The Apache News Round-up: week ending 24 June 2022

2022-06-24 Thread Sally Khudairi
Happy Friday, everyone --let's review the Apache community's activities from 
over the past week:

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's 
Technology Today since 1998.
 - FINAL CALL: Travel Assistance available for ApacheCon North America. 
Application deadline 1 July https://apache.org/travel/

ASF Board – management and oversight of the business affairs of the corporation 
in accordance with the Foundation's bylaws.
 - Next Board Meeting: 20 July 2022. Running Board calendar and minutes are 
available. https://apache.org/foundation/board/calendar.html

ASF Infrastructure – our distributed team on three continents keeps the ASF's 
infrastructure running around the clock. http://www.apache.org/uptime/
 - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 
different service components spread over more than 250 machines in data centers 
around the world. View the ASF's Infrastructure Uptime site to see the most 
recent averages.

Apache Code Snapshot – Over the past week, 306 Apache Committers and 829 
contributors changed 2,186,931 lines of code over 3,155 commits. Top five 
contributors, in order, are: Sebastian Rühl, Mark Thomas, Ivan Zhakov, Gary 
Gregory, and Andriy Redko.


Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache Druid 0.23.0 released https://druid.apache.org/
 - Apache Kyuubi (Incubating) 1.5.2-incubating released 
https://kyuubi.apache.org/
 - Apache ShardingSphere 5.1.2 released https://shardingsphere.apache.org/

Databases --
 - Apache Geode 1.15.0 released https://geode.apache.org/

Middleware --
 - Apache Karaf runtime 4.2.16 released https://karaf.apache.org/

Observability --
  - Apache SkyWalking Java Agent 8.11.0 released https://skywalking.apache.org/

Search --
 - Apache Lucene 8.11.2 released https://lucene.apache.org/core/
 - Apache Solr 8.11.2 released https://solr.apache.org/

Servers --
 - Apache Tomcat CVE-2022-34305 - XSS in examples web application 
https://lists.apache.org/thread/bncqklppl3j2djw70vw47pjmpbgp20jp

Web Frameworks --
 - Apache Portals Jetspeed-2, Bridges and Applications are now retired as 
dormant http://portals.apache.org/

Workflow -
 - New Apache Airflow Providers released https://airflow.apache.org/


Did You Know?

- Did you know that Lyft uses Apache Beam to enable real-time ML streaming 
feature generation and model execution, optimize  Marketplace ML predictions, 
and process ~4 million events/minute? https://beam.apache.org/

- Did you know that eCommerce platform Fordeal's Big Data platform scheduler is 
powered by Apache DolphinScheduler? https://dolphinscheduler.apache.org/

- Did you know that Apache Druid's extremely efficient data representation as 
rollup makes it the database of choice for AdTech data? 
https://druid.apache.org/


Apache Community Notices

 - Apache in 2021 - By The Digits https://s.apache.org/Apache2021Digits

 - Watch "Trillions and Trillions Served", the documentary on the ASF 
https://www.youtube.com/watch?v=JUt2nb0mgwg 
   1) full feature [49 min] https://www.youtube.com/watch?v=JUt2nb0mgwg 
   2) "Apache Everywhere" [6 min] https://www.youtube.com/watch?v=nXtIti9jMFI
   3) "Why Apache" [2.5 min] https://www.youtube.com/watch?v=YM5dLvNatRs
   4) "Apache Innovation" [40 min] https://www.youtube.com/watch?v=qkvqJaX4S50

 - ASF Annual Report: FY2021 (PDF) 
https://www.apache.org/foundation/docs/FY2021AnnualReport.pdf

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements 
http://www.apache.org/foundation/reports.html

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on 
the ASF YouTube channel. https://www.youtube.com/c/TheApacheFoundation/

 - "Success at Apache" focuses on the people and processes behind why the ASF 
"just works." https://blogs.apache.org/foundation/category/SuccessAtApache

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page 
LinkedIn. https://twitter.com/TheASF and 
https://www.linkedin.com/company/the-apache-software-foundation

 - Follow the Apache Community on Facebook and Twitter. 
https://www.facebook.com/ApacheSoftwareFoundation/ and 
https://twitter.com/ApacheCommunity

 - Are your software solutions Powered by Apache? Download & use our "Powered 
By" logos. http://www.apache.org/foundation/press/kit/#poweredby

Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. For a broader 
spectrum from the Apache community, Planet Apache provides an aggregate of 
Project activities as well as the personal blogs and tweets of select ASF 
Committers. https://twitter.com/PlanetApache

===

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the 

The Apache Software Foundation Announces Apache® Doris™ as a Top-Level Project

2022-06-16 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/7l5y1 ]

Open Source Big Data MPP analytical database engine in use at Baidu, JD, 
Meituan, Sina, Tencent, and Xiaomi, among others.

Wilmington, DE —16 June 2022— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® Doris™ as a Top-Level Project 
(TLP).

Apache Doris is a modern, easy-to-use MPP (massively parallel processing) 
analytical database system that provides sub-second queries and efficient 
real-time data analysis. The project was originally developed at Baidu as 
"Palo", was open-sourced in 2017, and entered the Apache Incubator in July 2018.

"We are very proud that Doris graduated from the Apache Incubator —it is an 
important milestone," said Mingyu Chen, Vice President of Apache Doris. "Under 
the guidance of our incubator mentors, we learned how to successfully develop 
our project and community the Apache Way. We have achieved great growth during 
the incubation process."

Apache Doris is a database system for OLAP (online analytical processing) 
scenarios. It integrates Apache Impala, Google Mesa, and state-of-art 
vectorization technologies to provide sub-second queries and efficient 
real-time data analysis. Apache Doris meets rigorous data analysis demands in 
many business fields that include multi-dimensional reporting, user portrait, 
ad-hoc query, and real-time dashboards. Features include:

- High performance: Use column storage, index, parallel execution, 
vectorization technology, query optimizer and many other technologies to 
achieve fast query response.

- Easy-to-use: ANSI SQL syntax support. It can be easily scaled horizontally, 
and the data replica is automatically repaired and balanced. Does not rely on 
third-party services.

- Pre-aggregation: Provides multiple pre-aggregation data models and ensures 
data consistency and automatic query routing.

- Big Data ecosystem integration: Supports the connection with Apache Flink, 
Apache Hive, Apache Hudi, Apache Iceberg, Apache Spark, and ElasticSearch, 
among other systems.

Developers using Apache Doris enjoy its simplicity in deploying to hundreds of 
terabytes, and the ability to meet a variety of data-serving requirements in a 
single system.

Doris is in use at more than 500 enterprises globally, across a variety of 
industries such as finance, energy, manufacturing, and telecommunications, 
among other fields. Many of China’s top 50 Internet companies use Apache Doris, 
including 360, Baidu, ByteDance, JD, Kwai, Meituan, Netease, Sina, Tencent, and 
Xiaomi, among others. 

The project recently celebrated the release of Apache Doris 1.0, its eighth 
release whilst undergoing development in the Apache Incubator (along with six 
Connector releases), and also welcomed its 300th contributor. 

"Graduation is the starting point of a new journey," added Chen. "Our many 
plans for the future include continuing to develop Apache Doris, with new 
contributors and open source technology enthusiasts joining us to help grow our 
project and community together in the Apache Way."

Catch Apache Doris in action at ApacheCon Asia 2022, taking place 29-31 July 
https://www.apachecon.com/acasia2022/.

Availability and Oversight
Apache Doris software is released under the Apache License v2.0 and is overseen 
by a self-selected team of active contributors to the project. A Project 
Management Committee (PMC) guides the Project's day-to-day operations, 
including community development and product releases. For downloads, 
documentation, and ways to become involved with Apache Doris, visit 
https://doris.apache.org/ .

About the Apache Incubator
The Apache Incubator is the primary entry path for projects and codebases 
wishing to become part of the efforts at The Apache Software Foundation. All 
code donations from external organizations and existing external projects enter 
the ASF through the Incubator to: 1) ensure all donations are in accordance 
with the ASF legal standards; and 2) develop new communities that adhere to our 
guiding principles. Incubation is required of all newly accepted projects until 
a further review indicates that the infrastructure, communications, and 
decision making process have stabilized in a manner consistent with other 
successful ASF projects. While incubation status is not necessarily a 
reflection of the completeness or stability of the code, it does indicate that 
the project has yet to be fully endorsed by the ASF. For more information, 
visit http://incubator.apache.org/ .

About The Apache Software Foundation (ASF)
Established in 1999, The Apache Software Foundation is the world's largest Open 
Source foundation, stewarding 227M+ lines of code and providing more than $22B+ 
worth of software to the public at 100% no cost. The ASF’s all-volunteer 
community grew from 21 original founders overseeing the Apache HTTP 

The Apache Software Foundation Announces Apache® AGE™ as a Top-Level Project

2022-06-08 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/nycu1 ]

Open Source PostgreSQL extension for graph database functionality in use in 
government agencies, research and education institutions, utility providers, 
and more.

Wilmington, DE —8 June 2022— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® AGE™ as a Top-Level Project 
(TLP).

Apache AGE ("A Graph Extension") is a PostgreSQL extension that provides graph 
database functionality. The project was originally developed in 2019 as an 
extension to AgensGraph (Bitnine Global's multi-model database fork of 
PostgreSQL), and entered the Apache Incubator in April 2020.

"It is incredible to see how far the AGE project has come to its maturity by 
graduating as a Top-Level Project from the Apache Incubator, which demonstrates 
the project's ability to self-govern, and furthermore to be a part of the 
broader ASF community," said Eya Badal Abdisho, Vice President of Apache AGE. 
"With AGE, our goal is to provide a multi-model database that is designed to be 
simple and user-friendly, which simultaneously supports the relational and 
graph data model. AGE enables users to integrate the legacy relational data 
model and the flexible graph data model in one database."

AGE is a PostgreSQL extension that adds graph query functionality to 
Postgresql. Through using the Cypher query language in accordance with the 
openCypher specification, users can access, store and query graph data using 
PostgreSQL. Users may read and write nodes and edges stored in Postgres, as 
well as use various algorithms such as variable length edge traversal to 
analyze data in AGE. Other features include:

 - Support for openCypher query language
 - Hybrid querying using SQL and Cypher
 - Querying multiple graphs
 - Property indexes on both vertices and edges
 - Integration with Postgres' existing features

Hybrid queries are queries using both openCypher and SQL together. These 
queries allow data to move between the regular relational database and the 
graph representation that AGE provides.

AGE is in use across a variety of user organizations, including government 
agencies, research and education institutions, and utility providers, among 
others.

"We are very pleased that Apache AGE is the first formal graph database project 
of the Apache Software Foundation to achieve top-level graduation. We believe 
that it is a result that proves the development of the only graph database 
extension based on RDB," said Cheolsun Kang, CEO of Bitnine Global. "In the 
future, Bitnine Global will continue to support the development of Apache AGE. 
We are advancing our product by developing a service subscription model based 
on Apache AGE product support."

"I have been advising my clients to watch this space. The potential of Apache 
AGE, as a multi-model database, to fill an unmet ‘best of both worlds’ niche 
was evident," said Jasper Blues, CEO of Liberation Data. "With the community 
behind it, I’m not at all surprised in the way that AGE has blazed ahead 
towards that prospective future.

Congratulations to the Apache AGE community on the successes to date! With this 
graduation milestone, I’m proud to recommend AGE to a number of clients in the 
SE Asia/Oceania region. For them, a CYPHER-compatible ACID graphDB built on a 
rock solid foundation is perfect for their business cases."

"Postgres’s fundamental architecture has created a rich ecosystem of extensions 
and made Postgres the de-facto choice for developers and enterprises looking 
for a next-generation flagship data platform. AGE continues to build on that 
tradition and adds powerful graph analytics functionality to the traditional 
relational data platforms," said Mahboob Alam, Postgres community advocate. 
"Melding traditional analytics and real-time graph intelligence is going to be 
a game-changer and AGE will be instrumental in this exciting future."

The project recently released Apache AGE v1.0.0-incubating, the sixth release 
whilst undergoing development in the Apache Incubator. Future releases of 
Apache AGE will support PostgreSQL 12 and higher, more key features from 
AgensGraph, and will be further improved to be a compatibility extension for 
all relational DB, starting with integration into MySQL and MariaDB.

"Graduating as an Apache Top-Level Project is only the beginning, our journey 
continues through the excellent efforts of the greater Apache AGE community," 
added Badal Abdisho. "Join our community. We always welcome new additions and 
contributions to the Apache AGE project to help data communities explore and 
utilize the benefits of graph technologies, under the Apache Way."

