►
From YouTube: Backdrop Weekly Apr 19
Description
Today’s development agenda: https://bit.ly/2IPu1xh
A
Okay,
we're
gonna
air;
it
is
a
Thursday
April
19th.
This
meeting
is
a
check-in
for
active
development.
Asks
for
a
backdrop
CMS
before
we
get
into
things
were
working
on,
I
want
to
say
thanks
to
people
who
are
continuing
to
port
and
maintain
modules
for
backdrop,
we've
got
two
new
projects
this
week,
the
PDF
to
image
magic
project
in
the
block
embed
project,
both
of
which
are
modules.
A
We
also
have
a
new
maintainer
application,
in
the
backdrop
contribute.
So
if
anyone
else
is
interested
in
joining
back
job
can't
rib,
you
just
create
an
issue
in
the
issue
queue
and
it
will
walk
you
through
the
rest
from
there.
So,
hopefully,
people
are
finding
that
process
fairly
uncomplicated
in
helpful
website
development
tasks.
For
backdrop,
CMS
org,
we
are
working
on
improving
the
modules
teams
and
Lance
selection
process.
There's
a
meta
issue
that
includes
design
changes
at
issue
number
442,
you
in
the
backdrop
CMS
or
QED,
that
hasn't
got
any
attention
in
last
few
weeks.
A
If
anyone
has
front-end
and
site
building
abilities,
there
are
tasks
there
that
we
could
use
your
help
on
also,
if
anyone
has
any
interest
in
working
on
the
way
that
search
works
on
backdrops,
a
master,
org
I
think
right
now,
it's
using
a
views
exposed
filter
to
search
specific
fields.
We
might
want
to
change
that
to
use
backdrops
default
search
and
fix
any
problems
so
that
the
backdrops
default
search,
so
that
other
people
who
are
using
back
job
for
similar
things
would
get
better
results
as
well
forms.
A
Okay,
we
have
a
lot
of
updates
on
backdrop,
CMOS
the
project
itself
and
a
lot
of
the
stuff
that
we're
going
to
be
talking
about
today
is
coming
as
a
direct
result
of
a
video.
Earlier
this
week
did
a
CMS
smorgasbord,
where
they
compared
backdrop,
CMS
Drupal
aids,
Joomla
and
WordPress,
and
they
did
a
quick,
install
each
one
and
a
very
simple
test
of
creating
or
editing
a
piece
of
content
and
changing
the
theme
just
to
get
an
overall
first
impression
of
the
software
that
video
you'd
like
to
watch.
A
A
You
saw
her
for
the
first
time
from
all
versions
of
software
loads
for
polar
backdrop
or
WordPress
or
Joomla
or
whatever,
so
that
was
kind
of
a
fun
I
find
an
experiment
watching
somebody
who's,
obviously
very
technically
skilled,
he's
using
a
command
line
like
copy
files
around
and
stuff
experience
at
each
of
these
pieces
of
software
for
the
first
time.
So
with
that
I'll
kick
it
over
to
Nate
and
Nate.
You
can
point
out
any
of
the
issues
that
were
talking
about
for
a
backdrop
that
are
directly
related
to
that
video.
B
First
of
all,
one
point:
9.4
came
out
yesterday
there
was
a
ckeditor
security
update
that
was
released
that
then
set
in
motion
drupal,
releasing
an
a
security
release
that
then
set
in
motion
us
releasing
a
new
security
release.
So
one
point
9.4
is
now
out,
including
the
number
of
small
fixes
as
well.
So
our
current
backlog
of
minor
fixes
is
now
cleared
out
and
pushed
out
in
1.9.
Point
four
then
includes
a
couple
of
other
nice
little
fixes.
Some
things
related
to
upgrades,
like
the
upgrade
from
Drupal
7.
B
B
What's
the
right
right
word:
encoding,
UTF
MB
for
that
now,
when
you
do
a
new
install
that
flag
is
properly
set
so
that,
right
after
installing
it
doesn't
say,
hey,
you
need
to
upgrade
your
database
because
your
database
is
actually
already
upgraded.
It's
just
that
we
were
forgetting
to
set
the
flags
thing
that
had
already
been
updated.
