thanks Sunil! btw. I followed https://infra.apache.org/committer-email.html to configure my gmail settings to send from the apache email address. I originally used my gmail to subscribe to the private list and didn't receive a confirmation/error email. Hope others won't encounter the same problem.
Best, Chenya On Tue, Jan 25, 2022 at 10:03 AM Sunil Govindan <[email protected]> wrote: > Yes. I reached out to a couple of them and added them to the list. > We still have a gap. Will try again. > > Thanks > Sunil > > On Mon, Jan 24, 2022 at 10:45 PM Chenya Zhang <[email protected] > > > wrote: > > > Subscribed to the private list! 3 -> 2 ? :) > > > > On Mon, Jan 24, 2022 at 6:02 PM Wilfred Spiegelenburg < > [email protected] > > > > > wrote: > > > > > When you check the status page [1] you will see that a wiki is no > > > longer required. > > > We can skip adding it. > > > > > > BTW: I added Chenya to the roster that increases the PPMC members not > > > subscribed to 3 again after it was down to 2. > > > > > > Wilfred > > > > > > [1] https://incubator.apache.org/projects/yunikorn.html > > > > > > > > > On Mon, 24 Jan 2022 at 13:12, Weiwei Yang <[email protected]> wrote: > > > > > > > > Hi Sunil > > > > > > > > I don’t think we ever have a wiki, do we still need to add that? I > see > > > some projects leave that empty as well. > > > > > > > > Sent from my iPhone > > > > > > > > > On Jan 23, 2022, at 2:07 PM, Sunil Govindan <[email protected]> > > wrote: > > > > > > > > > > @Weiwei Yang <[email protected]> > > > > > Could you please add WIKI as well to this? > > > > > > > > > > Thanks > > > > > Sunil > > > > > > > > > >> On Sun, Jan 23, 2022 at 1:33 PM Weiwei Yang <[email protected]> > > wrote: > > > > >> > > > > >> Thank you Felix. > > > > >> I have added the initial podling status file: > > > > >> > > > > >> > > > > > > https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/yunikorn.yml > > > > >> . > > > > >> Please let me know if that looks good or not. > > > > >> > > > > >>> On Sat, Jan 22, 2022 at 10:18 PM Sunil Govindan < > [email protected] > > > > > > wrote: > > > > >>> > > > > >>> I will reach out to them. > > > > >>> > > > > >>> Thanks > > > > >>> Sunil > > > > >>> > > > > >>> On Sat, Jan 22, 2022 at 9:00 PM Felix Cheung < > > > [email protected]> > > > > >>> wrote: > > > > >>> > > > > >>>> Pls add the podling status file > > > > >>>> > > > > >>> > > > > >> > > > > > > https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/ > > > > >>>> > > > > >>>> 3 ppmc members have not subscribed to private@ > > > > >>>> > > > > >>>> These can be found on > > > > >>>> https://whimsy.apache.org/roster/ppmc/yunikorn > > > > >>>> > > > > >>>> < > > > > >>> > > > > >> > > > > > > https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/ > > > > >>>>> > > > > >>>> ________________________________ > > > > >>>> From: Weiwei Yang <[email protected]> > > > > >>>> Sent: Thursday, January 20, 2022 10:05:55 PM > > > > >>>> To: [email protected] <[email protected]> > > > > >>>> Cc: [email protected] <[email protected]> > > > > >>>> Subject: Re: Apache YuniKorn (Incubating) - Community Graduation > > > Vote > > > > >>>> > > > > >>>> hi all > > > > >>>> > > > > >>>> Most issues under the graduation preparation JIRA YUNIKORN-1005 > > > > >>>> <https://issues.apache.org/jira/browse/YUNIKORN-1005> are > fixed. > > > > >>>> The remaining one is the who-are-we web page, I am currently > > > collecting > > > > >>>> info for that, should be done by next week. > > > > >>>> Shall we start to vote now? I can start a new thread for the > > > community > > > > >>>> voting if nobody has objections. > > > > >>>> > > > > >>>> On Tue, Jan 11, 2022 at 11:02 AM Wilfred Spiegelenburg < > > > > >>>> [email protected]> > > > > >>>> wrote: > > > > >>>> > > > > >>>>> None of the security lists mentioned in the security page [1] > are > > > > >>>>> moderated. They are private lists, i.e. not openly available > for > > > > >>>>> browsing in an archive, but not moderated. Using the private@ > > for > > > > >>>>> YuniKorn does not seem to line up with what other projects do > > > either. > > > > >>>>> None of the recently graduated projects mention anything like > > using > > > > >>>>> the private@ mailing list on their sites. They all have just > > used > > > > >> the > > > > >>>>> general security link mentioned on their site unless they have > a > > > > >>>>> specific security@ list. YuniKorn would be the one standing > out > > > from > > > > >>>>> what seems to be the norm. > > > > >>>>> Examples from the last 2 years of graduated projects using a > > simple > > > > >>>>> link or a text pointing to [1]: Pinot, Dolphinscheduler, Ratis, > > > > >>>>> Echarts, Gobblin, TVM, Superset and Datasketches. There are > more > > > but > > > > >> I > > > > >>>>> think this provides an overview of what is expected on > > graduation. > > > > >>>>> > > > > >>>>> Wilfred > > > > >>>>> > > > > >>>>> [1] https://www.apache.org/security/ > > > > >>>>> > > > > >>>>> On Tue, 11 Jan 2022 at 18:21, Weiwei Yang <[email protected]> > > wrote: > > > > >>>>>> > > > > >>>>>> Hi Wilfred > > > > >>>>>> > > > > >>>>>> Adding a security@ mailing list sounds like a good idea, but > I > > do > > > > >>> not > > > > >>>>> think that is required in the current stage. > > > > >>>>>> We can do that post-graduate. For now, the Apache security doc > > > said > > > > >>>>>> > > > > >>>>>>> We strongly encourage you to report potential security > > > > >>>> vulnerabilities > > > > >>>>> to one of our private security mailing lists first, before > > > disclosing > > > > >>>> them > > > > >>>>> in a public forum. > > > > >>>>>> > > > > >>>>>> I do not see any issue if we use our private@ mailing list > for > > > > >> this > > > > >>>>> purpose. > > > > >>>>>> > > > > >>>>>> On Mon, Jan 10, 2022 at 11:01 PM Wilfred Spiegelenburg < > > > > >>>>> [email protected]> wrote: > > > > >>>>>>> > > > > >>>>>>> The private@ is a moderated list. This has two issues: a > > > > >> moderator > > > > >>>>>>> needs to approve any message not sent by a PMC member. This > > will > > > > >>> slow > > > > >>>>>>> down the process of interaction with the reporter. It would > > also > > > > >> not > > > > >>>>>>> reach the YuniKorn committers group as not all committers are > > > part > > > > >>> of > > > > >>>>>>> the PMC. Security issues should be handled and worked on by > all > > > > >>>>>>> committers not just by the PMC members. > > > > >>>>>>> > > > > >>>>>>> The security notification update made to the website I think > > does > > > > >>> not > > > > >>>>>>> line up with the security guidelines referenced in the link > > > > >> provided > > > > >>>>>>> in the dropdown menu of the YuniKorn site [1]. In that link > > there > > > > >>> is a > > > > >>>>>>> well defined way to report security issues. If we need to > > enhance > > > > >>> and > > > > >>>>>>> extend what we do we either establish a security@ mailing > list > > > > >> and > > > > >>>>>>> provide a static page with security related information on > our > > > > >> site > > > > >>> or > > > > >>>>>>> we leave it as is. My preference would be to establish a > > > security@ > > > > >>>>>>> list and make all committers a member of that list. > > > > >>>>>>> > > > > >>>>>>> I think we need to roll back the website changes part of > > > > >>> YUNIKORN-1006 > > > > >>>>>>> [2] in PR [3] for the website. > > > > >>>>>>> > > > > >>>>>>> Wilfred > > > > >>>>>>> > > > > >>>>>>> [1] https://www.apache.org/security/ > > > > >>>>>>> [2] https://issues.apache.org/jira/browse/YUNIKORN-1006 > > > > >>>>>>> [3] > https://github.com/apache/incubator-yunikorn-site/pull/105 > > > > >>>>>>> > > > > >>>>>>> On Tue, 11 Jan 2022 at 04:45, Holden Karau < > > [email protected] > > > > > > > > >>>>> wrote: > > > > >>>>>>>> > > > > >>>>>>>> For "The project provides a well-documented, secure and > > private > > > > >>>>> channel to report security issues, along with a documented way > of > > > > >>>>> responding to them.' the standard that I've seen used is to > tell > > > > >> people > > > > >>>> to > > > > >>>>> e-mail private@ when they think they might have a security > > related > > > > >>>> issue. > > > > >>>>> I think that would probably work well for Yunikorn too. > > > > >>>>>>>> > > > > >>>>>>>> > > > > >>>>>>>> On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang < > > > > >>>>> [email protected]> wrote: > > > > >>>>>>>>> > > > > >>>>>>>>> Hi Weiwei, > > > > >>>>>>>>> > > > > >>>>>>>>> Thanks for driving this! The evaluation is quite > > comprehensive > > > > >>>>> overall. I checked our Apache project maturity guidelines and > > > noticed > > > > >>> the > > > > >>>>> below three items. Not sure if we already have them but they > are > > > not > > > > >>>>> blockers to our graduation. We could think more about them > along > > > the > > > > >>> way. > > > > >>>>>>>>> > > > > >>>>>>>>> QU30 > > > > >>>>>>>>> > > > > >>>>>>>>> The project provides a well-documented, secure and private > > > > >>> channel > > > > >>>>> to report security issues, along with a documented way of > > > responding > > > > >> to > > > > >>>>> them. > > > > >>>>>>>>> > > > > >>>>>>>>> QU40 > > > > >>>>>>>>> > > > > >>>>>>>>> The project puts a high priority on backwards compatibility > > and > > > > >>>> aims > > > > >>>>> to document any incompatible changes and provide tools and > > > > >>> documentation > > > > >>>> to > > > > >>>>> help users transition to new features. > > > > >>>>>>>>> > > > > >>>>>>>>> CO50 > > > > >>>>>>>>> > > > > >>>>>>>>> The project documents how contributors can earn more rights > > > > >> such > > > > >>> as > > > > >>>>> commit access or decision power, and applies these principles > > > > >>>> consistently. > > > > >>>>>>>>> > > > > >>>>>>>>> > > > > >>>>>>>>> Thanks, > > > > >>>>>>>>> > > > > >>>>>>>>> Chenya > > > > >>>>>>>>> > > > > >>>>>>>>> > > > > >>>>>>>>> > > > > >>>>>>>>> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang < > > [email protected]> > > > > >>>>> wrote: > > > > >>>>>>>>>> > > > > >>>>>>>>>> Hi YuniKorn community and mentors > > > > >>>>>>>>>> > > > > >>>>>>>>>> Based on the discussion thread [1], after 2 years time of > > > > >>>>> incubating, it is > > > > >>>>>>>>>> considered that now is a good time to graduate YuniKorn > from > > > > >> the > > > > >>>> ASF > > > > >>>>>>>>>> incubator and become a top-level Apache project. We have > > > > >>> reviewed > > > > >>>>> the ASF > > > > >>>>>>>>>> project maturity model [2] and provided some assessment of > > the > > > > >>>>> project's > > > > >>>>>>>>>> maturity based on the guidelines. Details are included as > > the > > > > >>>>> following. > > > > >>>>>>>>>> Please read this and share your thoughts by replying to > this > > > > >>>> email, > > > > >>>>> your > > > > >>>>>>>>>> feedback will be much appreciated!!! > > > > >>>>>>>>>> > > > > >>>>>>>>>> *Code, License, and Copyright* > > > > >>>>>>>>>> > > > > >>>>>>>>>> All code is maintained on github, under Apache 2.0 > license. > > We > > > > >>>> have > > > > >>>>>>>>>> reviewed all the dependencies and ensured they do not > bring > > > > >> any > > > > >>>>> license > > > > >>>>>>>>>> issues. All the status files, license headers, and > copyright > > > > >> are > > > > >>>> up > > > > >>>>> to date. > > > > >>>>>>>>>> > > > > >>>>>>>>>> *Release* > > > > >>>>>>>>>> > > > > >>>>>>>>>> The community has released 5 releases in the past 2 years, > > i.e > > > > >>>>> v0.8, v0.9, > > > > >>>>>>>>>> v0.10, v0,11, and v0.12. These releases were done by 5 > > > > >> different > > > > >>>>> release > > > > >>>>>>>>>> managers [3] and indicate the community can create > releases > > > > >>>>> independently. > > > > >>>>>>>>>> We have also a well-documented release process, automated > > > > >> tools > > > > >>> to > > > > >>>>> help new > > > > >>>>>>>>>> release managers with the process. > > > > >>>>>>>>>> > > > > >>>>>>>>>> *Quality* > > > > >>>>>>>>>> > > > > >>>>>>>>>> The community has developed a comprehensive CI/CD pipeline > > as > > > > >> a > > > > >>>>> guard of > > > > >>>>>>>>>> the code quality. The pipeline runs per-commit license > > check, > > > > >>>>> code-format > > > > >>>>>>>>>> check, code-coverage check, UT, and end-to-end tests. All > > > > >> these > > > > >>>> are > > > > >>>>> built > > > > >>>>>>>>>> as automated github actions, new contributors can easily > > > > >> trigger > > > > >>>>> and view > > > > >>>>>>>>>> results when submitting patches. > > > > >>>>>>>>>> > > > > >>>>>>>>>> *Community* > > > > >>>>>>>>>> > > > > >>>>>>>>>> The community has developed an easy-to-read homepage for > the > > > > >>>>> project [4], > > > > >>>>>>>>>> the website hosts all the materials related to the project > > > > >>>> including > > > > >>>>>>>>>> versioned documentation, user docs, developer docs, design > > > > >> docs, > > > > >>>>>>>>>> performance docs. It provides the top-level navigation to > > the > > > > >>>>> software > > > > >>>>>>>>>> download