Catch Apache AGE in action at ApacheCon Asia 2022 (29-31 July; 
https://apachecon.com/acasia2022/), and PostgreSQL Conference Europe (25-28 
October; https://2022.pgconf.eu/)

Availability and 

The Apache Software Foundation Announces Apache® YuniKorn™ as a Top-Level Project

2022-05-16 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/p0lt5 ]

Open Source universal Big Data and Machine Learning resource scheduler in use 
at Alibaba, Apple, Cloudera, Lyft, Visa, and Zillow, among others.

Wilmington, DE —16 May 2022— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® YuniKorn™ as a Top-Level 
Project (TLP).

Apache YuniKorn is a cloud-native, standalone Big Data and Machine Learning 
resource scheduler for batch jobs and long-running services on large scale 
distributed systems. The project was originally developed at Cloudera in March 
2019, entered the Apache Incubator in January 2020, and graduated as a 
Top-Level Project in March 2022.

"The Apache YuniKorn community is striving together to solve the resource 
scheduling problems on the cloud," said Weiwei Yang, Vice President of Apache 
YuniKorn. "It's really great to see the Apache Way shine in the incubating 
process of YuniKorn. We are lucky to have such an open, collaborative, and 
diverse community, which is sympathetic and cares about everyone's success. 
This motivates us to keep evolving and gets better every day."

Apache YuniKorn natively supports Big Data application workloads and mixed 
workloads, and provides a unified, cross-platform scheduling experience. 
Features include:

 - Cloud native —runs on-premise and in a variety of public cloud environments; 
maximizes resource elasticity with better throughput.

 - Hierarchical resource queues —efficiently manages cluster resources; 
provides the ability to control the resource consumption for each tenant.

 - Application-aware scheduling —recognizes users, applications, and queues; 
schedules according to submission order, priority, resource usage, and more.

 - Job ordering —built-in robust scheduling capabilities; supports 
fairness-based cross-queue preemption, hierarchies, pluggable node sorting 
policies, preemption, and more.

 - Central management console —monitors performance across different tenants; 
one-stop-dashboard tracks resource utilization for managed nodes, clusters, 
applications and queues.

 - Efficiency —reduces resource fragmentation and proactively triggers 
up-scaling; cloud elasticity lowers overall operational costs.

In addition, the Project has announced the release of Apache YuniKorn v1.0, the 
fifth update since entering the Apache Incubator. Improvements include: 

 - Decreased memory and cpu usage
 - Extended metrics and diagnostics information
 - New deployment model supporting future upgrades
 - Technical preview of the plugin deployment mode

Optimized to run Apache Spark on Kubernetes (open source software container 
orchestration system), Apache YuniKorn’s performance makes it an optional 
replacement to the Kubernetes default scheduler. Apache YuniKorn excelled in 
benchmark tests with other schedulers in resource sharing, resource fairness, 
preemption, gang scheduling, and bin packing categories, with throughput 
exceeding 610 allocations per second across 2,000 nodes. 

YuniKorn is in use at Alibaba, Apple, Cloudera, Lyft, Visa, and Zillow, among 
others.

"We're thrilled to see this offering come to fruition. Apache YuniKorn powers 
Apache Spark workloads for Cloudera Data Engineering (CDE), a key 
Kubernetes-based service supporting the Cloudera Data Platform," said Vinod 
Kumar Vavilapalli, Senior Director, Engineering at Cloudera and former PMC 
chair of Apache Hadoop. "As part of Cloudera’s Public and Private Cloud 
offerings, Apache YuniKorn adds tremendous flexibility and control when running 
large-scale analytics, enabling customers to better optimize the performance 
and value of their deployments."

"Apache YuniKorn is an essential infra service for bringing Big Data/ML 
workloads onto the cloud," said Chunde Ren, Engineering Manager at Alibaba Big 
Data Open-source team. "YuniKorn brings better scheduling capabilities, 
performance, elasticity, and usability for running workloads on Kubernetes, 
especially for Big Data and Machine Learning workloads, which benefits many 
users on the cloud. It's a great pleasure for us to have participated in the 
YuniKorn community since its inception and to see it grow up to be a Top-Level 
Project."

"Apache YuniKorn is becoming a popular choice for those who want to run Big 
Data workloads on Kubernetes, with more use cases developing," added Yang. "We 
welcome all who are interested to join the YuniKorn community and work with us 
on solving these challenging problems."

Catch Apache YuniKorn in action at Kubernetes Batch + HPC Day Europe (17 May 
2022 in Valencia, Spain https://sched.co/10F0t ) and Spark AI Summit 2022 
(27-30 June in San Francisco and online 
https://databricks.com/dataaisummit/north-america-2022/agenda/?sessionid=1388 ).

Availability and Oversight
Apache YuniKorn software is released under the Apache License v2.0 and is 

The Apache Weekly News Round-up: week ending 15 April 2022

2022-04-15 Thread Sally Khudairi
Happy Friday, everyone --here's what the Apache community has been up to over 
the past week:

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's 
Technology Today since 1998.
 - CFP for ApacheCon North America 2022 (taking place 3-6 October in New 
Orleans) is now open 
https://blogs.apache.org/conferences/entry/call-for-presentations-apachecon-north
 - Travel Assistance applications for ApacheCon are open until 1 July 
https://apache.org/travel/

ASF Board – management and oversight of the business affairs of the corporation 
in accordance with the Foundation's bylaws.
 - Next Board Meeting: 20 April 2022. Running Board calendar and minutes are 
available. https://apache.org/foundation/board/calendar.html

ASF Infrastructure – our distributed team on three continents keeps the ASF's 
infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.99%. Performance checks across 50 
different service components spread over more than 250 machines in data centers 
around the world. View the ASF's Infrastructure Uptime site to see the most 
recent averages. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 402 Apache Committers and 1,048 
contributors changed 17,760,803 lines of code over 5,646 commits. Top 5 
contributors, in order, are: Otavio Rodolfo Piske, Andi Huber, Jinrui.Zhang, 
Liang Zhang, and Dillon Walls.   


Apache Project Announcements – the latest updates by category.

Incubator --where new Apache projects (aka "podlings") are mentored in the 
Apache Way of community-led development.
 - Apache brpc (incubating) 1.1.0 released http://brpc.apache.org/

Attic --provides process and solutions when an Apache project has reached its 
end of life.
 - Apache River is now retired 
https://lists.apache.org/thread/xc7v5rd2g3b57yhz54hpx73jn5b5tttx

Big Data --
 - Apache Bigtop 3.0.1 released https://bigtop.apache.org/
 - Apache ShardingSphere 5.1.1 released https://shardingsphere.apache.org/

Business Intelligence/Data Visualization --
 - Apache Superset CVE-2022-27479: SQL injection vulnerability in chart data 
API 

Messaging --
 - Apache Qpid ProtonJ2 1.0.0-M5 released http://qpid.apache.org/

Observability --
 - Apache SkyWalking 9.0.0, Client JS version 0.8.0, and Java Agent 8.10.0 
released https://skywalking.apache.org/

Web Frameworks --
- Apache Struts 2.5.30 released https://struts.apache.org/
- Apache Struts CVE-2021-31805: Forced OGNL evaluation ... 
https://lists.apache.org/thread/xwfch60nxnkkhl38f5lc52n0qq27g7cr
- Apache Wicket 9.9.1 released https://wicket.apache.org/

Workflow --
- New Apache Airflow Providers released https://airflow.apache.org/


Did You Know?

- Did you know that Apache APISIX Summit Asia will be held online 20-21 May? 
https://s.apache.org/rhzue 

- Did you know that the next Apache Airflow Community Meetup is taking place on 
20 April 2022? https://www.crowdcast.io/e/airflow-meetup-april/register

- Did you know that demand for Apache Syncope identity management artifacts 
were downloaded 22.5K times over the last month? https://syncope.apache.org/


Apache Community Notices

 - Apache in 2021 - By The Digits https://s.apache.org/Apache2021Digits + Video 
highlights https://youtu.be/GU0SV_2tWkU

 - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full 
feature https://www.youtube.com/watch?v=JUt2nb0mgwg [49 min] 2) "Apache 
Everywhere" https://www.youtube.com/watch?v=nXtIti9jMFI [6 min] 3) "Why Apache" 
https://www.youtube.com/watch?v=YM5dLvNatRs [2.5 min] 4) "Apache Innovation" 
https://www.youtube.com/watch?v=qkvqJaX4S50 [40 min] 

 - ASF Annual Report: FY2021 (PDF) 
https://www.apache.org/foundation/docs/FY2021AnnualReport.pdf

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements 
http://www.apache.org/foundation/reports.html

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on 
the ASF YouTube channel https://www.youtube.com/c/TheApacheFoundation/ .

 - "Success at Apache" 
https://blogs.apache.org/foundation/category/SuccessAtApache focuses on the 
people and processes behind why the ASF "just works." 

 - Follow the ASF on social media: @TheASF on Twitter 
https://twitter.com/TheASF and The ASF page LinkedIn 
https://www.linkedin.com/company/the-apache-software-foundation . 

 - Follow the Apache Community on Facebook 
https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter 
https://twitter.com/ApacheCommunity . 

 - Are your software solutions Powered by Apache? Download & use our "Powered 
By" logos. http://www.apache.org/foundation/press/kit/#poweredby

Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. For a broader 
spectrum from the Apache community, Planet Apache provides an aggregate of 
Project activities as well as the personal blogs and tweets of select 

The Apache Software Foundation Welcomes 52 New Members

2022-04-04 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/ys8sk ]

The Apache Software Foundation (ASF) welcomes the following new Members who 
were elected during the annual ASF Members' Meeting on 1 and 3 March 2022:

Akira Ajisaka, Ahmet Altay, Mike Beckerle, Ash Berlin-Taylor, László Bodor, 
Michael Bolz, Javier Borkenztain, Robert Bradshaw, Etienne Chauchot, Zili Chen, 
Marcus Christie, Ed Coleman, Lidong Dai, Heng Du, Eric Friedrich, Sunil 
Govindan, Anshum Gupta, Xiaoqiao He, Alex Herbert, Jim Hughes, Zhiyuan Ju, 
Zhenxu Ke, Calvin Kirs, Carter Kozak, Benjamin Lerer, Yizhi Liu, Alfonso 
Nishikawa Muñumer, Lukas Ott, Eric Payne, Brian Proffitt, Lee Rhodes, Kevin 
Risden, Alexey Romanenko, Ryan Skraba, Mechtilde Stehmann, Michael Stehmann, 
Kouhei Sutou, Jerry Tan, Zhankun Tang, Chia-Ping Tsai, Isuru Udana, Dimuthu 
Upeksha, Talat Uyarer, Roger Whitcomb, Liu Xun, Weiwei Yang, Volkan Yazici, 
Tilmann Zäschke, Stamatis Zampetakis, Wenli Zhang, Yanhui Zhao, Xinyu “Yukon” 
Zhou.

In addition, ASF Members Eric Pugh and Jason van Zyl have been reinstated from 
emeritus status.

The ASF incorporated in 1999 with a core membership of 21 individuals who 
oversaw the progress of the Apache HTTP Server. This group grew with Committers 
—developers who contributed code, patches, documentation, and other 
contributions, and were subsequently granted access by the Membership:

 - to "commit" or "write" directly to Apache code repositories as well as make 
non-code contributions;
 - the right to vote on community-related decisions; and
 - the ability to propose an active contributor for Committership.

Those Committers who demonstrate merit in the Foundation's growth, evolution, 
and progress are nominated for ASF Membership by existing Members.

This election brings the total number of active ASF Members to 918 today. 
Individuals elected as ASF Members legally serve as the "shareholders" of the 
Foundation https://www.apache.org/foundation/governance/members.html

For more information, visit

 - How the ASF works http://www.apache.org/foundation/how-it-works.html
 - Apache Is Open https://blogs.apache.org/foundation/entry/apache-is-open
 - Briefing: The Apache Way http://apache.org/theapacheway/

# # #

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


Success at Apache: "My experience with the Apache Way —a perfect society?"

2022-03-29 Thread Sally Khudairi
[this post is available online at 
https://blogs.apache.org/foundation/entry/success-at-apache-my-experience ]

by Etienne Chauchot

I have been working in software engineering for more than 15 years. I've always 
contributed to Open Source software as a user or a developer. But I've been 
contributing to Apache Software Foundation (ASF) https://www.apache.org/ 
projects such as Apache Flink https://flink.apache.org/ , Apache Beam 
https://beam.apache.org/ or Apache Spark https://spark.apache.org/ for nearly 6 
years. It is long enough for me to say that I find the Apache Way is almost the 
best way to collaborate on software engineering.

I will not describe the Apache way here as there is a lot of good information 
about that already. I would rather link to the official Apache documentation 
http://www.apache.org/theapacheway/ . I humbly suggest that you read what it is 
if you don't know it already. 