So
that's
nice
that
a
couple
of
those
items
have
been
cleared
out
that
act.
That
second
issue
actually
was
rant
was
encountered
by
that
CMS
smorgasbord
Smackdown.
B
And
so
how
do
you
wait
until
today?
That
wouldn't
have
been
a
problem?
But
that's
the
way
things
go
with
live
broadcasts
that
sometimes
people
run
into
things
that
you
wish.
They
wouldn't
have
one
point,
nine
point:
five
will
be
our
next
bug
fix
release.
We
saw
this
outstanding
issue.
That's
plagued
us
all.
The
1.9
release
and
that's
issued
2904.
That
is
database
credentials
are
now
URL
encoded
in
settings.php
and
that
caused
some
problems
with
people,
upgrading
that,
if
you
have
a
percent
symbol
in
your
database
credentials
now
that
percent
symbol
doesn't
work
anymore.
B
It
has
to
be
encoded
as
well
to
make
it
so
that
it
doesn't
get
read
as
a
special
character.
So
we
have
some
attempts
to
fix
that
in
2004.
The
fix
is
actually
pretty
good
in
there,
but
we
would
like
to
have
some
kind
of
notification
to
users
saying
hey:
you
need
to
update
your
settings
about
PHP
to
make
it
so
that
that
%
book
its
encoded
properly,
there's
also
a
number
of
issues.
B
For
one
point,
nine
point:
five:
you
can
find
those
in
github
under
the
one
point,
nine
point:
five
milestone
for
one
point:
ten
one
point:
ten
comes
out:
May
fifteenth
and
our
feature
freeze
is
May
1st.
That
means
that
we've
got
11
days,
11
or
12
days
to
complete
the
functionality
for
what
will
be
in
1.10
and
then
from
then
on
out.
It's
tidying
things
up,
cleaning
up
bugs
and
then
the
one
point
end
release
will
be
May
15.
So
areas
of
focus
for
one
point:
10
include
some
improvements
to
modules,
themes
and
layouts.
B
The
way
those
things
are
installed
and
found
and
enabled,
and
just
general
interactions
with
extending
backdrop.
The
first
issue
of
that
is
instant
filter
on
the
modules
page
should
include
the
module
grouping
names.
That's
issued,
2973
current
status.
That
is,
that
we've
got
a
new
pull
request
this
week,
Thank
You
Jen,
but
it
needs
some
work.
B
So
that
is
back
to
the
need
to
report
needs
work,
status,
issue,
number,
837,
goodness
gracious
and
old
issue
is
making
it,
so
the
modules
can
have
tags
in
addition
to
categories
and
then
initially
that's
in
the
product
and
then
later
those
tags
would
also
be
used
when
doing
module,
searches
on
backups,
EMS
org
and
when
using
the
project
browser
in
backdrop
that
ultimately
searches
on
backdrop
seeing
that
story
status.
That
is
that
I
think
that
there's
been
some
effort
and
work
put
into
it,
but
it's
currently
being
revised,
I
think
Jenna,
sir.
B
B
A
I
couldn't
find
one
either
and
I
think
the
reason
we
didn't
have
an
issue
for
a
single
missing.
Screenshot
is
because
we
had
the
issue
for
let's
allow
more
than
one
screenshot
and
we're
gonna
do
that,
both
at
once
but
I
think
that
might
be
too
big
a
jump,
especially
between
now
and
code
freeze,
but
I
think
we
can
definitely
get
a
single
screenshot
in
so
I.
Don't
know,
I
want
to
take
a
look
at
it
and
see
how
far
we
are
from
anything
at
all.
A
I
think
that
the
reason
this
single
screenshot
seems
more
approachable
to
me
is
because
we
already
have
single
screenshots
and
those
projects
we
just
need
to
display
them,
so
it
wouldn't
require
like
any
changes
to
our
info
files
work,
but
getting
multiple
screenshots
means.
We
need
to
come
up
with
some
guidelines
around
how
that
would
work.
So
I
wanted
to
create
another
issue,
which
is
letters
note
number
in
here.
