I'm still with Mesos and can do what I done the last years. Keep an eye at issues and give support via Slack and Jira.

Am 13.11.23 um 13:51 schrieb Shane Curcuru:
As a mature and successful project, Mesos hasn't seen much new development in the past couple of years.  The question now for everyone on these lists is:

- Is Mesos still a maintained project, where even if no new features are developed, there's at least a group to respond to security issues and make new releases?  Or is it time to 'deprecate' Mesos, and move the project as a whole to the Apache Attic? [1]

It feels like there are still plenty of users who rely on Mesos; what we need now is for enough people here to step up and volunteer to stick around and be available to fix security issues in the future.

Thanks to Qian for raising this question in March [2], where several people did speak up.  I'd like to clarify what the ASF board's requirements are for an 'active' Apache project.

We don't actually need people doing active development on a project. What's really needed is at least three PMC members who are monitoring the project's lists and issues, and who could be available in the future *if* a serious security issue or other major bug were discovered.

So we're not looking for people with time to do active development - just enough reliable volunteers who could monitor for major issues that are reported, and make a new release if security fixes are needed.  Does that help, and does that make sense?

We will also be running a Roll Call of the PMC [3] now, so the board can understand how many PMC members (who have access to security issue details, for example) could still stick around to monitor lists.  Along with that roll call, we'll also be reminding the existing PMC that they can vote in any existing committers who will also step up and volunteer.

* What can you do?

If you are still using Mesos, have enough time to check the mailing lists/issue tracker periodically for any security or giant breaking bugs (i.e. not small bugs), and might be able to help someday with a fix or making a new release of Mesos, then speak up now!  Be sure to say what specific kinds of tasks you might be able to take on if they arise.

Remember: we don't need active development, just some folks making sure any security bugs are addressed in the future (if they come up).

Attachment: OpenPGP_0x6A83F12541CFCCF9.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

Reply via email to