My point here is to talk about the Apache Way in practice as I’ve experienced 
it. Of course, every Apache community is different, but what I wanted to 
emphasize is that applying the Apache Way by the book could lead to what I'd 
call a "perfect society" even if this word seems a bit naive and over 
optimistic, or even utopian.

A perfect society
Actually, working with the Apache way was a revelation to me!

ASF projects are governed by merit: what you do inside the community is noted, 
you get credit and it can lead to you obtaining more rights (direct access to 
the project repositories, election of committers 
https://community.apache.org/contributors/ etc.). Merit also drives decisions, 
discussing solutions and building consensus or voting for the best one helps 
lead to the best possible state of the project in the end. The best idea always 
wins in the long term.

The software is not driven by companies: no vendor concerns should take 
precedence over community. Consider how the ASF creates new top-level projects 
(TLP): a project starts in the Apache Incubator and is mentored by people who 
have already participated in successful Apache projects. When the mentors agree 
a project is ready, healthy and following The Apache Way, the ASF Board can 
approve its graduation from the Incubator to become a self-governing TLP. So 
the project is managed by the community itself and not by a single company and 
its private financial considerations. This helps drive the best decisions for 
the software itself and ensures long term maintenance of the software.

It is inclusive: the key aspect is that every voice matters, and that everyone 
is considered equal no matter their personal background, education, ethnicity 
or nationality, every contribution is good to take. Community members recognize 
that people skills may be different and complementary to theirs. So 
contributions might come from anyone, from anywhere and in any form (blog post, 
documentation, talk, code, website...)

ASF communities are welcoming: they are in constant search for new talents to 
join their forces. Being welcoming is very important to build and grow a 
community. The Open source community is also a great place for people to grow. 
The way people collaborate is generally by mentoring. Experienced contributors 
help newcomers or experts share their thoughts with others. It is really also a 
good way for mentors to share their passion and inspire mentees. Mentoring is 
in the DNA of the ASF starting with the Incubator https://incubator.apache.org/ 
when the podling community profits from the experience and advice of a mentor 
to grow in the Apache Way and become a top level project 
https://www.apache.org/dev/project-requirements . 

Communities are self-organized: there is no manager but only technical leaders 
and mentors. Each community has a PMC that guides its governance, but its 
responsibilities don’t include assigning work and expecting it to be done. 
People are self-motivated and I must say that it is the best form of motivation 
ever! I’ve found the decision-making simple and efficient: there is no solely 
decision, feedback is always very important. People are willing to share their 
thoughts and solve problems together.

Community members have a collaborative mindset: they are positive, act 
constructively and their comments are in the best interest of the project and 
the community. They are  willing to share their thoughts, review PRs, share 
advice, accept change requests or bug tickets. People are willing to accept 
criticism without being defensive. The master word is transparency. 

Last but not least, I’ve seen most people behave gently: the fact that every 
communication is public guides people to communicate in a positive way. Indeed 
one of the ASF guiding concepts is "what did not happen publicly didn’t happen" 
– often said as “what didn’t happen on the mailing list, didn’t happen” but of 
course this concept can be generalized to any communication tool we use. 
Examples of good communication I’ve seen in 

The Apache Weekly News Round-up: week ending 4 March 2022

2022-03-04 Thread Sally Khudairi
We're opening March with a cracking week. Here's what the Apache community has 
been up to:

Sponsor Apache – a number of tax-deductible sponsorships help offset the ASF's 
day-to-day operating expenses that include infrastructure support, bandwidth, 
connectivity, servers, hardware, development environments, legal counsel, 
accounting services, trademark protection, marketing and publicity, educational 
events, and more.
 - The Apache Software Foundation Welcomes VMware as its Newest Platinum Sponsor
https://blogs.apache.org/foundation/entry/the-apache-software-foundation-welcomes11

ASF Board – management and oversight of the business affairs of the corporation 
in accordance with the Foundation's bylaws.
 - Announcing New ASF Board of Directors, elected during this week's Members' 
Meeting.
https://blogs.apache.org/foundation/entry/announcing-new-asf-board-of4
 - Next Board Meeting: 16 March 2022. Running Board calendar and minutes are 
available.
https://apache.org/foundation/board/calendar.html

ASF Infrastructure – our distributed team on three continents keeps the ASF's 
infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 
different service components spread over more than 250 machines in data centers 
around the world. View the ASF's Infrastructure Uptime site to see the most 
recent averages. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 332 Apache Committers changed 
880,561 lines of code over 3,128 commits. Top 5 contributors, in order, are: 
Olivier Lamy, Andrea Cosentino, Claus Ibsen, Sebastian Rühl, and Eric Milles. 

Apache Project Announcements – the latest updates by category.

Application Servers/Middleware --
 - Apache Karaf Decanter 2.9.0 released https://karaf.apache.org/

Content --
 - Apache Jackrabbit Oak 1.22.11 released http://jackrabbit.apache.org/
 - Apache POI 5.2.1 released https://poi.apache.org/
 - CVE-2022-26336: poi-scratchpad: A carefully crafted TNEF file can cause an 
out of memory exception 
https://lists.apache.org/thread/hqc0ohg0z1j0p4ysm3y4ct6g2d8sjc2b

FinTech --
 - Apache Fineract 1.6.0 released http://fineract.apache.org/

Libraries --
 - Apache PDFBox JBIG2 ImageIO plugin 3.0.4 released https://pdfbox.apache.org/

Logging Services --
 - Apache Log4j 2.17.2 released https://logging.apache.org/log4j/2.x/index.html

Network Application Framework --
 - Apache MINA FtpServer 1.1.3 released https://mina.apache.org/

Servers --
 - Apache Tomcat 9.0.59, 10.0.17 and 10.1.0-M11 (alpha) released 
http://tomcat.apache.org/

Workflow --
 - CVE-2021-45229: Apache Airflow: Reflected XSS via Origin Query Argument in 
URL https://lists.apache.org/thread/o80q468nzrds1on5lll54s1s24l5q0w2


Did You Know?
- Did you know that the Apache Ignite community's CFP for IgniteSummit (taking 
place online 14 June) closes on 29 April? https://ignite.apache.org/events.html

- Did you know that HugeGraph (incubating), a large-scale and easy-to-use graph 
database that stores and queries billions of vertices and edges, is the newest 
podling undergoing development in the Apache Incubator? 
https://incubator.apache.org/

- Did you know that the ASF manages 2,180 mailing lists, 486 of which are 
private? Over the past year, 19,053 authors sent 1,946,990 emails on 869,461 
topics! https://apache.org/foundation/mailinglists.html

Apache Community Notices
 - Apache in 2021 - By The Digits 
https://apache.org/foundation/mailinglists.html + Video highlights 
https://youtu.be/GU0SV_2tWkU

 - The Apache Month in Review: January 2022 https://s.apache.org/January2022 
and video highlights https://youtu.be/goxIRFMIi-w

 - Watch "Trillions and Trillions Served" 
https://www.youtube.com/watch?v=JUt2nb0mgwg , the documentary on the ASF 1) 
full feature [49 min] https://www.youtube.com/watch?v=JUt2nb0mgwg 2) "Apache 
Everywhere" [6 min] https://www.youtube.com/watch?v=nXtIti9jMFI 3) "Why Apache" 
[2.5 min] https://www.youtube.com/watch?v=YM5dLvNatRs 4) “Apache Innovation” 
[40 min] https://www.youtube.com/watch?v=qkvqJaX4S50

 - ASF Annual Report: FY2021 -- Press release 
https://blogs.apache.org/foundation/entry/the-apache-software-foundation-announces78
 and Report (PDF) https://www.apache.org/foundation/docs/FY2021AnnualReport.pdf

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements 
http://www.apache.org/foundation/reports.html

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on 
the ASF YouTube channel. https://www.youtube.com/c/TheApacheFoundation/

 - "Success at Apache" focuses on the people and processes behind why the ASF 
"just works." https://blogs.apache.org/foundation/category/SuccessAtApache

 - Follow the ASF on social media: @TheASF on Twitter 
https://twitter.com/TheASF and The ASF page LinkedIn. 
https://www.linkedin.com/company/the-apache-software-foundation

 - Follow the Apache Community on Facebook 

Announcing New ASF Board of Directors

2022-03-03 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/djzeh ]

At The Apache Software Foundation (ASF) Annual Members' Meeting held this week, 
the following individuals were elected to the ASF Board of Directors:

 - Rich Bowen (former Director)
 - Bertrand Delacretaz (current Director)
 - Christofer Dutz (new Director)
 - Roy T. Fielding (current Director)
 - Sharan Foga (current Director)
 - Willem Jiang (new Director)
 - Sam Ruby (current Director)
 - Roman Shaposhnik (current Director)
 - Sander Striker (current Director)

The ASF thanks Justin Mclean, Craig Russell, and Sheng Wu for their service, 
and welcomes our new and returning directors.

An overview of the ASF's governance, along with the complete list of ASF Board 
of Directors, Executive Officers, and Project/Committee Vice Presidents, can be 
found at http://apache.org/foundation/ 

For more information on the Foundation's operations and structure, see 
http://apache.org/foundation/how-it-works.html#structure 

# # #

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


The Apache Software Foundation Welcomes VMware as its Newest Platinum Sponsor

2022-03-03 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/4kupl ]

Wilmington, DE —3 March 2022— The Apache Software Foundation (ASF) today 
welcomed VMware as its latest sponsor at the Platinum level.

"We are happy to welcome VMware as a Platinum Sponsor," said Bob Paulin, ASF 
Vice President Fundraising. "Sponsoring the ASF provides essential funds and 
services that enable us to support more than 300 Apache Projects and their 
communities on a day-to-day basis. We are grateful for VMware's generosity as 
it helps us further our mission of providing software for the public good."

"Some of the most important open source projects are ASF projects. VMware 
customers build and deploy a wide range of products built using the Apache HTTP 
Server, Tomcat, and Geode, among others," said Dawn Foster, Director of Open 
Source Community Strategy at VMware. "We are delighted to support the ASF with 
our sponsorship in addition to the contributions our team members have been 
making to projects like Apache Geode. It is important to support neutral 
foundations, like the ASF, that create a level playing field for open source 
projects where we can all collaborate together as equals."

VMware joins the following organizations:

ASF Sponsors
 - Platinum level --Amazon Web Services, Facebook, Google, Huawei, Microsoft, 
Namebase, Pineapple Fund, Tencent Cloud, and Yahoo!; 
 - Gold level --Anonymous, Baidu, Bloomberg, Cloudera, Confluent, IBM, Indeed, 
Union Investment, and Workday;
 - Silver level --Aetna, Alibaba Cloud Computing, Capital One, Comcast, Didi 
Chuxing, LINE Corporation, Red Hat, Replicated, Talend, and Target;
 - Bronze level --Bestecasinobonussen.nl, Cafe24, Cerner, Crafter CMS, Curity, 
Goread.io Followers, GridGain, HotWax Systems, LeoVegas Indian Online Casino, 
Miro-Kredit AG, Paf, PureVPN, RX-M, RenaissanceRe, Sentry, Software Guru 
DevRel, Technology Innovation Institute, The Blog Starter, Twitter, and Writers 
Per Hour.

Targeted Sponsors
 - Platinum level --Amazon Web Services, CloudBees, DLA Piper, Fastly, GitHub, 
JetBrains, JFrog, Leaseweb, Microsoft, OSU Open Source Labs, Sonatype, and 
Yahoo!;
 - Gold level --Atlassian, Datadog, DinoSource, Docker, and PhoenixNAP;
 - Silver level --Hotwax Systems, Instaclustr, Rackspace, Xiaomi;
 - Bronze level --Education Networks of America, Friend of Apache Cordova, 
Google, Hopsie, No-IP, PagerDuty, Peregrine Computer Consultants Corporation, 
Sonic.net, SURFnet, and Virtru.

For more information on becoming a Sponsor of the ASF, please see 
http://apache.org/foundation/sponsorship.html

About The Apache Software Foundation (ASF)
Established in 1999, The Apache Software Foundation is the world’s largest Open 
Source foundation, stewarding 227M+ lines of code and providing more than $22B+ 
worth of software to the public at 100% no cost. The ASF’s all-volunteer 
community grew from 21 original founders overseeing the Apache HTTP Server to 
820+ individual Members and 200 Project Management Committees who successfully 
lead 350+ Apache projects and initiatives in collaboration with 8,400+ 
Committers through the ASF’s meritocratic process known as "The Apache Way". 
Apache software is integral to nearly every end user computing device, from 
laptops to tablets to mobile devices across enterprises and mission-critical 
applications. Apache projects power most of the Internet, manage exabytes of 
data, execute teraflops of operations, and store billions of objects in 
virtually every industry. The commercially-friendly and permissive Apache 
License v2 is an Open Source industry standard, helping launch billion dollar 
corporations and benefiting countless users worldwide. The ASF is a US 
501(c)(3) not-for-profit charitable organization funded by individual donations 
and corporate sponsors that include Aetna, Alibaba Cloud Computing, Amazon Web 
Services, Anonymous, Baidu, Bloomberg, Capital One, Cloudera, Comcast, 
Confluent, Didi Chuxing, Facebook, Google, Huawei, IBM, Indeed, LINE 
Corporation, Microsoft, Namebase, Pineapple Fund, Red Hat, Replicated, Talend, 
Target, Tencent, Union Investment, VMware, Workday, and Yahoo!. For more 
information, visit http://apache.org/ and https://twitter.com/TheASF

© The Apache Software Foundation. "Apache" and "ApacheCon" are registered 
trademarks or trademarks of the Apache Software Foundation in the United States 
and/or other countries. All other brands and trademarks are the property of 
their respective owners.

