50 min

This session has been performed in DrupalIberia 2024 & Drupalcamp Spain 2024

Abstract:

Tailwind CSS and Alpine Js are very useful when it comes to Single Directory Components in Drupal. With the use of Storybook module in Drupal, frontend guys can start development and testing of Design much earlier in isolation than when the Drupal structure is ready. My company is also involved in heavy development of a contributed theme named Tailpine which makes it easier to work with these technologies.

Tailwind CSS 4 is becoming the standard in modern front-end development. And yet, Drupal frontends are still largely tied to Bootstrap. Simply dropping in Tailwind isn’t enough. You need to use it effectively to keep your markup clean, optimize performance, and maintain flexibility.

This session will cover:

Drupal has many tools for rich content editing, starting from default CKEditor, which can be extended with plugins, the entire Paragraphs ecosystem, Layout Builder, and its extensions.

Decoupled Drupal has moved beyond experimentation, it’s delivering real-world performance, scalability, and flexibility beyond traditional architectures. This session dives into the latest decoupled projects shaping the future of Drupal:

Get your cards out—let’s play buzzword bingo!

This session aims to demystify DevSecOps and provide a clear, step-by-step guide for integrating security seamlessly into the DevOps lifecycle. But this is more than just theory—we’ll explore real-world strategies, tools, and cultural shifts needed to create a robust DevSecOps environment, specifically tailored to teams working with Drupal and related web technologies.

Drupalistas know the issue: form and content aren’t always as clearly separated as they should be. Blocks, for example, are configuration, but their content isn’t, which makes rolling out new features tricky. Views headers and their translations are also configuration, meaning they can’t be easily edited by editors, leading to frustration. Slots solves these challenges, giving editors and marketers full control over their website content.

Injection attacks like SQL injection (SQLi) have a history that is older than the Internet Explorer, so why then does it continue to plague our modern applications?

In a recent research project, we look at various injection attacks including, SQLi, Command Injection, Path Traversal and Cross-Site Scripting (XSS) attacks in both open-source and closed-source projects to discover how prevalent they remain in 2025.

If you're attending Drupal Dev Days attendee, you've probably heard about Experience Builder, and seen glimpses during multiple DriesNotes. You're likely wondering what's changed since then. And you're quite possibly wondering how it all works.

If so: this session is for you! Bálint and Wim will:

Onboarding new developers into a Drupal team can be both exciting and challenging. Drupal’s unique learning curve, combined with the need to integrate into an existing team, often creates hurdles for newcomers. In this talk, I’ll share insights and lessons learned from my experience as a Drupal developer and team leader, focusing on how to make Drupal appealing to new developers and effectively onboard them into your team.

We’ll explore: