
up
with
the
check
box
that
says,
like
report
anonymous
usage,
information,
two-factor
up
CMS,
start
org,
for
example,
I.
D
C
C
And
I
think
that's
you
know
that's
fairly
easy
to.
You
know
to
turn
off
as
far
as
an
option:
okay
and
I,
don't
think,
there's
any
other
updates
as
far
as
better
statistics
tracking
is
concerned
at
this
point,
and
is
there
any
additional
thing
that
I'm
missing
there
I
don't
think
that
we've
made
any
other
progress?
C
D
C
D
C
Okay,
then
I
think
that
we
are
all
done.
Thank
you,
everybody
wow.
We
got
quite
a
crowd
today.
Thank
you,
everybody
for
showing
up.
Thank
you
to
all
of
our
Watchers
out
there
on
the
Internet.
We
will
catch
you
guys
on
get
er
on
github
and
everywhere
else
on
the
internet.
See
you
guys
next
week
right.