# # #

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


Foundation Statement at 8 February 2022 Senate Committee hearing on Homeland Security and Government Affairs

2022-02-08 Thread Sally Khudairi
[this statement is available online at https://s.apache.org/485lz ]

“Responding to and Learning from the Log4Shell Vulnerability”

Opening Statement by David Nalley

President, Apache Software Foundation

Senate Committee on Homeland Security and Government Affairs

February 8, 2022

---

Chairman Peters, Ranking Member Portman, and distinguished members of the 
Committee: thank you for the invitation to appear this morning.

My name is David Nalley, and I am the President of the Apache Software 
Foundation (ASF). The ASF is a non-profit public-benefit charity established in 
1999 to facilitate the development of open source software. Thanks to the 
ingenuity and collaboration of our community of programmers, the ASF has grown 
into one of the largest open source organizations in the world. Today, more 
than 650,000 contributors around the world contribute to more than 350 ongoing 
projects, comprising more than 237 million lines of code.

Open source is not simply a large component of the software industry -- it 
is one of the foundations of the modern global economy. Whether they realize it 
or not, most businesses, individuals, non-profits, or government agencies 
depend on open source; it is an indispensable part of America’s digital 
infrastructure.

Projects developed from open source, like Log4j, tend to resolve problems 
that many people have, essentially serving as reusable building blocks for 
solving those problems. This enables faster innovation because it eliminates 
the need for every company or developer to reimplement software for already 
solved problems. This efficiency allows programmers to stand on the shoulders 
of giants. The ASF provides a vendor-neutral environment to enable interested 
programmers – oftentimes direct competitors of one another – to do this common 
work together in transparent, open-handed cooperation.

This is the essence of open-source software: brilliant individuals contributing 
their time and expertise to do unglamorous work solving problems – many with 
the intent of incorporating the results into their employer’s products. And 
it’s why I’ve dedicated my professional life to it.

Log4j – first released by Apache in 2001 – is the product of just this kind 
of collaboration. It performs a particular set of functions, like recording a 
computer’s operating events, so well that it has been used in products as 
diverse as storage management software, software development tools, 
virtualization software and (most famously) the Minecraft video game. As 
Log4j’s footprint grew over the years, so did its feature list. It was a 2013 
addition to Log4j, along with a part of the Java programming environment, that 
combined in such a way that exposed this security flaw.

The vulnerability was reported to Apache’s Log4j team late November 2021, 
after having been latent for many years. The Apache Logging project, and 
Apache’s Security team immediately got to work addressing the vulnerability in 
the code. The full solution was released approximately two weeks later. Given 
the near ubiquity of Log4j’s use, it may be months or even years before all 
deployed instances of this vulnerability are eliminated. As a software 
professional myself, I am proud of how the Logging project and the ASF’s 
security team (and many others across the ASF’s projects) responded and 
remediated last fall. We acted quickly and in accordance with practices we have 
adopted over many years of supporting a diverse set of open source projects. We 
will continue to develop our projects in responding to and preventing security 
vulnerabilities.

Moreover, every stakeholder in the software industry – including its 
largest customers, like the federal government – should be investing in 
software supply chain security. While ideas like the Software Bills of 
Materials won’t prevent vulnerabilities, they can mitigate the impact by 
accelerating the identification of potentially vulnerable software. However, 
the ability to quickly update to the most secure and up-to-date versions 
remains a significant hurdle for the software industry.

The reality is that humans write software, and as a result there will 
continue to be bugs, and despite best efforts some of those will include 
security vulnerabilities. As we continue to become ever more connected and 
digital, the number of vulnerabilities and potential consequences are likely to 
grow. There is no easy software security solution - it requires defense in 
depth – incorporating upstream development in open source projects, vendors 
that incorporate these projects, developers that make use of the software in 
custom applications, and even down to the organizations that deploy these 
applications to provide services important to their users.

Rather than shying away from this risk, I submit that software developers, 
open-source communities, and federal policymakers should face it head-on 
together – with the 

Apache Month in Review: January 2022

2022-02-01 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/January2022 ]

Welcome to the latest monthly overview of events from the Apache community. 
Here's a summary of what happened in January [video highlights available at 
https://youtu.be/goxIRFMIi-w ] :

New This Month --
- Apache in 2021 - By The Digits – a look at the achievements from the Apache 
Community over the past 12 months
   -- Summary and stats at https://s.apache.org/Apache2021Digits
   -- Video highlights https://youtu.be/GU0SV_2tWkU
- Apache Software Foundation statement on White House Open Source Security 
Summit 
https://blogs.apache.org/foundation/entry/apache-software-foundation-statement-on
- Apache Month in Review: December 2021 https://s.apache.org/December2021
- ASF Security Report 2021 – the annual state of security across all Apache 
projects https://s.apache.org/SecurityReport2021 
- The Apache Software Foundation Announces Open Source data orchestration 
platform Apache® Hop™ as a Top-Level Project https://s.apache.org/4s3ci

Important Dates --
- Next Board Meeting: 16 February 2022. Board calendar and minutes 
http://apache.org/foundation/board/calendar.html

Infrastructure --
Our seven-member Infrastructure team on three continents oversees our 
highly-reliable, distributed network under the leadership of VP Infrastructure 
David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure 
supports 300+ Apache projects and their communities across ~200 individual 
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per 
month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly 
checks to ensure services are available around the clock. The average uptime in 
January was 100%. http://www.apache.org/uptime/

Committer Activity --
In January, 672 Apache Committers changed 14,033,278 lines of code over 15,480 
commits. The Committers with the top 5 highest contributions, in order, were: 
Gary Gregory, Claus Ibsen, Mark Thomas, Jarek Potiuk, and Sebastian Bazley.

Project Releases and Updates --
New releases from Apache Airflow (Workflow); APISIX (API); Avro (Big Data); 
Camel (Integration); DolphinScheduler (Workflow); Flink (Big Data); Geode 
(Database); Guacamole (Network Client); Hop (Orchestration); Ignite (Big Data); 
Jackrabbit (Content); James (Mail); Kafka (Big Data); Karaf (Application 
Servers/Middleware); Knox (Big Data); Log4j (Libraries); MINA (Network 
Client/Server); NiFi (Big Data); OFBiz (Enterprise Processes Automation / ERP); 
POI (Content); Portals (Web Frameworks); ShardingSphere (Big Data); ShenYu 
(Incubating; API); Skywalking (Application Performance Management); Struts (Web 
Frameworks); Tomcat (Servers); Tuweni (Incubating; Blockchain); and TVM 
(Machine Learning).

Apache Project Anniversaries in January: Apache Cocoon, James, and Web Services 
(18 years); Lucene (16 years); ActiveMQ (14 years); Hadoop (13 years); River 
(10 years); Empire-db and Gora (9 years); OpenMeetings (8 years); Samza (6 
years); Arrow (5 years); Ranger (2 years); and Gobblin (1 year). Many happy 
returns! https://projects.apache.org/committees.html?date

The Apache Incubator is the primary entry path for projects wishing to become 
an official part of the ASF. More than three dozen projects are currently 
undergoing development in the Apache Incubator. http://incubator.apache.org/

# # #

To see our Weekly News Round-ups (published every Friday), visit 
https://blogs.apache.org/foundation/ and click on the calendar or hop directly 
to https://blogs.apache.org/foundation/category/Newsletter . For real-time 
updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your 
support!

= = =
NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


The Apache Software Foundation Announces Open Source data orchestration platform Apache® Hop™ as a Top-Level Project

2022-01-18 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/4s3ci ]

Wilmington, DE —18 January 2022— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® Hop™ as a Top-Level Project 
(TLP).

Apache Hop —the Hop Orchestration Platform— is a flexible, metadata-infused 
data orchestration, engineering, and integration platform. The project 
originated more than two decades ago as the Extract-Transform-Load (ETL) 
platform Kettle (Pentaho Data Integration), was refactored over several years, 
and entered the Apache Incubator in September 2020. 

"We are pleased to successfully adopt 'the Apache Way' and graduate from the 
Apache Incubator," said Bart Maertens, Vice President of Apache Hop. "Apache 
Hop enables people of all skill levels to build powerful and scalable data 
solutions without the need to write code. As an Apache Top-Level Project, Hop 
is developed and used by people across the globe. Hop's full project life cycle 
support helps these data teams to successfully build, test and run their 
projects in ways that would otherwise be hard or impossible to do."

Using Apache Hop, data professionals can rapidly and affordably facilitate all 
aspects of data and metadata orchestration whilst supporting DevOps best 
practices, such as testing. Apache Hop’s Java-based visual designer, server, 
and configuration tools are easy to set up, deploy, and maintain across 
numerous platforms. Features include:

Lightweight “design once, run anywhere” architecture —workflows and pipelines 
can be designed in the Hop GUI and executed locally or remotely on the Hop 
native engine, on Apache Flink, Apache Kafka, Apache Spark, Google Dataflow, or 
AWS EMR through Apache Beam runtimes;

Metadata-driven —every object type in Hop describes how data is read, 
manipulated or written, or how workflows and pipelines need to be orchestrated. 
In addition, Hop itself is internally metadata-driven, using a kernel 
architecture with a robust engine; 

Visual development environment —intuitive drag-and-drop graphical user 
interface (GUI) enables developers to enjoy the ease and productivity of visual 
development rather than code. Using Hop, data engineers can focus on business 
logic and requirements rather than how it needs to be done;

Plug-in integration —more than 250 plugins make it easy to manage ecosystem 
complexity, and add new functionality; and

Built-in lifecycle management —enables developers, engineers, and 
administrators to manage, test, deploy, and switch between projects, workflows, 
pipelines, environments, purposes, Git versions and more —all from the Hop GUI.

Apache Hop has been designed to work in any scenario: on-premises, on a cloud, 
on a bare OS, in containers, IoT environments, large datasets, and more, on 
Windows, Linux, and OSX.

Many of the thousands of organizations in finance, retail, supply chain, and 
other sectors that use Kettle (Pentaho Data Integration; the precursor to 
Apache Hop) have started to look into Hop or already are in the process of 
upgrading to Hop.

"I'm very happy that we can now safely collaborate with any company or person 
across the global community under the umbrella of the Apache Software 
Foundation on something as cool as Apache Hop," said Matt Casters, Chief 
Solution Architect at Neo4j and member of the Apache Hop Project Management 
Committee.

"We started adopting Apache Hop in our data integration projects in early 2021 
because of its flexibility, scalability and ease of use, in various scenarios 
ranging from classical DWH ETL processes to highly critical, real time 
processes," said Sergio Ramazzina, CEO and Chief Architect at Serasoft S.r.l., 
and member of the Apache Hop Project Management Committee. "We are impressed by 
how responsive the community is in solving issues and helping users approaching 
the platform --an important point to increase users adoption and trust. We 
welcome everyone joining our Hop community and contributing to the project."

"This graduation is just the beginning for Hop, and is proof that great 
communities build great software. The entire Hop community would like to thank 
the Apache Software Foundation for making this possible, especially our mentors 
who guided us through the Incubator," added Maertens. "We invite everyone to 
download and try Hop, join our chat and become part of the Hop community."

Catch Apache Hop in action at a future Hop community event. For more 
information and to register, visit https://hop.apache.org/community/events/ 

Availability and Oversight
Apache Hop software is released under the Apache License v2.0 and is overseen 
by a self-selected team of active contributors to the project. A Project 
Management Committee (PMC) guides the Project's day-to-day operations, 
including community development and product releases. For downloads, 
documentation, and ways to become 

The Apache Software Foundation Security Report: 2021

2022-01-10 Thread Sally Khudairi
[complete report, with image and links, is available online at 
https://s.apache.org/SecurityReport2021 ]

Apache Software Foundation Security Report: 2021

Synopsis: This report explores the state of security across all of The Apache 
Software Foundation projects for the calendar year 2021. We review key metrics, 
specific vulnerabilities, and the most common ways users of ASF projects were 
affected by security issues.

