Drupal Release: 8.0.0-alpha14

TL;DR

Drupal 8.0.0-alpha14 brings significant architectural improvements and modernization to the codebase. This release focuses on cleaning up deprecated code, improving accessibility, enhancing multilingual capabilities, and introducing the new MenuLinkNG system. Major changes include the addition of entity caching, removal of XML-RPC, improved form handling with FormStateInterface, and standardized route naming conventions. The release also includes numerous accessibility improvements and bug fixes that make Drupal 8 more robust and developer-friendly.

Highlight of the Release

• Introduction of entity caching to core for improved performance
• Removal of XML-RPC from core
• New MenuLinkNG system for improved menu link management
• Standardized route naming conventions across core modules
• Improved form handling with FormStateInterface replacing array-based form states
• Required alt text for images in CKEditor for better accessibility
• Redesigned password strength indicator
• Updated text field and textarea styling
• Twig autoescape enabled by default for improved security

Migration Guide

Form API Changes

Developers need to update their code to use the new FormStateInterface instead of array-based form states:

• Replace $form_state['values'] with $form_state->getValues()
• Replace $form_state['input'] with $form_state->getUserInput()
• Replace $form_state['rebuild'] with $form_state->setRebuild()
• Replace $form_state['redirect'] with $form_state->setRedirect()
• Replace $form_state['redirect_route'] with $form_state->setRedirect()
• Replace form_set_error() with $form_state->setErrorByName()
• Replace form_error() with $form_state->setError()
• Replace drupal_redirect_form() with appropriate FormStateInterface methods
• Replace drupal_build_form() with FormBuilderInterface::buildForm()

Removed Functions

The following functions have been removed and should be replaced with their alternatives:

• user_access() → $account->hasPermission()
• drupal_rebuild_form() → use FormBuilderInterface methods
• check_plain() → use appropriate Twig filters or Html::escape()
• format_interval() → use \Drupal::service('date')->formatInterval()
• comment_num_new(), comment_get_display_ordinal(), comment_get_display_page(), comment_new_page_count() → use methods on Comment entities
• views_get_view(), views_plugin_list(), views_fetch_plugin_names(), views_get_plugin_definitions() → use the Views plugin manager service
• user_authenticate() → use the user.auth service

XML-RPC Removal

XML-RPC has been removed from core. If your site depends on XML-RPC functionality, you'll need to find or create a contributed module that provides this functionality.

Menu Link Changes

The new MenuLinkNG system replaces the old menu link system. If you have custom code that interacts with menu links, you'll need to update it to use the new plugin-based system.

Route Name Standardization

Route names have been standardized across core modules. If your code references these routes, you'll need to update the route names accordingly.

Upgrade Recommendations

For Site Owners

This is an alpha release and not recommended for production sites. However, if you're testing Drupal 8, upgrading to this alpha will help you stay current with the latest developments and provide valuable feedback to the community.

For Developers

Developers working on Drupal 8 modules should upgrade to this alpha to ensure compatibility with the latest API changes. Pay special attention to:

1. Form API changes using FormStateInterface
2. Removal of deprecated functions
3. New menu link system (MenuLinkNG)
4. Standardized route naming conventions
5. Entity caching implementation

For Module Maintainers

Module maintainers should review their code for:

1. Usage of removed functions like user_access(), check_plain(), and format_interval()
2. Array-based form state usage that should be updated to FormStateInterface
3. XML-RPC dependencies that need to be replaced
4. Menu link implementations that need to be updated for MenuLinkNG
5. Route names that need to be updated to match the new standardized naming conventions

Testing Recommendation

Before upgrading, create a complete backup of your site. After upgrading, thoroughly test all site functionality, especially custom modules and themes, as many API changes have been introduced in this release.

Bug Fixes

Configuration and Translation Issues

• Fixed configuration overrides not being updated when config changes
• Fixed shipped configuration not passing validation with all modules enabled
• Fixed Views which include elements dependent on uninstalled modules
• Fixed regression where checkbox to enable translation for users did not save
• Fixed admin user language preference causing WSOD if ahead of path prefixes

Form and UI Issues

• Fixed Views UI "Add" dialog submission returning to the same dialog
• Fixed clicking "Add" filter and then canceling dialog resulting in "You have unsaved changes"
• Fixed wrong #states for "Restrict to the selected roles" in Views UI
• Fixed HTML double-escaping in EditorImageDialog
• Fixed HTML double-escaping in CKEditor toolbar configuration UI
• Fixed HTML double-escaping in Text Editor image settings configuration UI
• Fixed 'Add Link' button adding a new menu instead
• Fixed deleted Views display not being struck through

File Handling

• Fixed valid file extensions in file names not being properly enforced when uploading files
• Fixed PostgreSQL backend not handling NULL values for serial fields gracefully

Other Fixes

• Fixed CKEditor's "readonly" being applied per-format instead of per-instance
• Fixed search_excerpt() using strrpos() incorrectly
• Fixed Xss::split() failing on custom HTML elements with dashes in the name
• Fixed field weights not being respected on render
• Fixed Views not depending on modules providing their displays

New Features

Entity Caching

Entity caching has been added to core, significantly improving performance for sites with many entities. This feature allows entities to be cached and invalidated efficiently using cache tags.

MenuLinkNG System

A new menu link system has been introduced that uses plugins for menu links. This includes a new MenuLinkManager, MenuTreeStorage, and MenuLinkTree API, providing a more flexible and powerful way to manage menu links.

Backend-aware Service Overrides

A standard mechanism for backend-aware service overrides has been defined, allowing services to be overridden based on the backend being used.

Migration Groups

Migration groups have been implemented, allowing migrations to be organized and executed together.

Twig Extensions

A URL generator Twig extension has been added, making it easier to generate URLs in Twig templates.

Improved Throbber API

The throbber API has been expanded to include a 'full screen' option, providing better user feedback during long operations.

Search Index Status in Status Report

The search index status has been added to the Status Report page, making it easier to monitor the state of the search index.

Security Updates

Twig Autoescape Enabled by Default

Twig autoescape has been enabled by default, which helps prevent XSS vulnerabilities by automatically escaping output in Twig templates.

Form Select Options XSS Fix

The form_select_options() function has been updated with an XSS fix from SA-CORE-2014-003.

Access Control Improvements

• Fixed a security hole in AccessManager::checkNamedRoute() which was leaking attributes from the current request
• Improved entity access API for checking access to private files

Performance Improvements

Entity Caching

The addition of entity caching to core significantly improves performance for sites with many entities. This feature allows entities to be cached and invalidated efficiently using cache tags.

Optimized Form Processing

Several optimizations have been made to form processing, including removing unnecessary loops and function calls.

Reduced Database Queries

• Second loop in module_implements() was being repeated unnecessarily and has been fixed
• Optimized EntityViewBuilder::viewField() to avoid iterating on fields unnecessarily

Search Performance

• Added ability to turn off watchdog logging of all searches, which was causing a performance hit
• Improved search indexing and filtering capabilities

Configuration System Optimization

• Removed cache duplications in LocaleConfigManager / TypedConfigManager
• Field storage and instance no longer call toArray() in __wakeup() which was very slow

Impact Summary

Drupal 8.0.0-alpha14 represents a significant step forward in the development of Drupal 8, with a focus on code modernization, performance improvements, and accessibility enhancements. The introduction of entity caching will provide substantial performance benefits for sites with many entities. The new MenuLinkNG system offers a more flexible and powerful way to manage menu links through a plugin-based architecture.

Developers will need to adapt to several important API changes, particularly the shift from array-based form states to using FormStateInterface, and the removal of many deprecated functions like user_access(), check_plain(), and format_interval(). The removal of XML-RPC from core may impact sites that rely on this functionality.

Accessibility has been improved with required alt text for images in CKEditor, better contrast between title/slogan and header, improved responsive toolbar accessibility, and consistent use of 'screen reader' terminology. The UI has been enhanced with updated text field and textarea styling, a redesigned password strength indicator, and improvements to the throbber API.

Security has been strengthened by enabling Twig autoescape by default and fixing several XSS vulnerabilities. Multilingual capabilities have been improved with better language configuration and translation handling.

Overall, this alpha release continues to refine and stabilize Drupal 8's architecture while introducing important new features and improvements that will benefit developers, site builders, and end users.