Re: Apache YuniKorn (Incubating) - Community Graduation Vote

2022-01-22 Thread Felix Cheung 
Pls add the podling status file
https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/

3 ppmc members have not subscribed to private@

These can be found on
https://whimsy.apache.org/roster/ppmc/yunikorn



From: Weiwei Yang 
Sent: Thursday, January 20, 2022 10:05:55 PM
To: dev@yunikorn.apache.org 
Cc: priv...@yunikorn.apache.org 
Subject: Re: Apache YuniKorn (Incubating) - Community Graduation Vote

hi all

Most issues under the graduation preparation JIRA YUNIKORN-1005
 are fixed.
The remaining one is the who-are-we web page, I am currently collecting
info for that, should be done by next week.
Shall we start to vote now? I can start a new thread for the community
voting if nobody has objections.

On Tue, Jan 11, 2022 at 11:02 AM Wilfred Spiegelenburg 
wrote:

> None of the security lists mentioned in the security page [1] are
> moderated. They are private lists, i.e. not openly available for
> browsing in an archive, but not moderated. Using the private@ for
> YuniKorn does not seem to line up with what other projects do either.
> None of the recently graduated projects mention anything like using
> the private@ mailing list on their sites. They all have just used the
> general security link mentioned on their site unless they have a
> specific security@ list. YuniKorn would be the one standing out from
> what seems to be the norm.
> Examples from the last 2 years of graduated projects using a simple
> link or a text pointing to [1]: Pinot, Dolphinscheduler, Ratis,
> Echarts, Gobblin, TVM, Superset and Datasketches. There are more but I
> think this provides an overview of what is expected on graduation.
>
> Wilfred
>
> [1] https://www.apache.org/security/
>
> On Tue, 11 Jan 2022 at 18:21, Weiwei Yang  wrote:
> >
> > Hi Wilfred
> >
> > Adding a security@ mailing list sounds like a good idea, but I do not
> think that is required in the current stage.
> > We can do that post-graduate. For now, the Apache security doc said
> >
> > > We strongly encourage you to report potential security vulnerabilities
> to one of our private security mailing lists first, before disclosing them
> in a public forum.
> >
> > I do not see any issue if we use our private@ mailing list for this
> purpose.
> >
> > On Mon, Jan 10, 2022 at 11:01 PM Wilfred Spiegelenburg <
> wilfr...@apache.org> wrote:
> >>
> >> The private@ is a moderated list. This has two issues: a moderator
> >> needs to approve any message not sent by a PMC member. This will slow
> >> down the process of interaction with the reporter. It would also not
> >> reach the YuniKorn committers group as not all committers are part of
> >> the PMC. Security issues should be handled and worked on by all
> >> committers not just by the PMC members.
> >>
> >> The security notification update made to the website I think does not
> >> line up with the security guidelines referenced in the link provided
> >> in the dropdown menu of the YuniKorn site [1]. In that link there is a
> >> well defined way to report security issues. If we need to enhance and
> >> extend what we do we either establish a security@ mailing list and
> >> provide a static page with security related information on our site or
> >> we leave it as is. My preference would be to establish a security@
> >> list and make all committers a member of that list.
> >>
> >> I think we need to roll back the website changes part of YUNIKORN-1006
> >> [2] in PR [3] for the website.
> >>
> >> Wilfred
> >>
> >> [1] https://www.apache.org/security/
> >> [2] https://issues.apache.org/jira/browse/YUNIKORN-1006
> >> [3] https://github.com/apache/incubator-yunikorn-site/pull/105
> >>
> >> On Tue, 11 Jan 2022 at 04:45, Holden Karau 
> wrote:
> >> >
> >> > For "The project provides a well-documented, secure and private
> channel to report security issues, along with a documented way of
> responding to them.' the standard that I've seen used is to tell people to
> e-mail private@ when they think they might have a security related issue.
> I think that would probably work well for Yunikorn too.
> >> >
> >> >
> >> > On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
> chenyazhangche...@gmail.com> wrote:
> >> >>
> >> >> Hi Weiwei,
> >> >>
> >> >> Thanks for driving this! The evaluation is quite comprehensive
> overall. I checked our Apache project maturity guidelines and noticed the
> below three items. Not sure if we already have them but they are not
> blockers to our graduation. We could think more about them along the way.
> >> >>
> >> >> QU30
> >> >>
> >> >> The project provides a well-documented, secure and private channel
> to report security issues, along with a documented way of responding to
> them.
> >> >>
> >> >> QU40
> >> >>
> >> >> The project puts a high priority on backwards compatibility and aims
> to document any incompatible changes and

Re: YuniKorn web-site V2 now is up

2020-08-01 Thread Felix Cheung 
Thanks. I think you should at least having “incubating” once, in the title name 
as in http://pinot.apache.org/

And the disclaimer in footer.

