What’s New in Drupal 9.2.0
The second feature release of Drupal 9 helps keep your site even more secure, and comes with increased visitor privacy protection, improved migration tools from Drupal 7, enhancements to the Olivero frontend theme and early support for the WebP image format.
Security and privacy improvements
Critical security advisories and public service Announcements will now be displayed on the status report page and certain administration pages for the site’s administrators. This helps prepare site owners to apply security fixes in a timely manner. For increased privacy protection of your site visitors, Drupal 9.2.0 now blocks Google Federated Learning of Cohorts (FLoC) cookie-less user tracking by default.
Better building blocks out of the box
The Olivero theme, soon to be Drupal’s new default frontend theme, has dozens of major improvements in this release, including a new form design and various accessibility fixes. The built-in Umami demo is now also more flexible with a built-in editor role and more versatile Layout Builder demonstration.
On the way to Drupal 10
In preparation for Drupal 10, all Symfony 5 and and several Symfony 6 compatibility issues have been resolved. As part of modernizing the frontend of Drupal 9, core’s Tour feature now uses ShepherdJS instead of jQuery Joyride. This significantly improves accessibility of tours and removes one more reliance on jQuery.
The already stable migration path from Drupal 7 is now expanded with migrations for user settings, node/user reference fields and other previously missing pieces.
Drupal’s GD toolkit integration, and, therefore image styles, can now manage WebP images. There is more to do for complete WebP support. Stay tuned for improvements in future releases.
Sneak peak at future core features
The upcoming core CKEditor 5 upgrade is being worked on in a contributed project. Progress has been made on various aspects of the roadmap, and the project is near to completing all issues identified as requirements for tagging a beta release. Core inclusion is expected in Drupal 9.3.0, but contributed projects are requested to build compatibility ahead of that.
The Automated Updates Initiative has been very active in the repositories under https://github.com/php-tuf building a PHP implementation of The Update Framework (TUF) with Typo3 and Joomla developers to provide signing and verification for secure PHP application updates. Results will be included with later Drupal releases.
Check out the initiative keynotes from DrupalCon North America 2021 on what else is in the works.
What Does This Mean for Me
Drupal 9 site owners
Drupal 9.0.x is now out of security coverage. Update at least to 9.1.x to continue to receive security support.
Drupal 8 site owners
Update to at least 8.9.x to continue receiving bug fixes until Drupal 8’s end of life in November 2021. The next bug-fix release (8.9.17) is scheduled for June 7, 2021. (See the release schedule overview for more information.) Versions of Drupal 8 before 8.9.x no longer receive security coverage.
With only five months left until the end of life of Drupal 8, I suggest that you upgrade from Drupal 8 to Drupal 9 as soon as possible. Upgrading is supported directly from 8.8.x and 8.9.x. Of the top 1000 most used drupal.org projects, 94% are updated for Drupal 9, so the modules and themes you rely on are most likely compatible.
Drupal 7 site owners
Drupal 7 is supported until November 28, 2022, and will continue to receive bug and security fixes throughout this time. From November 2022 until at least November 2025, the Drupal 7 Vendor Extended Support program will be offered by vendors.
On the other hand, the migration path for Drupal 7 sites to Drupal 9 is stable. Read more about the migration to Drupal 9.
Translation, module, and theme contributors
Minor releases like Drupal 9.2.0 include backwards-compatible API additions for developers as well as new features.
Since minor releases are backwards-compatible, modules, themes, and translations that supported Drupal 9.1.x and earlier will be compatible with 9.2.x as well. However, the new version does include some changes to strings, user interfaces, internal APIs and API deprecations. This means that some small updates may be required for your translations, modules, and themes. Read the 9.2.0 release notes for a full list of changes that may affect your modules and themes.
This release has further advanced the Drupal project and represents the efforts of hundreds of volunteers and contributors from various organizations. Thank you to everyone who contributed to Drupal 9.2.0!