A
B
Yeah,
so
the
issue
for
multiple
screenshots
is
issue
1517,
which
has
been
open
for
or
in
a
while,
but
there's
no
recent
issue
on
progress
on
that.
This
is
more
just
kind
of
related
to
the
modules
themes
and
lattice
improvements
that
we've
been
working
on.
Although
I
don't
know
I'm
getting
any
of
that
in,
for
one
point,
ten
seems
I
couldn't
be
rushed
too
difficult.
I
mean
ten
days.
Is
it's
a
short
time
like
to
be
working
on
something
from
scratch?.
B
B
There's
a
number
of.
Let's
see.
Oh
these
things
got
moved
around
in
each
end.
Okay,
so
I'm
gonna
do
the
translation
improvements
because
we
always
cover
those
every
week,
even
though
there
hasn't
been
any
recent
progress
on
those
making
menu
items
translatable
issue
225
as
currently
in
needs
work
status,
but
is
not
far
off
from
completion
block.
B
Translation
is
also
in
really
good
shape.
Issue
29:56
and
in
this
past
week
we've
had
a
code
review
on
that
and
it's
back
to
meeting
a
little
bit
of
further
work.
In
particular,
we
could
use
some
assistance
in
writing
tests
there.
That
is
the
larger
hold
up.
The
code
review
only
has
some
minor
items
that
need
to
be
addressed,
but
before
they
can
be
merged
in,
we
need
the
test
coverage
for
making
it
so
that
these
blocks
are
translatable
issue.
704
is
config
translation.
B
This
one
we
haven't
seen
any
real
progress
on
this
cycle
and
I
think
that
it
almost
certainly
is
is
getting
bumped
at
this
point.
So
that
is
still
just.
We
have
a
rough
outline
of
how
to
proceed
there
and
a
proof
of
concept,
pull
request,
but
no
no
real,
solid
code
there
that
is,
would
be
likely
to
get
merged
in
for
one
point
ten,
so
that
one
will
probably
be
bumps
into
the
next
release
being
1.11.
B
3001,
herb
duel
has
been
adding
functionality
for
automatic
comment,
closing
so
that
per
content
type.
You
can
set
up
comments
so
that,
after
a
certain
period
of
time,
the
common
thread
capability
is
automatically
closed.
That's
a
generally
good
capability
to
you
know,
cut
down
on
unwanted
spam
and
old
content,
for
example.
It's
also
one
of
the
features
that
is
listed
in
the
make
it
so
that
backdrop
has
feature
parity
with
WordPress
as
it's
a
core
wordpress
functionality
as
well,
so
that
is
in
a
really
great
shape.
B
B
Also
in
the
category
of
useful
editorial
enhancements
issued
2072
gram.
72
has
been
working
through
this
issue
for
a
while
making
it
so
that
you
can't
upload
files
through
CK
editor
in
a
similar
fashion,
to
the
way
you
can
upload
images
through
CK
editor
that
is
currently
in
a
state
of
needs
review
thanks
a
lot
for
doing
review
rounds
on
that
as
well,
and
there's
been
a
lot
of
great
back-and-forth
there.
I've
interested
in
checking
out
some
new
editorial
capabilities.
That's
a
great
one
to
take
a
stab
at
give
some
review
feedback
on.
B
Also,
first
impression
improvements
or
things
that
we
could
do
to
improve
the
Installer
there's
a
slew
of
items
here
that
are
also
in
a
lot
of
needs.
Review
states,
issue,
30
32.
This
is
a
new
issue
that
actually
just
opened
this
week
after
discovering
some
new
fancy.
Javascript
browsers
can
now
have
direct
access
to
timezone
information,
and
this
is
widely
available
in
every
major
browser.
B
Now
this
functionality
hasn't
existed
in
the
past
and
it
makes
it
so
that
our
timezone
selection
right
now,
we
only
kind
of
guess
at
people's
time
zones
we
can
calculate
the
GMT
offset
and
then
guess
basically
on
the
most
popular
timezone.
That
is
on
that
offset
and
then
roughly
estimate
where
a
person
actually
is,
and
then
we
set
the
timezone
to
be
that
popular
time,
son
by
default.
