Keynote: Security, Drupal 9, and the Changing Web Landscape




Drupal 8 core has made its way "off the island" by leveraging industry standards like semantic versioning, package management, third-party libraries, and other external tools. This shift brings a lot of benefits but has also impacted how we manage release schedules, backward compatibility, and security. Drupal isn't alone in experiencing these impacts; they affect many CMSes, frameworks, and individual applications. This session explores some of the impacts, including addressing some of the following questions

- What's different about Drupal 8?
- What will be different about Drupal 9?
- ...And what about Drupal 10?
- How do third-party libraries affect release schedules and security procedures?
- What are some of the risks and drawbacks for applications using package managers like Composer, npm, and yarn?
- How can those risks be mitigated?
- Can (or should) we head back to the island?

Session Type: