Though the biggest news this month is the release of Drupal 9, that doesn't mean big releases aren't happening on other versions of Drupal too. The milestone represented by Drupal 9 also welcomes new versions of both Drupal 7 and Drupal 8 to the Drupal ecosystem. It's been four-and-a-half years since Drupal 8 was released, and 54 months of development from scores of contributors around the world went into Drupal 9. And thanks to the indefatigable efforts of open-source contributors in the module ecosystem, there are already over 2,000 contributed modules ready to go, compatible with Drupal 9 out of the box.
Drupal 9 is a massive step for innovation in the Drupal community, thanks to the careful thought that went into how Drupal can continue to stay ahead of the curve. During the Drupal 9 development cycle, which was largely about deprecating and removing old code, the Drupal core committers laid the groundwork for the future and facilitated a more pleasant upgrade experience from Drupal 8 to Drupal 9 that should smooth over many of the hindrances that characterized the transition from Drupal 7 to Drupal 8. And there's already exciting new plans ahead for Drupal 9, with coming releases consisting of even more refactoring and deprecations. With Drupal 9.1 in December, the focus will shift to new features and improvements, including user experience, accessibility, performance, security, privacy, and integrations.
In the second episode of our new monthly show Core Confidential, Fabian Franz (VP Software Engineering at Tag1) sat down with Michael Meyers (Managing Director at Tag1) and your host Preston So (Editor in Chief at Tag1 and author of Decoupled Drupal in Practice) for a quick but comprehensive survey of how Drupal 9 will change Drupal for the better. Beyond discussing the technical improvements and ecosystem advancements, this Core Confidential episode also dives into the anxieties, challenges, and concerns that core committers have about Drupal 9 moving forward.
Two moderately critical advisoriess that you need to be aware of and address:
- Drupal core - Moderately critical - Open Redirect - SA-CORE-2020-003
- Cross Site Scripting Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002