Released: January 2022

Author: Mark Cox, Vice President Security, The Apache Software Foundation

Background
The security committee of The Apache Software Foundation (ASF) oversees and 
coordinates the handling of vulnerabilities across all of the 350+ Apache 
projects.  Established in 2002 and composed of all volunteers, we have a 
consistent process for how issues are handled, and this process includes how 
our projects must disclose security issues.

Anyone finding security issues in any Apache project can report them to 
secur...@apache.org where they are recorded and passed on to the relevant 
dedicated security teams or private project management committees (PMC) to 
handle.  The security committee monitors all the issues reported across all the 
projects and keeps track of the issues throughout the vulnerability lifecycle. 

The security committee is responsible for ensuring that issues are dealt with 
properly and actively reminds projects of their outstanding issues and 
responsibilities.  As a board committee, we have the ability to take action 
including blocking their future releases or, worst case, archiving a project if 
such projects are unresponsive to handling their security issues.  This, along 
with the Apache License v2,0, are key parts of the ASF’s general oversight 
function around official releases, allowing the ASF to protect individual 
developers and giving users confidence to deploy and rely on ASF software.  

The oversight into all security reports, along with tools we have developed, 
gives us the ability to easily create metrics on the issues.  Our last report 
covered the metrics for 2020.

Statistics for 2021
In 2021 our security email addresses received in total ~18,500 emails. After 
spam filtering and thread grouping there were 1272 (2020: 946, 2019: 620) 
non-spam threads.  Unfortunately security reports do sometimes look like spam, 
especially if they include lots of attachments or large videos, and so the 
security team are careful to review all messages to ensure real reports are not 
missed for too long.

[please refer to the image at https://s.apache.org/SecurityReport2021 ] Diagram 
1: Breakdown of ASF security email threads for calendar year 2021

Diagram 1 gives the breakdown of those 1272 threads.  359 threads (28%) were 
people confused by the Apache License.  As many projects use the Apache 
License, not just those under the ASF umbrella, people can get confused when 
they see the Apache License and they don't understand what it is. This is most 
common for example on mobile phones where the licenses are displayed in the 
settings menu, usually due to the inclusion of software by Google released 
under the Apache License.  We no longer reply to these emails. This is up from 
the 257 received in 2020.

The next 337 of the 1272 (26%) are email threads with people asking 
non-security (usually support-type) questions.

The next 135 of those reports were researchers reporting issues in an Apache 
web site.  These are almost always false negatives; where a researcher reports 
us having directory listings enabled, source code visible, public “.git” 
directories, and so on.  These reports are generally the unfiltered output of 
some publicly available scanning tool, and often where the reporter asks us for 
some sort of monetary reward (bounty) for their report.

That left 441 (2020: 376, 2019: 320) reports of new vulnerabilities in 2021, 
which spanned 99 of the top level projects.  These 441 reports are a mix of 
external reporters and internal. For example, where a project has found an 
issue themselves and followed the ASF process to assign it a CVE (Common 
Vulnerabilities and Exposures) name and address it, we’d still count it here.  
We don’t keep metrics that would give the breakdown of internal vs external 
reports.

The next step is that the appropriate project triages the report to see if it's 
really an issue or not.  Invalid reports and reports of things that are not 
actually vulnerabilities get rejected back to the reporter.  Of the remaining 
issues that are accepted they are assigned appropriate CVE names and eventually 
fixes are released.

As of January 1st 2022, 50 of those 441 reports were still under triage and 
investigation. This is where a project was working on an issue and had not 
rejected the issue or assigned it a CVE as of the snapshot taken on January 1st 
2022.  This number was higher than what we’d normally expect and was due to the 
large influx of reports that came at the end of December 2021.

The remaining 

Apache in 2021 - By The Digits

2022-01-03 Thread Sally Khudairi
[this report, charts, and graphics are available online at 
https://s.apache.org/Apache2021Digits ]

During 2021 the all-volunteer Apache community has demonstrated unwavering 
commitment to our tenet of "Community Over Code." Highlights over the past year 
include —

Community/People
The Apache Software Foundation’s (ASF) merit-driven 
"Contributor-Committer-Member" progression is the central governing process 
across the Apache ecosystem. Following the ASF’s incorporation in 1999, the 
core Apache Group of 21 individual Members grew with developers who contributed 
code, patches, or documentation. Some of these contributors were subsequently 
granted Committer status by the Membership, and provided access to: 1) commit 
code directly to Apache repositories; 2) vote on community-related decisions; 
and 3) propose an active user for Committership.

Today, ASF Committers contribute not just code and documentation, but also an 
array of initiatives that provide value across the greater Apache ecosystem, 
including Project promotion and community development through mentoring, 
events, and diversity and inclusion programs. Those Committers who demonstrate 
merit in the Foundation's growth, evolution, and progress are nominated for ASF 
Membership by existing members.

More than 630,000 individuals have contributed to the ASF to date. During 2021, 
724 individuals new to the ASF contributed to Apache projects and initiatives.

In 2021 the ASF welcomed 441 new Committers, totaling 8,484. 40 new Foundation 
Members were elected in 2021, totaling 816 active Members.

[please refer to image at https://s.apache.org/Apache2021Digits ]

Contributor Growth
Each year, new members contribute to the ASF's efforts. These charts 
demonstrate how long committers/authors have been contributing to Apache 
projects. Approximately 20% of first-time contributors continue to participate 
for a longer period of time.
[please refer to image at https://s.apache.org/Apache2021Digits ]

Contributor Experience with the ASF
[please refer to image at https://s.apache.org/Apache2021Digits ]

Project Activity
 - Total number of Apache projects + sub-projects - 351
 - Top-Level Projects - 200
 - Top-Level Projects and sub-projects retired to the Apache Attic - 23
 - Podlings undergoing development in the Apache Incubator - 37
 - New projects that entered the Apache Incubator - 5
 - New Top-Level Projects that graduated from the Incubator - 6
 - Podlings that retired from the Incubator - 2

Top-Level Projects (committees) evolution
[please refer to image at https://s.apache.org/Apache2021Digits ]

Incubating projects (podlings) evolution
[please refer to image at https://s.apache.org/Apache2021Digits ]

Code and Commits
The ASF shepherds 283,069,836 lines of code across 2,308 repositories 
(excluding Website repositories).

Apache Projects, sub-projects, incubating podlings, and their communities 
produced hundreds of releases across dozens of categories that include: 
Application Programming Interfaces, Application Performance Management, Big 
Data, Cloud Computing, Content, Databases, email, Enterprise Processes 
Automation, FinTech, Identity Management, Integrated Development Environments, 
Integration, Internet of Things (Io), Libraries, Logging, Machine Learning, 
Messaging, Natural Language Processing, Operating Systems, Remote Desktop 
Gateways, Search, Security Frameworks, Servers, Templating, Testing, Version 
Control, Web Crawlers, Web Conferencing, Web Frameworks, and more.

During 2021, 2,493 Code Committers and 9,604 Code Authors changed 514,891,631 
lines of code over 217,479 commits.

Top 5 Code Authors in 2021
1. Andrea Cosentino: 4,447 commits (352,346 insertions, 399,815 deletions)
2. Claus Ibsen: 2,974 commits (555,245 insertions, 567,896 deletions)
3. Mark Thomas: 2,509 commits (186,889 insertions, 117,182 deletions)
4. Jean-Baptiste Onofré:  2,470 commits (18,899 insertions, 33,835 deletions)
5. Gary Gregory: 2,240 commits (170,799 insertions, 181,214 deletions)

Commits per Month in 2021
[please refer to image at https://s.apache.org/Apache2021Digits ]

Top Apache Project Repositories by Size (Lines of Code)
[please refer to image at https://s.apache.org/Apache2021Digits ]

Top Apache Project Repositories by Commits made in 2021
[please refer to image at https://s.apache.org/Apache2021Digits ]

Code Language Breakdown
[please refer to image at https://s.apache.org/Apache2021Digits ]

Issues and Pull Requests (ASF Infrastructure + GitHub)
 - Total Issues Opened - 197,242
 - Contributors Opening Issues - 31,769
 - Contributors Resolving Issues - 20,867
 - Total Issues Resolved - 173,178

[please refer to image at https://s.apache.org/Apache2021Digits ]

Issues and Pull Request Community Growth
[please refer to image at https://s.apache.org/Apache2021Digits ]

Email and Mailing Lists
The ASF adage "If it didn't happen on-list, it didn't happen" ensures that our 
distributed community on 7 continents are able to 

Apache Month in Review: December 2021

2022-01-03 Thread Sally Khudairi
[this post is available online at https://s.apache.org/December2021 ]

Apache Month in Review: December 2021

Welcome to the latest monthly overview of events from the Apache community. 
Here's a summary of what happened in December  [video highlights available at 
https://youtu.be/2xNsILebwHI ] :

New This Month --
- Apache Month in Review: November 2021 https://s.apache.org/November2021

Important Dates --
- Next Board Meeting: 19 January 2022. Board calendar and minutes 
http://apache.org/foundation/board/calendar.html

Infrastructure --
Our seven-member Infrastructure team on three continents oversees our 
highly-reliable, distributed network under the leadership of VP Infrastructure 
David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure 
supports 300+ Apache projects and their communities across ~200 individual 
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per 
month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly 
checks to ensure services are available around the clock. The average uptime in 
December was 99.94%. http://www.apache.org/uptime/

Committer Activity --
In December, 600 Apache Committers changed 23,123,232 lines of code over 13,572 
commits. The Committers with the top 5 highest contributions, in order, were: 
Gary Gregory, Claus Ibsen, Jean-Baptiste Onofré, Harikrishna Patnala, and Andi 
Huber.

Project Releases and Updates --
New releases from Apache Airflow (Workflow); APISIX (API); Archiva (Build 
Management); Calcite (Big Data); Camel (Integration); Daffodil (Libraries); 
DolphinScheduler (Workflow); Druid (Big Data); Flink (Big Data); Fortress 
(Identity Management); Geode (Database); Groovy (Programming Languages); HBase 
(Big Data); HttpComponents (Servers); HTTP Server (Servers); Ignite (Big Data); 
IoTDB (IoT); Jackrabbit (Content); James (Mail); JMeter (Testing); JSPWiki 
(Content); Karaf (Application Servers/Middleware); Kyuubi (Incubating; Big 
Data); Log4j (Libraries); Lucene (Search); MXNet (Incubating; Libraries); 
NetBeans (Integrated Development Environment); NiFi (Big Data); OFBiz 
(Enterprise Processes Automation / ERP); Parquet (Big Data); PDFBox (Content); 
PLC4X (IoT); Pulsar (Messaging); Qpid (Messaging); Skywalking (Application 
Performance Management); Solr (Search); Struts (Web Frameworks); Tika (Big 
Data); Tomcat (Servers); Traffic Control (Servers); Wicket (Web Frameworks); 
and XMLBeans (Library).

Apache Project Anniversaries in December: Apache Portable Runtime (APR; 21 
years); Logging Services (18 years); Cayenne and OFBiz (15 years); Synapse (14 
years); Camel (13 years); Axis, OpenWebBeans, Pivot (12 years); Aries (11 
years); Flex (9 years); Helix (8 years); Flink (7 years); Beam (5 years); 
Airflow (3 years); Druid (2 years); DataSketches (1 year); ECharts (1 year); 
and Mnemonic (1 year). Many happy returns! 
https://projects.apache.org/committees.html?date

The Apache Incubator is the primary entry path for projects wishing to become 
an official part of the ASF. More than three dozen projects are currently 
undergoing development in the Apache Incubator. http://incubator.apache.org/

# # #

To see our Weekly News Round-ups (published every Friday), visit 
https://blogs.apache.org/foundation/ and click on the calendar or hop directly 
to https://blogs.apache.org/foundation/category/Newsletter . For real-time 
updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your 
support!

= = =

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


The Apache Weekly News Round-up: week ending 12 November

2021-11-12 Thread Sally Khudairi
Happy Friday, everyone --let's review the Apache community's activities from 
over the past week:

Sponsor Success at Apache – the blog series that focuses on the people and 
processes behind why the ASF "just works", featuring insights and experiences 
from the perspective of select ASF Sponsors
 - "Exploration and Practice of the Apache Way in Tencent" by Mark Shan 
https://s.apache.org/258az

ASF Board – management and oversight of the business affairs of the corporation 
in accordance with the Foundation's bylaws.
 - Next Board Meeting: 17 November 2021. Board calendar and minutes 
https://apache.org/foundation/board/calendar.html

ASF Infrastructure – our distributed team on three continents keeps the ASF's 
infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.94%. Performance checks across 50 
different service components spread over more than 250 machines in data centers 
around the world. View the ASF's Infrastructure Uptime site to see the most 
recent averages. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 352 Apache Committers changed 
11,730,654 lines of code over 3,823 commits. Top 5 contributors, in order, are: 
Krzysztof Kopyściński, Mark Thomas, Andrea Cosentino, Adam Kocoloski, and Tomaž 
Muraus.

