Support for Drupal 7 will end in January 2025 and some Drupal 7 contributed projects are unsupported already. There are currently no official plans to extend Drupal 7 support on drupal.org, which is a problem for the 320,000 sites still running on Drupal 7. After the initial release of Drupal 7 in 2011 it was the most successful Drupal version in terms of usage and still accounts for 40% of all known Drupal installations today.
In this session I will talk about D7Security, an unofficial open source project to implement Drupal 7 long term support now and in the future. With this initiative Drupal 7 site operators have more time to update or migrate their Drupal 7 projects while still receiving security support. I will cover these points:
- D7Security goals and non-goals, what Drupal 7 long term maintenance means
- how it works and what the mission is
- D7Security using Gitlab.com to develop and maintain Drupal 7 projects
- Who are the people in the D7Security group
- d7securtiy_client - helper module Drupal 7 sites should install to get update notifications
- Security policy - where should people report Drupal 7 vulnerabilities
- Drush support and how it integrates with D7Security
- Alternative initiatives for Drupal 7: the Drupal 7 soft landing initiative, Drupal 7 migrations to Drupal 10 or Backdrop CMS
Afterwards I plan to have an open discussion:
- What do Drupal 7 users and developers need in addition to D7Security?
- What is the best way to proceed after January 2025 when D7Security will fully take over from drupal.org?
- How can we reach interested Drupal 7 community members?