Website address yunikorn.apache.org is ok.


From: Weiwei Yang 
Sent: Saturday, August 1, 2020 1:30:19 PM
To: dev@yunikorn.apache.org 
Cc: lamber...@apache.org 
Subject: Re: YuniKorn web-site V2 now is up

Hi Felix

Thanks for the reminder, appreciate it.
We were reviewing the things that need to be done in order to fix these
issues. I think we need to do the following things:

1. Fix the website URL in
https://incubator.apache.org/projects/yunikorn.html, that should point to
http://yunikorn.incubator.apache.org/
2. Add disclaimer on the website:

Apache *YuniKorn* is an effort undergoing incubation at The Apache Software
Foundation (ASF), sponsored by the name of Apache TLP sponsor. Incubation
is required of all newly accepted projects until a further review indicates
that the infrastructure, communications, and decision making process have
stabilized in a manner consistent with other successful ASF projects. While
incubation status is not necessarily a reflection of the completeness or
stability of the code, it does indicate that the project has yet to be
fully endorsed by the ASF.

But I am not quite sure what else needs to be done. Do we have to say
"Apache YuniKorn (Incubator)" everywhere in the web-site or document? I
checked some other incubator project websites, such as

   - http://ratis.apache.org/
   - https://livy.apache.org/
   - http://flagon.apache.org/

This seems not a requirement.
Please share your thoughts, thanks!

On Sat, Aug 1, 2020 at 12:58 PM Felix Cheung 
wrote:

> Reminder - branding is very important and since the website is public it
> will be great to get this address as soon as possible.
>
> Please see the link for a few things that should be updated on the
> website. Thanks
>
>
>
> 
> From: Weiwei Yang 
> Sent: Thursday, July 23, 2020 11:17:45 PM
> To: dev@yunikorn.apache.org 
> Cc: lamber...@apache.org 
> Subject: Re: YuniKorn web-site V2 now is up
>
> Thanks Felix!
> We will be working on fixing the references in the next couple of days.
>
> On Thu, Jul 23, 2020 at 4:16 PM Felix Cheung 
> wrote:
>
> > Looks great - please include the podling reference
> > https://incubator.apache.org/guides/branding.html#naming
> >
> > 
> > From: Weiwei Yang 
> > Sent: Thursday, July 23, 2020 12:32:22 AM
> > To: dev@yunikorn.apache.org 
> > Cc: lamber...@apache.org 
> > Subject: YuniKorn web-site V2 now is up
> >
> > Hi all
> >
> > I am happy to announce that the new YuniKorn web-site now is up and
> > running. The website is http://yunikorn.apache.org/. We have migrated
> all
> > our documents to the website and moving on, we will maintain our docs
> > there. It supports versioned docs.
> >
> > If you find any issue about content, format, style, or anything, please
> let
> > us know. You can create a JIRA, or post a message on the slack channel.
> >
> > Many thanks for Lamber Ken for initiating this and driving this effort.
> > Thank Wilfred and Sunil for helping the migration and review. Great to
> see
> > this is done before 0.9 release.
> >
> > Thanks
> > Weiwei
> >
>

Re: YuniKorn web-site V2 now is up

2020-08-01 Thread Felix Cheung 
Reminder - branding is very important and since the website is public it will 
be great to get this address as soon as possible.

Please see the link for a few things that should be updated on the website. 
Thanks




From: Weiwei Yang 
Sent: Thursday, July 23, 2020 11:17:45 PM
To: dev@yunikorn.apache.org 
Cc: lamber...@apache.org 
Subject: Re: YuniKorn web-site V2 now is up

Thanks Felix!
We will be working on fixing the references in the next couple of days.

On Thu, Jul 23, 2020 at 4:16 PM Felix Cheung 
wrote:

> Looks great - please include the podling reference
> https://incubator.apache.org/guides/branding.html#naming
>
> 
> From: Weiwei Yang 
> Sent: Thursday, July 23, 2020 12:32:22 AM
> To: dev@yunikorn.apache.org 
> Cc: lamber...@apache.org 
> Subject: YuniKorn web-site V2 now is up
>
> Hi all
>
> I am happy to announce that the new YuniKorn web-site now is up and
> running. The website is http://yunikorn.apache.org/. We have migrated all
> our documents to the website and moving on, we will maintain our docs
> there. It supports versioned docs.
>
> If you find any issue about content, format, style, or anything, please let
> us know. You can create a JIRA, or post a message on the slack channel.
>
> Many thanks for Lamber Ken for initiating this and driving this effort.
> Thank Wilfred and Sunil for helping the migration and review. Great to see
> this is done before 0.9 release.
>
> Thanks
> Weiwei
>