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache NiFi 1.15.0 released https://nifi.apache.org/
 - Apache ShardingSphere 5.0.0 released https://shardingsphere.apache.org/

Business Intelligence --
 - Apache Superset CVE-2021-41972: Credentials leak 
https://lists.apache.org/thread/01o21s5z16791ywrfds91l4x9vdgsn1r

Content --
 - Apache Jackrabbit 2.20.4 and Jackrabbit Oak 1.8.25 released 
http://jackrabbit.apache.org/
 - Apache Traffic Control 6.0.1 released https://trafficcontrol.apache.org/ and 
CVE-2021-43350: LDAP filter injection vulnerability in Traffic Ops 
https://lists.apache.org/thread/01o21s5z16791ywrfds91l4x9vdgsn1r

Messaging --
 - Apache Qpid Proton 0.36.0 released


Did You Know?

 - Did you know that the Apache Unomi community will be holding their first 
Unomi developer MeetUp online and free of charge on 18 November? 
http://unomi.apache.org/events/meetups/2021-11-18.html

 - Did you know that the Apache Ignite community are preparing for the vote on 
v2.12, are redesigning their project Website, and will be kicking off Ignite 
Summit Cloud Edition 16 November? Catch up on a busy week ahead! 
http://ignite.apache.org/

 - Did you know that Uber Eats' new real-time exactly-once ad event processing 
is powered by Apache Flink http://flink.apache.org/ , Apache Kafka 
http://kafka.apache.org/ , and Apache Pinot http://pinot.apache.org/ ? 


Apache Community Notices
- The Apache Month in Review: October 2021 https://s.apache.org/October2021 and 
video highlights https://youtu.be/3rPR6tNt-dg

- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full 
feature https://www.youtube.com/watch?v=JUt2nb0mgwg [49 min] 2) "Apache 
Everywhere" https://www.youtube.com/watch?v=nXtIti9jMFI [6 min] 3) "Why Apache" 
https://www.youtube.com/watch?v=YM5dLvNatRs [2.5 min] 4) “Apache Innovation” 
https://www.youtube.com/watch?v=qkvqJaX4S50 [40 min] 

 - ASF Annual Report: FY2021 -- Press release 
https://blogs.apache.org/foundation/entry/the-apache-software-foundation-announces78
 and Report https://www.apache.org/foundation/docs/FY2021AnnualReport.pdf (PDF)

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements 
http://www.apache.org/foundation/reports.html

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on 
the ASF YouTube channel. https://www.youtube.com/c/TheApacheFoundation/

 - "Success at Apache" focuses on the people and processes behind why the ASF 
"just works." https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF 
infrastructure team --meet 
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
  ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III 
https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II 
https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II 
https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II 
https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I  https://s.apache.org/InsideInfra-ChrisL  and Part 
II https://s.apache.org/InsideInfra-ChrisL2

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page 
LinkedIn. 

 - Follow the Apache Community on Facebook and Twitter. 

 - Are your software solutions Powered by Apache? Download & use our "Powered 
By" 

Sponsor Success at Apache: Exploration and Practice of the Apache Way in Tencent

2021-11-11 Thread Sally Khudairi
[this post is available online at https://s.apache.org/258az ]

by Mark Shan, Chairman of Tencent Open Source Alliance and Tencent Cloud Open 
Source Ecosystem General Manager

The Apache Software Foundation (ASF) manages more than 227 million lines of 
code, has 206 project management committees, leads more than 350 Apache 
projects and operates through a merit system, with more than 850 members, 
8,100+ committers, and tens of thousands of contributors.

Previously the Apache Group, the ASF has grown to one of the largest open 
source foundations in the world today. It has built the well-known "Apache Way" 
through its leadership, sound community, and merit thinking, resulting in a set 
of schemes that promote the sustainable development of open source communities 
and guide the practice of open source projects.projects.

Since Tencent Open Source was created 11 years ago, a large number of Tencent 
engineers have formed a deep connection with the Apache community by 
participating and contributing to Apache projects. Furthermore, by learning 
from the Apache Way, Tencent is going through its open source journey.

At ApacheCon@Home 2021, I shared how Tencent thinks, explores, and practices 
open source according to the Apache Way. Below is a synopsis of this 
presentation:

The Apache Way's Importance in Community Building

The Apache Way is difficult to define. Although the Apache Way has evolved 
somewhat over the years, the original intention of "high transparency" has 
remained unchanged. In Mark Shan’s view, Tencent's learning experience from the 
Apache Way can be summarized into five main points:

1. Everyone has the opportunity to participate and can become a contributor. 
Contributors can increase their impact and personal growth through their 
contributions to projects.
2. The ASF has a structure that encourages contributions from everyone, 
regardless of employer. This means that, for example, committer and PMC roles 
are open to anyone who earns the title. Tencent encourages its engineers to 
participate in the Apache community actively.
3. Understanding and practicing open communication is extremely important. 
Because open source is the collaboration of a global community, Tencent 
engineers are able to participate in the Apache open source project through 
asynchronous collaboration using the mailing list. Code and decision-related 
communication are open and transparent.
4. Reaching consensus when making decisions is strongly encouraged. Consensus 
can maintain project momentum and productivity. But when a complete consensus 
is impossible, voting or other coordination is available to arrive at binding 
decisions.
5. The most important point is that the Apache community's motto, "community 
over code", is often emphasized. Because a healthy community is more important 
than simply good code. A strong and healthy community can always correct code 
problems, while an unhealthy community may struggle to maintain the code 
repository in a sustainable manner. In addition, flexibility is also an 
integral part of ASF's sustainable open source success.

[see image of Tencent-Apache Projects Ecosystem Landscape 
https://s.apache.org/258az ]

Tencent's Open Source Way —Inspired by the Apache Way

Apache projects and their communities are unique and diverse. In the 
community-led development process, Apache members formed the Apache Way based 
on their experience.

Many of Tencent's open source practices and results are executed following the 
model of the Apache Way. After many years of incorporating open source into its 
culture, Tencent has formed an approach, "open collaboration, open source for 
good," which reflects Tencent's value and vision, and is honed based on open 
source best practices.

Practicing the Apache Way: Contributing and Donating to open source projects

Tencent engineers have been contributing to and helping to lead many ASF 
projects, including:

1) Big Data

Over the past four years, several Tencent engineers helped lead releases for 
Apache Hadoop 2.8.4 and 2.8.5, Apache Ozone 1.0.0 (Ozone was a sub-project of 
Apache Hadoop, and became a Top-Level Project in 2020), and Apache Spark 2.3.2. 
Tencent engineers contributed more than 20 features and optimizations to 
several versions of Hadoop, and are core contributors in multiple Apache 
computing and AI frameworks that include Flink, HBase, Hive, MXNet, and Parquet.

2) Middleware

In 2019, Tencent donated TubeMQ, its self-developed trillion-level big data 
component, to the ASF through the Apache Incubator. In 2021 the project 
officially changed its name to Apache InLong, as part of its incubation process.

Tencent Applications based on Apache Projects
In addition to self-developed tools, Tencent widely uses ASF open source 
projects in its various business systems, with particular focus in big data, 
API gateways, and observability. As one of the largest daily real-time 
computing companies, Tencent's overall big data 

Apache Month in Review: October 2021

2021-11-01 Thread Sally Khudairi
[this post is available online at https://s.apache.org/October2021  ]

Welcome to the latest monthly overview of events from the Apache community. 
Here's a summary of what happened in October [video highlights available 
https://youtu.be/3rPR6tNt-dg ] :

New This Month --
- Apache Software Foundation moves to CDN distribution for software. 
https://s.apache.org/newuq
- The Apache Software Foundation Announces Apache® OpenOffice® 4.1.11 
https://s.apache.org/3x8kz 
- Presentations from ApacheCon 2021 events are available on the ASF's YouTube 
channel. https://s.apache.org/ASF-YouTube
- Apache Month in Review: September 2021 https://s.apache.org/September2021 

Important Dates --
- Next Board Meeting: 17 November 2021. Board calendar and minutes 
http://apache.org/foundation/board/calendar.html
- Apache CloudStack Collaboration Conference 2021 - 8-12 November 2021 
https://blogs.apache.org/foundation/entry/cloudstack-collaboration-conference-2021-november

Infrastructure --
Our seven-member Infrastructure team on three continents oversees our 
highly-reliable, distributed network under the leadership of VP Infrastructure 
David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure 
supports 300+ Apache projects and their communities across ~200 individual 
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per 
month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly 
checks to ensure services are available around the clock. The average uptime in 
October was 100.00%. http://www.apache.org/uptime/

Committer Activity --
In October, 643 Apache Committers changed 47,071,028 lines of code over 11,309 
commits. The Committers with the top 5 highest contributions, in order, were: 
Claus Ibsen, Andi Huber, Gary Gregory, Andrea Cosentino, and Alex Herbert.   

Project Releases and Updates --
New releases from Apache Airflow (Big Data); Ant (Build Management); APISIX 
(API); Bigtop (Big Data); Calcite (Big Data); Camel (Integration); CouchDB (Big 
Data); DB (Database); Flink (Big Data); Geode (Database); HBase (Big Data); Hop 
(Orchestration); HttpComponents (Servers); HTTP Server (Servers); Jackrabbit 
(Content); James (Mail); Kyuubi (Incubating; Big Data); Log4cxx (Libraries); 
Lucene (Search); OpenMeetings (Web Conferencing); OpenOffice (Content); PLC4X 
(IoT); Qpid (Messaging); ShardingSphere (Big Data); ShenYu (Incubating; API); 
SIS (Geospatial); Skywalking (Application Performance Management); Solr 
(Search); Storm (Big Data); Syncope (Identity Management);Tomcat (Servers); 
Traffic Control (Servers); XMLBeans (Library).

Apache Project Anniversaries in October: Apache Ant (19 years); HttpComponents 
(14 years); Attic, Buildr, CouchDB, and Qpid (13 years); Community Development 
("ComDev", 12 years); OODT and ZooKeeper (11 years); Kafka and Syncope (9 
years); Ambari (8 years); BookKeeper, Drill, and MetaModel (7 years); Brooklyn, 
Groovy, Kylin, and REEF (6 years); Geode (5 years); Guacamole, Impala, and 
Mnemonic (4 years); Griffin (3 years); Petri (2 years); and Superset and TVM (1 
year). Many happy returns! https://projects.apache.org/committees.html?date

The Apache Incubator is the primary entry path for projects wishing to become 
an official part of the ASF. More than three dozen projects are currently 
undergoing development in the Apache Incubator. http://incubator.apache.org/

# # #

To see our Weekly News Round-ups (published every Friday), visit 
https://blogs.apache.org/foundation/ and click on the calendar or hop directly 
to https://blogs.apache.org/foundation/category/Newsletter . For real-time 
updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your 
support!

= = =
NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


The Apache Software Foundation Announces Apache® OpenOffice® 4.1.11

2021-10-07 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/3x8kz ]

Updates to security and availability of leading Open Source office document 
productivity suite

Wilmington, DE —7 October 2021— The Apache® Software Foundation (ASF), the 
world’s largest Open Source foundation, announced today Apache OpenOffice® 
4.1.11, the popular Open Source office-document productivity suite.

Used by millions of organizations, institutions, and individuals around the 
world, Apache OpenOffice delivered 317M+ downloads* and provides more than $25M 
in value to users per day. Apache OpenOffice supports more than 40 languages, 
offers hundreds of ready-to-use extensions, and is the productivity suite of 
choice for governments seeking to meet mandates for using ISO/IEC standard Open 
Document Format (ODF) files.

"Users worldwide depend on OpenOffice to meet their office productivity needs," 
said Carl Marcum, Vice President of Apache OpenOffice. "We are proud to offer 
improved security and availability with our latest release. Businesses of all 
sizes across numerous industries, educational institutions, non-profits, 
digitally-inclusive communities, application developers, and countless others 
rely on Apache OpenOffice to efficiently create, manage, and deliver 
high-impact, integrated content."

Apache OpenOffice comprises six productivity applications: Writer (word 
processor), Calc (spreadsheet tool), Impress (presentation editor), Draw 
(vector graphics drawing editor), Math (mathematical formula editor), and Base 
(database management program). The OpenOffice suite ships for Windows, macOS, 
and Linux.