B
But
that's
why
we
show
the
timezone
during
the
installers,
because
we
frequently
get
that
wrong,
because
we
can
only
do
or
previously
we
can
only
do
gmt
offset.
Now
the
browser's
have
access
to
times
and
information
we
can
accurately
identify
which
timezone
a
person
is
in
when
they're
doing
the
Installer,
and
if
we
have
a
very
high
percentage
hit
rate
of
getting
the
right
time
zone,
there's
no
real
need
to
show
them
the
option
for
timezone
at
all.
D
B
Interesting
well,
let's
yeah,
let's
add
some
comments
to
that
issue.
Then
in
any
case,
the
JavaScript
enhancement
can
still
be
put
in
place
to
make
it
so
that
we
just
the
right
time
zone
more
frequently.
Maybe
that
gets
put
in
place,
but
perhaps
not
the
hiding
of
it.
I.
Don't
know
I'd
like
to
see
it
in
an
entirely,
but
I
can
probably
be
talked
out
of
that
I.
E
B
A
It
was
not
a
problem
and
backdrop,
and
it
was
a
problem
because
they
changed
the
select
list
from
what
we
have
now
to
something
that
was
like
us.
It
had
like
opted
groups
in
it
or
whatever,
and
so
it
was
super
hard
to
navigate.
He
couldn't
find
into
the
right
time
zone
for
him.
He
tried
to
type
in
and
didn't
he
would
like
deep.
A
Over
that,
because
we
removed
country
so
there's
no
expectation
that
the
temps
on
will
match
the
country
after
he
set
the
country
and
we
didn't
change
our
time
zone,
select
widget
to
be
one,
that's
much
harder
for
people
to
use.
It's
still
just
a
select
less
as
I've
million
options
in
it.
But
if
we
can
leave
that
the
way
it
is
and
then
said
to
the
correct
one
and
normal
open
it
move.
B
B
A
Think
well,
let's
change
it
to
the
same
thing
that
your
boy
uses.
We
should
not
do
that
until
we
can
get
select
to
just
the
thing
that
allows
you
did
the
area
you're
looking
for
that's
what
does
EMS
smorgasbord,
okay
I
admit
anything
in
his
Marcel.
That's
what
he
tried
to
do
and
fails
because
it
didn't
work
and
so
I
think.
A
But
I
think
that
adding
the
JavaScript
is
a
no-brainer
to
make
it
more
correct
for
the
person
who's
likely
to
be
using
it.
But
maybe
we
shouldn't
shouldn't
hide
it.
And
yet
until
we
get
some
kind
of
consistent
consensus
on
whether
the
majority
of
people
installing
backups
sites
are
installing
in
their
own
time
zone
or
not-
and
we
shouldn't
change
it.
Yet
until
we
can
get
a
better
user
experience
at
using
the
new
widget.
B
Okay,
let's
take
this
one
to
the
issue
queue.
The
issue
is
thirty
thirty-two
and
we
can
discuss
further
there
or
at
least
D
scope,
the
more
ambitious
parts
of
it
perhaps
and
then
follow
up
in
subsequent
issues
if
needed,
more
things
in
the
installer
or
kind
of
related
to
the
installer
password
field
updates.
B
So,
instead
of
having
type
your
password
type,
your
password
again,
which
can
be
very
tedious
on
a
mobile
device
or
any
touch
device
actually
making,
so
that
there's
only
one
one
password
field
and
then
allowing
the
user
to
show
it
or
show
hide
their
password
so
that
they
can
review
it
visually
rather
than
typing
it.
In
twice
that
issue,
it
doesn't
want
to
actually
really
pretty
neat
things
that
it
moves.
B
Password
strength
off
of
the
password
confirm
password
element
and
onto
the
normal
password
element
and
then
also
adds
the
password
toggle
to
the
normal
password
element
so
and
and
then
updates
the
places
where
password
confirms
currently
used
to
switch
to
the
toggle
approach
so
that
one's
been
in
discussion
for
quite
a
while
I
think
that
we've
generally
agreed
that's
good
approach
to
be
following.
But
even
again,
if,
like
the
approach,
doesn't.
B
Apply
everywhere,
that's
we're
currently
attempting
to
do
it.
