Drupal is a registered trademark of Dries Buytaert
Protected Pages 3.0.0 Major update available for module protected_pages (3.0.0). Commerce Core 3.3.8 Minor update available for module commerce (3.3.8). Search API HTML Element Filter 1.0.7 Minor update available for module search_api_html_element_filter (1.0.7). Layout Builder Reorder 2.0.1 Minor update available for module layout_builder_reorder (2.0.1). Ban 1.1.0 Minor update available for module ban (1.1.0). Field Formatter Range 2.0.0 Major update available for module field_formatter_range (2.0.0). Field Formatter Range 8.x-1.8 Minor update available for module field_formatter_range (8.x-1.8). Varbase Media Header 9.2.1 Minor update available for module varbase_media_header (9.2.1). Search API Solr 4.3.11 Module search_api_solr updated after 14 months of inactivity (4.3.11). Provus Mega Menu Module provus_mega_menu crossed 1,000 active installs.

Config Enforce

32 sites Security covered
View on drupal.org

Config Enforce prevents specific configuration from being changed in production environments. It can make configuration forms read-only, block new configuration from being saved, or regularly re-import configuration from the codebase.

Config Enforce ensures that specified configuration cannot be changed in production environments. See the article Introducing Config Enforce.

How it works

The related Config Enforce Devel module provides a convenient UI to specify for each config object on the site whether and how strictly to enforce its configuration, as well as streamlining the writing of config YAML files to the codebase.

Once enforced configuration is deployed to a production codebase, Config Enforce will, depending on the level of enforcement:

  • Make specified config forms read-only.
  • Interrupt the writing of new config to the database.
  • Regularly re-import config from disk.

Installation

Please note:You will need to enable-patching in your root composer.json in order for Config Enforce to work correctly. See the docs site for more details.

composer config extra.enable-patching "true"
composer require drupal/config_enforce
composer require --dev drupal/config_enforce_devel

Background

As Drupal has evolved into an web application development framework, we've seen an ecosystem of configuration management tools and techniques evolve along with it. With dev-stage-prod development practices becoming common-place, the challenges of reliably deploying and applying new or changed configuration has become increasingly complex.

Configuration stored in a production site's database is traditionally considered canonical. We believe that much of this complexity is (at least partially) due to trying to accommodate config drift in production environments.

In order to make Drupal better-suited to SaaS application development, this project intends to flip that paradigm, and instead treat config files as canonical, and treat database storage as essentially a cache.

This project is in active development. Contributions of all sort are welcome, be they documentation, reporting bugs, code and security reviews, automated tests, and so on. If you'd like to help out or see what we're planning, head to #3305516: Config Enforce roadmap

Activity

Total releases
6
First release
Oct 2025
Latest release
4 months ago
Releases (12 mo)
6 ▲ from 0
Maintenance
Active

Release Timeline

Releases

Version Type Release date
2.0.0-beta0 Pre-release Feb 24, 2026
2.0.0-alpha5 Pre-release Nov 28, 2025
2.0.0-alpha4 Pre-release Nov 20, 2025
2.0.0-alpha3 Pre-release Nov 11, 2025
2.0.0-alpha2 Pre-release Nov 5, 2025
2.0.0-alpha1 Pre-release Oct 31, 2025