Apache OpenOffice v4.1.11
The 14th release under the auspices of the ASF, OpenOffice v4.1.11 reflects 
dozens of improvements, features, and bug fixes that include:

 - New Writer Fontworks gallery
 - Updated document types where hyperlink is allowed
 - Updated Windows Installer
 - Increased font size in Help

In addition, the project is mitigating 5 CVE (Common Vulnerabilities and 
Exposures) reports, three of which will be disclosed on 11 October, in 
coordination with The Document Foundation.

Apache OpenOffice delivers up to 2.4M downloads per month and is available as a 
free download to all users at 100% no cost, charge, or fees of any kind.

Apache OpenOffice is available on the Windows 11 Store as of 5 October 2021.

OpenOffice source code is available for anyone who wishes to enhance the 
applications. The Project welcomes contributions back to the project as well as 
its code community. Those interested in participating with Apache OpenOffice 
can learn more at https://openoffice.apache.org/get-involved.html .

* partial count: the number above reflects full-install downloads of Apache 
OpenOffice via SourceForge as of September 2021.

Tribute
Of special note, Apache OpenOffice 4.1.11 is dedicated to the memory of Dr. 
Patricia Shanahan, late member of the Apache OpenOffice Project Management 
Committee, former member of the ASF Board of Directors, former Vice President 
Apache River, and contributor to Apache Community Development. More information 
on Patricia can be found at the ASF’s memorial page 
http://apache.org/memorials/patricia_shanahan.html . 

Availability and Oversight
Apache OpenOffice software is released under the Apache License v2.0 and is 
overseen by a volunteer, self-selected team of active contributors to the 
project. A Project Management Committee (PMC) guides the Project's day-to-day 
operations, including community development and product releases. The project 
strongly recommends that users download OpenOffice only from the official site 
https://www.openoffice.org/download/ to ensure that they receive the original 
software in the correct and most recent version.

About Apache OpenOffice
Apache OpenOffice is a leading Open Source office-document productivity suite 
comprising six productivity applications: Writer, Calc, Impress, Draw, Math, 
and Base. OpenOffice is based around the OpenDocument Format (ODF), supports 
40+ languages, and ships for Windows, macOS, and Linux. OpenOffice originated 
as "StarOffice" in 1985 by StarDivision, who was acquired by Sun Microsystems 
in 1999. The project was open-sourced under the name "OpenOffice.org", and 
continued development after Oracle Corporation acquired Sun Microsystems in 
2010. OpenOffice entered the Apache Incubator in 2011 and graduated as an 
Apache Top-level Project in October 2012. Apache OpenOffice delivers up to 2.4 
Million downloads each month is the productivity suite of choice for hundreds 
of educational institutions and government organizations seeking to meet 
mandates for using ISO/IEC standard Open Document Format (ODF) files. For more 
information, including documentation and ways to become involved with Apache 
OpenOffice, visit https://openoffice.apache.org/ and 
https://twitter.com/ApacheOO .

About The Apache Software Foundation (ASF)
Established in 1999, The Apache Software Foundation (ASF) is 

Apache Month in Review: September 2021

2021-10-01 Thread Sally Khudairi
[this post is available online at https://s.apache.org/September2021 ]

Welcome to the latest monthly overview of events from the Apache community. 
Here's a summary of what happened in September [video highlights available 
https://youtu.be/v3GdwUmevog ] :

New this month --

- Success at Apache - This series focuses on the people and processes behind 
why the ASF "just works." The most recent entry is "From Mentee to PMC" by 
Ephraim Anierobi. https://s.apache.org/13mcu

- The Apache Drill Project Announces Apache® Drill(TM) v1.19 Milestone Release 
https://s.apache.org/bfhy6

- Apache Ranger response to incorrect analyst report on Cloud data security 
https://blogs.apache.org/foundation/entry/apache-ranger-response-to-incorrect

- Apache Month in Review: August 2021 https://s.apache.org/August2021

Important Dates --
- Next Board Meeting: 20 October 2021. Board calendar and minutes 
http://apache.org/foundation/board/calendar.html

Infrastructure --
Our seven-member Infrastructure team on three continents oversees our 
highly-reliable, distributed network under the leadership of VP Infrastructure 
David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure 
supports 300+ Apache projects and their communities across ~200 individual 
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per 
month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly 
checks to ensure services are available around the clock. The average uptime in 
September was 99.87%. http://www.apache.org/uptime/

Committer Activity --
In September, 692 Apache Committers changed 31,529,765 lines of code over 
13,104 commits. The Committers with the top 5 highest contributions, in order, 
were: Mark Thomas, Andrea Cosentino, Andi Huber, Harikrishna Patnala, and 
Daniel Gruno.

Project Releases and Updates --
New releases from Apache Airflow (Big Data); Any23 (Content); APISIX (API); 
Camel (Integration); Commons DBCP (Libraries); Commons RNG (Libraries); 
DolphinScheduler (Workflow); Drill (Big Data); Druid (Big Data); Geode 
(Database); Geronimo (Application Servers); Groovy (Programming Languages); 
HttpComponents (Servers); Hudi (Big Data); Ignite (Big Data); IoTDB (IoT); 
Jackrabbit (Content); jclouds (Cloud); Jena (Libraries); Kafka (Big Data); 
Karaf (Application Servers/Middleware); Log4j (Libraries); NetBeans (Integrated 
Development Environment); PDFBox (Content); Pulsar (Messaging); Qpid 
(Messaging); Shiro (Security Framework); Skywalking (Application Performance 
Management); Solr (Search); Tika (Big Data); Tomcat (Servers);  Wicket (Web 
Frameworks); Zeppelin (Big Data).

Apache Project Anniversaries in September: ServiceMix (14 years); Hive, Pig, 
and Shiro (11 years); Airavata, Bigtop, and SIS (9 years); Curator (8 years); 
Storm (7 years); Yetus (6 years); RocketMQ and Royale (4 years); Pulsar (3 
years); Rya (2 years); IoTDB (1 year). Many happy returns! 
https://projects.apache.org/committees.html?date

The Apache Incubator is the primary entry path for projects wishing to become 
an official part of the ASF. More than three dozen projects are currently 
undergoing development in the Apache Incubator; new to the Incubator this month 
is Apache Linkis (computation middleware). http://incubator.apache.org/

# # #

To see our Weekly News Round-ups (published every Friday), visit 
https://blogs.apache.org/foundation/ and click on the calendar or hop directly 
to https://blogs.apache.org/foundation/category/Newsletter . For real-time 
updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your 
support!

= = =

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


The Apache News Round-up: week ending 27 September 2021

2021-09-27 Thread Sally Khudairi
[this newsletter is available online at https://s.apache.org/p74bn ]

We're closing September with another great week. Here
are the latest updates on the Apache community's activities:

ASF Board – management and oversight of the business affairs of the
corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 20 October 2021. Board calendar and minutes
https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing
Tomorrow's Technology Today since 1998.
 - Our 2021 events are complete: thanks to all speakers, sponsors,
participants, and planners for their great turnout!
 - Presentations for ApacheCon Asia are available on the ASF YouTube
channel. ApacheCon@Home presentations will be posted shortly
https://www.youtube.com/c/TheApacheFoundation/

ASF Infrastructure – our distributed team on three continents keeps
the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100.00%. Performance checks
across 50 different service components spread over more than 250
machines in data centers around the world. View the Apache
Infrastructure Uptime site to see the most recent averages.
http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 328 Apache Committers
changed 7,398,124 lines of code over 2,924 commits. Top 5
contributors, in order, are: Harikrishna Patnala, Gary Gregory, Andy
Seaborne, Daniel Gruno, and Mark Thomas.

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache Druid 0.22.0 released https://druid.apache.org/
   -- CVE-2021-36749: The HTTP inputSource allows authenticated users
to read data from other sources than intended
https://s.apache.org/kcci1
Cloud Computing --
 - Apache Kafka 3.0.0 released https://kafka.apache.org/
   -- CVE-2021-38153: Timing Attack Vulnerability for Apache Kafka
Connect and Clients https://s.apache.org/19mol

Data Management Platform --
 - Apache Ignite 2.11.0 released http://ignite.apache.org/

IDE --
 - Apache NetBeans 12.5 released http://netbeans.apache.org/

Messaging --
 - Apache Pulsar 2.8.1 released https://pulsar.apache.org/


Did You Know?

 - Did you know that LinkedIn's 10,000-node cluster for Big Data
analytics and machine learning workloads is considered the world's
largest Apache Hadoop implementation? http://hadoop.apache.org/

 - Did you know that Yelp's new search engine, Nrtsearch, is powered
by Apache Lucene? http://lucene.apache.org/

 - Did you know that the Ignite Summit Cloud Edition CFP closes on 15
October? http://ignite.apache.org/

Apache Community Notices
- Watch "Trillions and Trillions Served"
https://www.youtube.com/watch?v=JUt2nb0mgwg, the documentary on the
ASF
  1) full feature [49 min] https://www.youtube.com/watch?v=JUt2nb0mgwg
  2) "Apache Everywhere" [6 min] https://www.youtube.com/watch?v=nXtIti9jMFI
  3) "Why Apache" [2.5 min] https://www.youtube.com/watch?v=YM5dLvNatRs
  4) “Apache Innovation” [40 min] https://www.youtube.com/watch?v=qkvqJaX4S50

 - ASF Annual Report: FY2021
   -- Press release
https://blogs.apache.org/foundation/entry/the-apache-software-foundation-announces78
   -- Report (PDF) https://www.apache.org/foundation/docs/FY2021AnnualReport.pdf

 - The Apache Month in Review: August 2021
https://blogs.apache.org/foundation/entry/apache-month-in-review-august1

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements
http://www.apache.org/foundation/reports.html

 - Presentations from ApacheCon Asia are available on YouTube
https://www.youtube.com/c/TheApacheFoundation/playlists?app=desktop=50=dd_id=2

 - "Success at Apache" focuses on the people and processes behind why
the ASF "just works."

 - Inside Infra: the new interview series with members of the ASF
infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
  ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III
https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and
Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and
Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and
Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I  https://s.apache.org/InsideInfra-ChrisL
and Part II https://s.apache.org/InsideInfra-ChrisL2

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page
on LinkedIn https://www.linkedin.com/company/the-apache-software-foundation

 - Follow the Apache Community on Facebook
https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter
https://twitter.com/ApacheCommunity .

 - Are your software solutions Powered by Apache? Download & use our
"Powered By" 

The Apache News Round-up: week ending 17 September 2021

2021-09-20 Thread Sally Khudairi
[this newsletter is available online at https://s.apache.org/wkssk ]

We're wrapping up another great week with the following activities from the 
Apache community:

Success at Apache

This series focuses on the people and processes behind why the ASF "just 
works." The most recent entry is  "From Mentee to PMC" by Ephraim Anierobi. 
https://blogs.apache.org/foundation/entry/success-at-apache-from-mentee

ASF Annual Report

The ASF annual report is a look back at our many achievements during the 2021 
Fiscal Year.

- Press release: The Apache Software Foundation Announces Annual Report for 
2021 Fiscal Year 
https://blogs.apache.org/foundation/entry/the-apache-software-foundation-announces78
 - ASF FY2021 Annual Report (PDF) 
https://www.apache.org/foundation/docs/FY2021AnnualReport.pdf

ASF Board – management and oversight of the business affairs of the corporation 
in accordance with the Foundation's bylaws.
 - Next Board Meeting: 20 October 2021. Board calendar and minutes 
https://apache.org/foundation/board/calendar.html
ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's 
Technology Today since 1998. ApacheCon Asia was held online 6-8 August; 
ApacheCon@Home is coming up next on 21-23 September:
 - The Apache® Software Foundation Announces Program for ApacheCon@Home 2021 
https://blogs.apache.org/foundation/entry/the-apache-software-foundation-announces77
 - Learn all about ApacheCon with Rich Bowen and Swapnil M Mane 
https://youtu.be/m_c7NJ5yMOg
 - Learn about the Community Track from Sharan Foga and Swapnil M Mane 
https://youtu.be/8cZF-gaE3a4
 - Register for ApacheCon@Home https://www.apachecon.com/acah2021/

ASF Infrastructure – our distributed team on three continents keeps the ASF's 
infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.99%. Performance checks across 50 
different service components spread over more than 250 machines in data centers 
around the world. View the Apache Infrastructure Uptime site to see the most 
recent averages. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 356 Apache Committers changed 
2,986,797 lines of code over 3,104 commits. Top 5 contributors, in order, are: 
Alex Heneveld, Andrea Cosentino, Stephen Mallette, Andi Huber, and Claus Ibsen. 
   

Apache Project Announcements – the latest updates by category.

