
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
drupal-cloud-starter
Advanced tools
A comprehensive Next.js starter template for building modern headless websites with Drupal Cloud backends. Features a professional marketing homepage, dynamic articles system, and seamless GraphQL integration.
A comprehensive Next.js starter template for building modern headless websites with Drupal Cloud backends. Features a professional marketing homepage, dynamic articles system, and seamless GraphQL integration.
Clone and install dependencies:
npm install
Configure environment variables:
cp .env.example .env.local
Update .env.local
with your Drupal backend configuration:
# Required - Drupal backend URL
NEXT_PUBLIC_DRUPAL_BASE_URL=https://your-site.dcloud.ddev.site
NEXT_IMAGE_DOMAIN=your-site.dcloud.ddev.site
# Authentication - OAuth credentials
DRUPAL_CLIENT_ID=your-client-id
DRUPAL_CLIENT_SECRET=your-client-secret
# Required for On-demand Revalidation
DRUPAL_REVALIDATE_SECRET=your-revalidate-secret
# Allow self-signed certificates for development (DDEV)
NODE_TLS_REJECT_UNAUTHORIZED=0
Start the development server:
npm run dev
Open http://localhost:3001 to see your site.
Variable | Description | Required |
---|---|---|
NEXT_PUBLIC_DRUPAL_BASE_URL | Your Drupal backend URL | ✅ |
NEXT_IMAGE_DOMAIN | Domain for Next.js image optimization | ✅ |
DRUPAL_CLIENT_ID | OAuth client ID for authentication | ⚠️ |
DRUPAL_CLIENT_SECRET | OAuth client secret | ⚠️ |
DRUPAL_REVALIDATE_SECRET | Secret for on-demand revalidation | ⚠️ |
NODE_TLS_REJECT_UNAUTHORIZED | Set to 0 for DDEV development | 🔧 |
The starter provides these main pages:
/
(Homepage) - Static marketing page with hero section and features showcase/articles
- Dynamic article listing powered by GraphQL/articles/[...slug]
- Individual article detail pages with full content/about
- Static about page with company information/contact
- Static contact page with form and business detailsYour Drupal backend needs:
Required Modules:
Article Content Type with these fields:
title
(default)body
(default)OAuth2 Configuration:
GraphQL Schema configured to expose:
nodeArticles
query (from GraphQL Compose Edges)route
query for individual articlesdrupal-cloud-starter/
├── app/ # Next.js app directory
│ ├── about/ # About page
│ │ └── page.tsx
│ ├── api/ # API routes
│ │ └── graphql/ # GraphQL proxy
│ │ └── route.ts
│ ├── articles/ # Articles section
│ │ ├── [...slug]/ # Dynamic article pages
│ │ │ └── page.tsx
│ │ ├── layout.tsx # Articles metadata
│ │ └── page.tsx # Articles listing
│ ├── components/ # React components
│ │ ├── ArticleTeaser.tsx # Article card component
│ │ ├── Header.tsx # Site navigation
│ │ └── providers/
│ │ └── ApolloProvider.tsx # GraphQL client provider
│ ├── contact/ # Contact page
│ │ └── page.tsx
│ ├── apple-icon.tsx # Apple touch icon generator
│ ├── favicon.ico # Traditional favicon
│ ├── globals.css # Global styles
│ ├── icon.tsx # Favicon generator
│ ├── layout.tsx # Root layout with metadata
│ └── page.tsx # Marketing homepage
├── lib/ # Utility libraries
│ ├── apollo-client.ts # GraphQL client setup
│ ├── queries.ts # GraphQL queries
│ └── types.ts # TypeScript interfaces
├── public/ # Static assets
│ └── site.webmanifest # PWA manifest
├── .env.example # Environment variables template
├── next.config.js # Next.js configuration
├── postcss.config.js # PostCSS configuration
├── tailwind.config.js # Tailwind CSS configuration
└── tsconfig.json # TypeScript configuration
The starter includes these GraphQL queries:
The starter uses OAuth2 client credentials flow for authentication:
/api/graphql
handles authentication automaticallyThe application includes Progressive Web App capabilities:
lib/types.ts
lib/queries.ts
app/components/
app/
directoryThe project uses Tailwind CSS with a blue theme:
Each page includes optimized metadata:
npm run dev
- Start development servernpm run build
- Build for productionnpm run start
- Start production servernpm run lint
- Run ESLint.env.local
NODE_TLS_REJECT_UNAUTHORIZED=0
nodeArticles
query is available in GraphQL schemaDRUPAL_CLIENT_ID
and DRUPAL_CLIENT_SECRET
are set.dcloud.ddev.site
domains.env.example
to .env.local
and configure properlyMIT License - see LICENSE file for details.
FAQs
A comprehensive Next.js starter template for building modern headless websites with Drupal Cloud backends. Features a professional marketing homepage, dynamic articles system, and seamless GraphQL integration.
We found that drupal-cloud-starter demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.