Thanks Craig, and congratulations to JDO team on the great progress!
On Thu, Sep 30, 2021 at 3:37 PM Craig Russell <apache....@gmail.com> wrote: > > Hi Bryan, > > Good start. Here's the latest on what JDO has been up to: > > The JDO team have been making changes suggested by the Apache > Diversity Conscious Language Checker, including changing the > name of the git branch from master to main, and resolving all issues in the > source code and web site. > https://clc.diversity.apache.org/analysis.html?project=db-jdo.git > https://clc.diversity.apache.org/analysis.html?project=db-jdo-site.git > > The JDO project is ready to ask the Java Community Process (JCP) to approve > the latest release, JDO 3.2. We have asked for specific guidance to submit > the release to be voted by the JCP. Once the JCP approves the Maintenance > Release, we will formally make the Apache release via the usual DB PMC > process. > > Regards, > Craig > > > On Sep 30, 2021, at 11:45 AM, Bryan Pendleton <bpendleton.de...@gmail.com> > > wrote: > > > > Hi all, I am preparing the October report for the Board. > > > > Can you please send me any updates that I should include? > > > > Here is what I currently have; please help clarify what I should > > include about JDO 3.2 and/or about JSR-243, if anything. > > > > The DB project received a report of a CWE-502 vulnerability in the > > retired DdlUtils source code. Although the DdlUtils subproject is > > retired and no longer actively developed, the DB project decided > > to address the vulnerability, which is now tracked as CVE-2021-41616, > > and removed the insecure source code from the source repository. > > The DB project also removed the DdlUtils-1.0 release from > > distribution via the Apache mirrors, and updated the DdlUtils web > > site to make it more clear that DdlUtils is retired and no longer > > actively developed. > > > > The JDO team have published the JDO 3.2 spec (or is it still in review?) > > > > The JDO team have been making changes suggested by the Apache > > Diversity Conscious Language Checker, including changing the > > name of the git branch from master to main, and investigating > > language changes in the source code and specification. > > > > The Derby team have validated Derby behavior with Java 17. This > > involved significant work to address changes due to JEP411. > > Craig L Russell > c...@apache.org >
