[Plan] Site Audit 3.x

@socketwench
How do we want to go about working on this?
Do you want those of us who are interested to work on creating issues on d.o and submitting patches?
Do you want to create the issues yourself and then we can begin submitting patches.
Or we could fork on Github and start creating issues and pull requests?

Which do you prefer?

The 2.x version of Site Audit has a number of problems. It works only as a Drush plugin, it has no exposure in the Drupal UI

Some history; it was explicitly designed as a Drush command, which is how it checks hundreds of thousands of sites on Pantheon. It makes sense to provide multiple interfaces, which is what I had started doing in the 3.x version on GitHub before I stopped working in Drupal.

Exposing it as a module makes perfect sense, but I would recommend continuing to allow a similar functionality, IE not require that site_audit be required to be installed in a target site if it's available in Drush / Console / whatever the current equivalent is.

Last I knew, Pantheon used git, not Composer to install it.

There was an email thread with packagist regarding what to do, which last I checked was still pending research / response from Drupal Infrastructure. Would it make sense to follow-up on that as part of this effort?

not require that site_audit be required to be installed in a target site if it's available in Drush / Console / whatever the current equivalent is.

I agree with this. If I were to put a hosting hat on, site_audit is useful for hosting environments, but I would not want to be adding packages/modules to a client site.

For one, I would not want to deal with dependency issues, but probably the greater issue would be the end client or developers would be unlikely to want me to make changes to their site/code.

@andyrigby

"but I would not want to be adding packages/modules to a client site."

Well you don't have to just do "composer require --dev drupal/site_audit"

And then to install the module you have to do "composer install --dev"

That is how you should handle all development modules for drupal 8, this is not the first dev module to exist.

I still think 2 is the best approach.

I like the module approach as well and that fits in well with our desire to use the site_audit module as the basis for a platform self-check system in a Drupal application we're building for a client. Hopefully, we'll be able to contribute back some of the external integration checks that we'll be building such as Salesforce Integration checks.

The only other option, which has been lightly touched on by others in this thread, would be to pull the core of site_audit and the individual checks out into separate libraries that would be installed in the vendor directory. Then provide module, drush, and drupal console wrappers that leverage those libraries. To do this, someone would need to setup some git repositories for each of the common library components and register them with https://packagist.org/ (see https://jameshfisher.com/2017/11/06/how-to-release-a-composer-package.html)

We can start pushing up some patches/pull requests in the next week or so if there is an agreed to architectural approach.

I have not used this module in Drupal 8 site yet.

But I have earlier created a feature request #2911891: Overrides the site's language regarding D7, so I was wondering if you plan to release 3.x in D8, do you mind to let us to specific or able to override the site's language? What do you think about it?

We've been using Site Audit successfully as part of the Aegir Reporting framework (wrapping it in Aegir Site Audit) for both D7 and D8 sites.

Whether it's installed as module or not, we Aegir maintainers will be happy as long as we can access the results outside of the Web UI (via Drush, Console, Ansible, etc.).

Personally, however, I like the idea of not having to install it as a module to keep target sites untouched, as much as possible, but I'll be fine with either scenario. I'm actually a Hacked! maintainer and have done a lot of work on #2066371: Integrate hacked with site_audit & allow hacked to be installed globally.

As already mentioned in #3052993-17: Porting Site Audit 2.x to Drush 9.x I think I'm going to follow @greg.1.anderson's proposal (and approach 3. from #15 by @socketwench) to Composerize the module and pulling in the actively developed and well-maintained https://github.com/pantheon-systems/site-audit-tool fork as a dependency on top of the work towards an UI that @jrglasgow has done so far into a stable 3.0 release.

By that we can have the best of both worlds. The standalone Drush commands and the checks will be provided by the site audit tool fork and the UI will be provided by the Site Audit module. To onboard users the installation guide must be rewritten in a way that this module and the Drush commands also work for unmanaged projects requiring users to run composer install after unzipping the tarball and upload all module files including vendor/.

I see that this means that a lot of code which has been written in the 8.x-3.x branch would be removed by following this approach. On the other hand it would make the module much more lightweight and we can benefit from the work that @greg.1.anderson for Pantheon is doing in the fork. My biggest hope is that the Site Audit module can gain some development-momentum by that after it more or less halted about a year ago.

Just a note that I posted another issue to start planning a 4.x branch: https://www.drupal.org/project/site_audit/issues/2968983

Marking this "Fixed" since 3.x was released quite some time ago.

Thanks for this really thorough discussion, all!

FYI anyone watching this isssue, would love your feedback/testing on #3326092: Site Audit 4.x

I've updated the issue with specifics and created an initial alpha1 release.