We
can
still
make
the
API
enhancements
and
then
decide
where
those
changes
are
actually
put
into
use
at
Olympic
time.
So
more
comments
and
feedback
would
be
appreciated
on
that
one
issue:
297
whoo,
okay,
more
in
the
Installer
issue,
25
20.
This
issue
came
up
a
couple
of
months
ago
that
we
had
someone
that
was
installing
backup
for
the
first
time
and
found
that
they
could
not
get
a
backdrop
installed
because
of
a
cryptic
error.
Saying
no
such
file
or
directory.
B
Coincidentally,
I've
actually
been
encountering
this
same
problem
for
months,
but
I
hadn't
really
looked
into
why
that
was
actually
occurring.
This
person
found
that
they
could
switch
their
database
credentials
from
using
localhost
to
being
127.0.0.1,
and
that
worked
better
for
them
and
the
full
explanation
of
why
that
is
is
in
that
issue.
But
the
recommendation
that
we
that
we
have
in
there
is
that
we
should
just
try
both.
B
We
should
try
localhost
if
localhost
works
then
use
it,
and
if
localhost
doesn't
work,
then
try
127.0.0.1
as
an
automatic
toggle
during
the
installation
process,
so
basically
try
both
if
either
one
of
those
synonyms
for
localhost
is
being
used
as
the
database.
Then
we
should
try
one
approach.
Then
we
should
try
the
other
if
the
first
one
fails
and
thus
reduce
friction
further.
B
But
it
is
in
Drupal
8,
but
we
had
originally
I
think
backed
away
from
that
a
little
bit
because
of
security
concerns.
But
on
further
review
we
found
this.
The
ability
to
create
tables
is
the
same
permission
level
as
the
ability
to
create
an
entire
database.
Similarly,
the
ability
to
drop
tables-
this
is
name
permission
as
the
ability
to
drop
an
entire
database.
B
Since
backdrop
already
needs
the
permission
to
create
and
drop
tables
for
a
number
of
things,
installing
a
knight
installing
modules
or
adding
or
removing
fields,
for
example,
there's
no
difference
in
permission
level
between
those
two
operations.
So
bringing
a
database
during
the
installation
is
no
different
than
permission
wise
and
creating
a
table
so
there's
very
little
difference,
at
least
in
permissioning.
As
far
as
my
sequel
is
concerned,.
B
Think
in
that
issue,
possibly
or
maybe
it's
in
issue-
25
20-
that
other
one-
it's
it's
a
big
long
error.
It's
like
a
bullet
list
for
bullet
points
of
like
possible
things
that
could
be
wrong
actually
looks
like
there
is
no
screen
shot.
Oh
yeah
yeah,
the
thinness,
there's
yeah
is
the
database
server
running?
Does
the
database
exist
or
does
the
user
have
sufficient
privileges
to
create
the
database?
Have
you
entered
the
correct
database
name?
Have
you
entered
the
correct
username
confessor?
Have
you
entered
the
correct
host
name
yeah?
We.
C
C
No,
but
it
there
might
want
things
there
might
still
be
permissions
where
the
user
does
it
either
doesn't
have
permission
to,
because
in
my
sequel,
your
grant
using
grant
permissions
to
users
on
particular
databases,
not
the
ability
to
create
a
new
database
like
if
you
create
a
new
user
and
grant
all
on
then
just
like
table
name
star.
That
user
only
has
permission
to
do
everything
within
that
database
not
create
new
databases,
so
there
still
is.
There
is
still
the
possibility
where
they
have
to
create
the
database.
That's
not
created
yet.
C
B
B
C
B
That
that
is
universal
across
all
database
systems,
but
it
is
the
case
for
my
sequel,
okay,
yeah
strange,
that's
what
I
that's
exact
I
was
like.
It
seems
like
a
security
concern
and
I
looked
at
I
was
like
oh,
it's,
it's
actually
exactly
the
same
permission
level,
even
though
I
would
probably
say
it.
Maybe
that
shouldn't
be
like
as
far
as
my
sequel
is
concerned,
but
it's
hard.
It
is.