page, where links to all our previous releases. > It > > > > >> also > > > > >>>>> has the > > > > >>>>>>>>>> pages for the new contributors on-boarding with the > project, > > > > >>> such > > > > >>>>> as how to > > > > >>>>>>>>>> join community meetings, events links, etc. > > > > >>>>>>>>>> > > > > >>>>>>>>>> The community shows appreciation to all contributors and > > > > >>> welcomes > > > > >>>>> all kinds > > > > >>>>>>>>>> of contributions (not just for code). We have built an > open, > > > > >>>> diverse > > > > >>>>>>>>>> community and gathered many people to work together. With > > > > >> that, > > > > >>> we > > > > >>>>> have 41 > > > > >>>>>>>>>> unique code contributors and some non-code contributors as > > > > >> well. > > > > >>>>> Many of > > > > >>>>>>>>>> them have becoming to be committers and PPMC members while > > > > >>> working > > > > >>>>> with the > > > > >>>>>>>>>> community. There were 2 new mentors, 8 new committers, 2 > new > > > > >>> PPMC > > > > >>>>> from 6 > > > > >>>>>>>>>> different organizations [5] added in the incubating phase. > > And > > > > >>> in > > > > >>>>> total, > > > > >>>>>>>>>> the project has 6 mentors, 21 PPMC, and 27 committers from > > at > > > > >>>> least > > > > >>>>> 14 > > > > >>>>>>>>>> different organizations. Community collaboration was done > > in a > > > > >>>>> wide-public, > > > > >>>>>>>>>> open manner, we leverage regular bi-weekly/weekly > community > > > > >>>>> meetings for 2 > > > > >>>>>>>>>> different timezones [6] and dev/user slack channels, > mailing > > > > >>> lists > > > > >>>>> for > > > > >>>>>>>>>> offline discussions. > > > > >>>>>>>>>> > > > > >>>>>>>>>> *Independence* > > > > >>>>>>>>>> > > > > >>>>>>>>>> The project was initially donated by Cloudera, but with a > > > > >>> diverse > > > > >>>>> open > > > > >>>>>>>>>> source community, it has been operated as an independent > > > > >> project > > > > >>>>> since it > > > > >>>>>>>>>> entered into ASF incubator. The committers and PPMC > members > > > > >> are > > > > >>> a > > > > >>>>> group of > > > > >>>>>>>>>> passionate people from at least 14 different > organizations, > > > > >> such > > > > >>>> as > > > > >>>>>>>>>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft, > > > > >>>>> Snowflake, etc. > > > > >>>>>>>>>> The project's success is not depending on any single > entity. > > > > >>>>>>>>>> > > > > >>>>>>>>>> I have enough reasons to believe the project has done > > > > >>> sustainable > > > > >>>>>>>>>> development successfully in the Apache way. Again, please > > > > >> share > > > > >>>> your > > > > >>>>>>>>>> thoughts, all YuniKorn contributors, committers, PPMC, and > > > > >>>> mentors. > > > > >>>>> Thank > > > > >>>>>>>>>> you! > > > > >>>>>>>>>> > > > > >>>>>>>>>> [1] > > > > >>>>> > https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n > > > > >>>>>>>>>> [2] > > > > >>>>>>>>>> > > > > >>>>> > > > > >>>> > > > > >>> > > > > >> > > > > > > https://community.apache.org/apache-way/apache-project-maturity-model.html > > > > >>>>>>>>>> > > > > >>>>>>>>>> [3] https://yunikorn.apache.org/community/download > > > > >>>>>>>>>> [4] https://yunikorn.apache.org/ > > > > >>>>>>>>>> [5] https://incubator.apache.org/projects/yunikorn.html > > > > >>>>>>>>>> > > > > >>>>>>>>>> [6] > > > > >>>>>>>>>> > > > > >>>>> > > > > >>>> > > > > >>> > > > > >> > > > > > > https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0 > > > > >>>>>>>> > > > > >>>>>>>> > > > > >>>>>>>> > > > > >>>>>>>> -- > > > > >>>>>>>> Twitter: https://twitter.com/holdenkarau > > > > >>>>>>>> Books (Learning Spark, High Performance Spark, etc.): > > > > >>>>> https://amzn.to/2MaRAG9 > > > > >>>>>>>> YouTube Live Streams: > > https://www.youtube.com/user/holdenkarau > > > > >>>>> > > > > >>>>> > > > --------------------------------------------------------------------- > > > > >>>>> To unsubscribe, e-mail: [email protected] > > > > >>>>> For additional commands, e-mail: [email protected] > > > > >>>>> > > > > >>>>> > > > > >>>> > > > > >>> > > > > >> > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: [email protected] > > > > For additional commands, e-mail: [email protected] > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [email protected] > > > For additional commands, e-mail: [email protected] > > > > > > > > >
