Open sourcing security, or, how Drupal could have saved the ABC's users
Monday, March 4, 2013 - 11:04
You might have heard that last week the ABC got hacked. The truth is a bit more complex than this, and is not as alarming as the statement may imply; rest assured, most of Aunty's sites are fine. However, there are still plenty of lessons to be learnt for everyone concerned, whether you run a website or merely use a website's services. In this post, we'll walk you through some of these lessons, and we'll show how Drupal could have prevented this from happening.
If you’re working with Drupal, you’re probably aware that the next major release of Drupal is going to integrate with the wider PHP ecosystem in a big way. Its adoption of Symfony is a really big deal, not just for Drupal developers who will have a lot to learn, with access to a huge stable of components as a trade-off. It’s also a big deal for Symfony developers, who have a whole new platform to develop for, and also the PHP community at large, who Drupal developers are now able to contribute to at a much deeper level.
We had a look around for a comprehensive list of Symfony components that are going to be in Drupal 8, but we couldn’t really find one that was up to date. For your benefit, here’s a list we put together that outlines the current list of Symfony components used in Drupal 8.
Tuning into some of the discussion on Drupal 8’s new additions, you may have heard about the Dependency Injection Component from the Symfony project. Its inclusion is one of the many architectural changes helping Drupal modernise its approach to code organization.
In this brief introduction, I'll endeavour to explain the concept of Dependency Injection, and see how it impacts our code, hopefully demystifying a topic which is simpler than you might think.