B
Okay,
but
anyway,
more
feedback
on
that
yeah
take
a
look
at
all
of
those
issues
if
you're
interested
in
participating
or
viewing
feedback
is
needed
on
all
of
them
and
I
think
taking
it
individually,
but
certainly
if
they
were
all
combined
together.
Those
are
a
number
of
issues
that
would
reduce
friction
during
the
installation
process,
making
it
more.
B
People
can
get
through
the
installer
with
fewer
problems,
that's
it
for
the
1.10
summary,
there's
more
issues,
of
course,
and
if
anybody
has
any
items
that
they
would
like
to
bring
up
regarding
things
that
are
being
attempted
for
1.10
open
the
floor
for
any
any
additional
issues
that
are
worth
mentioning
during
the
meeting.
Anybody
yeah.
D
D
D
We
called
the
amount
request,
I'm,
not
sure
if
we
dismissed
that
issue
or
not
to
use
a
CDN
to
to
load
the
ckeditor
maybe
was
for
another
library,
no,
but
I
think
it
was
sick,
editor
and,
and
what
this
got
me
thinking
is
if,
if
back
took,
there
was
a
request
to
load
that
from
a
CDN.
But
the
thing
we
are
concerned
was:
what
happens
if
people
are?
D
We
need
to
ship
it
with
Cole,
because
if
people
are
doing
that
on
their
local
without
internet
access,
then
there's
a
gated
and
would
not
work,
and
my
thought
was.
Why
can
we
have
it
so
that
by
default
it
tries
to
load
it
from
the
CDN
and
if
it
fails
to
load
it
from
the
CDN,
then
it
gets
the
local,
whatever
local
version
it
has,
and
the
reason
why
my
thought
my
thought
process
was
for
that
was
if
the
CDN
was
pointing
to
whatever
the
latest
version
is
next
time.
A
F
B
Yeah
piling
on
to
the
problems
with
using
a
CDN
also
is
that
if
we
just
use
the
latest
version
of
seek
editor
all
the
time
which
is
actually
what
we
attempted
to
do
in
our
patch
was
just
update
to
the
latest
version
of
CQ
editor.
That
includes
the
security
fix,
but
it
turned
out
that
it's
not
compatible
with
something
and
it
broke
the
editor
so
having
a
new
release
of
CK
editor
suddenly
breaking
everybody's
website
because
they
made
an
API
change
would
not
be
ideal.
B
For
a
backdrop
experience,
and
on
top
of
that,
the
combination
of
plugins
that
we're
using
when
you
assemble
a
CK
editor
build
you
choose
which
plugins
you
want,
and
we
have
a
combination
of
plugins
that
is
lighter
weight
than
a
typical
city,
editor
installation,
but
also
includes
some
non-standard
plugins
that
are
not
NS,
CK
editor
installation.
So
our
particular
bundled
version
of
CK
editor
is,
is
a
combination
of
plugins
that
you
wouldn't
find
on
a
CDN
either.
B
D
Won't
insist
anymore,
but
here's
another
thought
if
we
maintained
somewhere
on
backup
CMS,
though
toward
a
list
of
the
most
recent
compatible
version
that
does
not
break
things
then,
instead
of
all
sites
requesting
the
latest
latest
version
of
security,
they
could
just
be
requesting
from
backup
CMS
the
board.
What
is
the
latest
compatible
version?
So
if
we
did.
A
C
C
D
A
security
release
comes
out,
it
doesn't
and
and
everybody
needs
to
update
their
site
because
of
the
ckeditor
that
needs
to
be
included
there.
But
if
it
wasn't,
there
wasn't
any
need
for
immediate
update.
So
they
would
get
the
last
version
from
the
CDN,
the
recommended,
whatever
we
have
as
a
recommended
and
they
could
update
like
throw
up
their
own
leisure
like
whenever
they
feel
like
yeah.
B
B
A
First
key
because
there
could
be
something
that
they're
using
that
we
don't
know
that
we
check.
We
now
made
any
key
I
change
without
notifying
them
that
there's
an
API
change
because
they
have
no
version
number.
This
is
what
I
have
this
from
them
all
time
with,
like
using
systems
that
provide
api's,
that
don't
know
how
API
is
work
where
they
have
the
same.
A
A
Anything
on
top
of
CK
editor
break
if
we
just
change
the
code
up
from
underneath
them
on
the
same
URL,
and
so
then,
if
we're
pointing
at
one
point
or
seven
point
one
point
four,
and
we
change
to
just
seven
point
one
point:
five:
we
still
need
to
have
that
I'm
update
their
local
site
to
say
go
use
every
one
point:
five.
Instead,
hey.
B
B
B
G
I
figured
out
I
had
to
reconfigure
hangouts
again
for
specifying
that
audio
device.
I
have
a
question.
I,
don't
know
if
this
is
the
right
place
or
time
regarding
security
procedures
in
the
future
and
the
last
two
updates
kind
of
have
been
bringing
it.
To
my
mind
as
backdrop
and
Drupal
diverge
over
time,
there
will
be
more
code,
that's
in
back
because
that's
unique
from
Drupal
and
relying
on
Drupal
to
find
security
fixes.
It
will
not
really
be
a
viable
option.
Is
there
a
plan
or
an
idea,
or
something
that
works
or
thought
process
about?
G
B
The
okay,
so
there's
couple
of
things
we
do
have
some
automated
tests
in
place
like
some
of
the
simple
tests
actually
Chuck,
you
know
come
and
XSS
problems
to
make
sure
that
our
filtering
continues
to
work
and
doesn't
break
with
regressions
in
some
places.
So
there
is
the
automatic
testing
that
happens
there
and
then,
as
for
reporting
issues,
we
do
have
both
mailing
list
and
email
address
that
people
can
subscribe
and
send
reports
to.
B
But
in
the
time
being,
for
the
time
being,
you
know
we
have
a
lot
of
overlap
with
Drupal
security
issues
and
when
that
happens,
right
now
only
I'm
being
added
to
the
security
issues,
mostly
because
it's
tedious
using
Drupal's
security
website
to
add
to
individuals
like
there's
no
ability
to
say
like
add
a
group
of
people,
you
have
to
add
them
all
individually
and
we
we've
asked
to
get
Jeff
added
a
couple
of
times,
but
I
think
that
it's
not
that
they're
unwilling.
It's
just
that
it's
more
overhead
for
them
to
continue.
B
E
A
There
was
also
kind
of
a
question
there
about
like
how
do
we
find
the
security
issues
in
the
first
place
and
bactrim
undrivable
whole
site
is
the
same,
which
is
that
you
know
we.
We
have
automated
tests,
as
Nate
said,
they'll
check,
stuff
and
things,
but
we're
really
relying
on
people
who
are
using
the
software
to
find
that
exploits
and
report
them
using
the
security
channels.
A
It's
just
so
how
much
they're
right
now
there's
a
lot
more
people
using
the
Drupal
software,
so
they're
getting
a
lot
more
of
the
first
reports
of
security
issues
than
backdrop
is,
but
I
would
imagine
that
over
time
as
people
start
using
backdrop
more
and
as
people
start
using
Drupal,
7,
less
that'll
shift
to
being
the
majority
of
people
would
start
reporting,
or
at
least
a
lot
more
people
would
start
reporting
to
your
backdrops
channels
than
towards
your
pulse.
If
that's
where
the
issues
are
discovered.
So
it's
the
same.
E
A
B
Yeah
we've
actually
started
speaking
of
security.
We
started
adding
security,
int
or
a
common
backdrop
presentations,
so
the
presentation
repository
and
the
last
time
Jenna
night
a
couple
of
times
we've
given
presentations.
We
now
include
like
hey:
how
does
collaboration
work
with
security?
Just
because
is
always
asked.
B
Okay,
well,
I
think
that's
it
we're
pressing
almost
into
the
hour-long
mark,
I,
think
we're
wrap
up
for
today.
Thank
you,
everybody
for
joining
the
meeting
and
thank
you
for
all
of
the
activity.
That's
been
happening
in
issue
2.
I
know
it's
always
very
exciting,
as
we
had
took
head
towards
a
feature
freeze,
but
it's
been
a
good
release
like,
although
thus
are
like
the
functionalities
in
1.10,
is
fairly
modest,
but
with
the
number
of
things
that
we
have
in
the
pipe.