Application Servers/Middleware --
 - Apache Karaf runtime 4.3.3 released https://karaf.apache.org/

Content --
 - Apache PDFBox 3.0.0-alpha2 released https://pdfbox.apache.org/
 - Apache Any23 2.5 released http://any23.apache.org/
   -- CVE-2021-38555: An XML external entity (XXE) injection vulnerability 
exists in StreamUtils.java 
https://lists.apache.org/thread.html/r589d1a9f94dbeee7a0f5dbe8513a0e300dfe669bd964ba2fbfe28e07%40%3Cannounce.apache.org%3E
   -- CVE-2021-40146: A Remote Code Execution (RCE) vulnerability exists in 
YAMLExtractor.java 
https://lists.apache.org/thread.html/r7c521ed85c7ae1bad4fdf95b459f2aaa8a67eae338636b7b7ec35d86%40%3Cannounce.apache.org%3E

Cloud Computing --
 - Apache jclouds 2.4.0 released https://jclouds.apache.org/

Integration --
 - Apache Camel 3.11.2 (LTS) released https://camel.apache.org/

IoT --
 - Apache IoTDB 0.12.2 released https://iotdb.apache.org/

Libraries --
 - Apache Log4j Kotlin API 1.1.0 released https://logging.apache.org/
 - Apache Commons RNG 1.4 released https://commons.apache.org/
 - Apache Jena CVE-2021-39239: XML External Entity (XXE) vulnerability 
https://lists.apache.org/thread.html/rf44d529c54ef1d0097e813f576a0823a727e1669a9f610d3221d493d%40%3Cannounce.apache.org%3E

Observability --
 - Apache SkyWalking Python Agent 0.7.0 and Satellite 0.2.0 released 
https://skywalking.apache.org/

Search --
 - Apache Solr Operator v0.4.0 released http://solr.apache.org/

Security Framework --
 - Apache Shiro CVE-2021-41303: Before 1.8.0, when using Apache Shiro with 
Spring Boot, a specially crafted HTTP request may cause an authentication 
bypass 
https://lists.apache.org/thread.html/r85a80d9187a1ee920780f410e902aa340d679d15733c13730662fb22%40%3Cannounce.apache.org%3E

Servers --
 - Apache Tomcat 8.5.71, 9.0.53, 10.0.11, and 10.1.0-M5 (alpha) released 
https://tomcat.apache.org/
   -- CVE-2021-41079: Denial of Service 
https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.apache.org%3E
 - Apache HttpComponents Core 5.2-alpha1 released https://hc.apache.org/

Web Frameworks -
 - Apache Wicket 9.5.0 released https://wicket.apache.org/

Did You Know?

 - Did you know that NASA JPL uses Apache Kafka to enable real-time data feeds 
from Mars? http://kafka.apache.org/

 - Did you know that ASF Infrastructure's uptime during FY2021 was 99.75%? 
https://apache.org/uptime/

 - Did you know that Shopify uses Apache Flink to analyze 10 TB+ of data? 
http://flink.apache.org/

Apache Community Notices
- Watch "Trillions and Trillions Served" 

Success at Apache: from Mentee to PMC

2021-09-16 Thread Sally Khudairi
[this post is available online at https://s.apache.org/13mcu ]

by Ephraim Anierobi

This post is about how I became a committer and a Project Management Committee 
(PMC) member of Apache Airflow, and provides guidance to those new to 
programming, are new to contributing to open-source projects, and want to 
become committers and PMC members in their respective Apache projects.

About a year and a half after changing my career from electrical engineering to 
software development, I became a committer and a Project Management Committee 
member of Apache Airflow. Becoming a committer and a PMC member is a reward and 
a kind of validation that you are on the right part of your journey.

On February 16, 2021, I accepted an invitation to become a committer in Apache 
Airflow. It came as a surprise, as I was not expecting it. Six months down the 
line, I received another surprise invitation to become a PMC member in Apache 
Airflow.

These are impressive feats for me because before contributing to Apache 
Airflow, I didn't have experience working with other programmers. I was making 
websites and taught a few friends of mine how to make their own. I didn't have 
a mentor, and no one has ever seen my code to advise whether to continue on my 
journey or drop the idea of becoming a programmer.

While I desired to work with experienced programmers to improve my skills, I 
feared people seeing my code would talk me down. I almost gave up on my journey 
only to come across an Outreachy post on Twitter looking for interns for open 
source projects. Outreachy is a tech diversity program that provides three 
months of paid, remote internships to people underrepresented in tech.

I was ready to change my career and was looking for mentorship, but couldn't 
find an internship that could help me get started in my journey. In Nigeria 
where I'm living, your location affects your chances of getting an entry-level 
job. I was not close to the major cities. 

So I applied for an internship through Outreachy. 

There are two application processes. The initial application involves 
explaining your background and why you should be accepted into the program. You 
must pass the initial application before you could proceed to the next. The 
second application process (called the contribution period) is where you choose 
an open source project that matches your skill sets and then contribute to it. 
You must have some minimum contributions before you could be accepted.

That was how I found Apache Airflow.

You could imagine the joy I had when I was accepted into the program.

Here are things I did which I believe would help you in your journey to 
becoming an Apache committer and a PMC member.

Asking Questions

Asking questions is the fastest way to learn. Don't be afraid to ask questions 
if you do not understand something. I ask questions a lot and I always get 
answers, but I didn't start by asking questions: I made 40 commits to the 
repository without understanding what Airflow does. It was not until I joined 
my new employer Astronomer that I learned what DAG is and what a data pipeline 
is. Now I can easily reproduce issues following someone's descriptions. I wish 
I had asked questions earlier --I could have had more experience by now!

Start small

If you are like me, with little experience, start contributing from the minor 
issues. Find good first issues and work on them. You don't have to wait to 
contribute a large change before contributing.

While working on the REST API project, which I got hired by Outreachy to do, I 
was looking at the codebase. I started with Airflow providers because it was 
easy for me to understand. There were so many requests about providers at the 
time and I started looking into it, reading the code base, and helping with the 
providers. I didn't go into the core straight up; I avoided it. My first PR was 
on simple database migration during the Outreachy contribution period.

Refactor codes

Airflow is complex. Till now, I'm still learning it. Just last week I learned 
about how the execution date works. I know there are a lot of other things I 
have not understood very well but refactoring helped me to understand a lot.

When I was to work in the scheduler, I found the file was so large that I went 
back and forth without progress. I worked on separating the files and I'm glad 
I did because after that I could contribute. I recommend refactoring code but 
do not go into large refactoring. A little at a time, with the hope to 
understand the project. Avoid the core of the project if you are just starting.

Issues

One thing about issues is that most reporters would tell you how to reproduce 
them. Most times, you would find that the issue is quite easy to fix. I usually 
jump on those and fix them. Other times, I had to contact my superiors before I 
could fix it.

Looking at reported issues gives an added advantage that you could learn how 
the software works in the real world. Try to 

The Apache News Round-up: week ending 10 September 2021

2021-09-10 Thread Sally Khudairi
[this newsletter is available online at https://s.apache.org/cgxvx ]

We're wrapping up another great week with the following activities from the 
Apache community:

ASF Annual Report – a look back at our many achievements during the 2021 Fiscal 
Year
 - Press release https://s.apache.org/FY2021AnnualReport-pressrelease
 - Full report https://s.apache.org/FY2021AnnualReport

ASF Board – management and oversight of the business affairs of the corporation 
in accordance with the Foundation's bylaws.
 - Next Board Meeting: 15 September 2021. Board calendar and minutes 
https://apache.org/foundation/board/calendar.html
ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's 
Technology Today since 1998. ApacheCon Asia was held online 6-8 August; 
ApacheCon@Home is coming up next on 21-23 September:
 - The Apache® Software Foundation Announces Program for ApacheCon@Home 2021 
https://s.apache.org/ACHome2021
 - Learn all about ApacheCon with Rich Bowen and Swapnil M Mane 
https://youtu.be/m_c7NJ5yMOg
 - Learn about the Community Track from Sharan Foga and Swapnil M Mane 
https://youtu.be/8cZF-gaE3a4
 - Register for ApacheCon@Home https://www.apachecon.com/acah2021/

ASF Infrastructure – our distributed team on three continents keeps the ASF's 
infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 
different service components spread over more than 250 machines in data centers 
around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 326 Apache Committers changed 
9,187,985 lines of code over 2,985 commits. Top 5 contributors, in order, are: 
Harikrishna Patnala, Andi Huber, Yann Ylavic, Andrea Cosentino, and Benoit 
Tellier. 

Apache Project Announcements – the latest updates by category.

APIs --
 - Apache APISIX Go Plugin Runner 0.2.0 released https://apisix.apache.org/

Application Servers --
 - Apache Geronimo Arthur 1.0.3 released https://geronimo.apache.org/arthur

Databases --
 - Apache Geode 1.14.0 released http://geode.apache.org/
Content --
 - Apache Jackrabbit 2.14.10 released http://jackrabbit.apache.org/

Programming Languages --
 - Apache Groovy 2.5.15, 3.0.9, and 4.0.0-beta-1 released 
https://groovy.apache.org/
Workflow --
 - Apache DolphinScheduler 1.3.8 released https://dolphinscheduler.apache.org/
 - Apache Airflow CVE-2021-38540: Variable Import endpoint missed 
authentication check https://s.apache.org/88ww5


Did You Know?

 - Did you know that ByteDance uses Apache Hudi to build exabyte-scale data 
lakes for services such as TikTok? http://hudi.apache.org/

 - Did you know that the Netherlands and Japan Pulsar MeetUp groups are having 
meetups in September? https://pulsar.apache.org/en/events/

 - Did you know that Kafka Summit will be held online and free of charge 14-15 
September? http://kafka.apache.org/events


Apache Community Notices

- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full 
feature [49 min] https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" 
[6 min] https://s.apache.org/ApacheEverywhere 3) "Why Apache" [2.5 min] 
https://s.apache.org/ASF-Trillions-WhyApache 4) “Apache Innovation” [40 min] 
https://s.apache.org/ApacheInnovation

 - The Apache Month in Review: August 2021 https://s.apache.org/August2021

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements 
http://www.apache.org/foundation/reports.html

 - Presentations from ApacheCon Asia are available at 
https://s.apache.org/ApacheConAsia2021-talks

 - "Success at Apache" focuses on the people and processes behind why the ASF 
"just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF 
infrastructure team --meet 
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
  ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III 
https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II 
https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II 
https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II 
https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I  https://s.apache.org/InsideInfra-ChrisL  and Part 
II https://s.apache.org/InsideInfra-ChrisL2

 - Follow the ASF on social media: @TheASF on Twitter 
(https://twitter.com/TheASF) and on LinkedIn at 
https://www.linkedin.com/company/the-apache-software-foundation

 - Follow the Apache Community on Facebook 
https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter 
https://twitter.com/ApacheCommunity

 - Are your software solutions Powered by 

Apache Month in Review: August 2021

2021-09-01 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/August2021 ]

Welcome to the latest monthly overview of events from the Apache community. 
Here's a summary of what happened in August:

New this month --

- The Apache Software Foundation Announces Apache® Pinot™ as a Top-Level 
Project https://s.apache.org/ft8p6

- The Apache® Software Foundation Announces Program for ApacheCon@Home 2021 
https://s.apache.org/ACHome2021

- The Apache Drill Project Announces Apache® Drill™ v1.19 Milestone Release 
https://s.apache.org/bfhy6

- The Apache® Software Foundation Announces Annual Report for 2021 Fiscal Year 
https://s.apache.org/FY2021AnnualReport-pressrelease

- Apache Month in Review: July 2021 https://s.apache.org/July2021 + Video 
highlights https://youtu.be/KIYB1g6SKhg


Important Dates --

- Next Board Meeting: 15 September 2021. Board calendar and minutes 
http://apache.org/foundation/board/calendar.html

- ApacheCon™ --the ASF's official global conference series, bringing Tomorrow's 
Technology Today since 1998-- is being held twice in 2021:
  - UPCOMING: Register for ApacheCon@Home - 21-23 September 
https://www.apachecon.com/acah2021/
-- Learn about the Community Track from Sharan Foga and Swapnil M Mane 
https://youtu.be/8cZF-gaE3a4
  - Completed: ApacheCon Asia - 6-8 August --presentations available at 
https://s.apache.org/37n3z


Infrastructure --

Our seven-member Infrastructure team on three continents oversees our 
highly-reliable, distributed network under the leadership of VP Infrastructure 
David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure 
supports 300+ Apache projects and their communities across ~200 individual 
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per 
month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly 
checks to ensure services are available around the clock. The average uptime in 
August was 99.61%. http://www.apache.org/uptime/


Committer Activity --
In August, 764 Apache Committers changed 15,185,996 lines of code over 17,295 
commits. The Committers with the top 5 highest contributions, in order, were: 
Claus Ibsen, Alex Herbert, Andrea Cosentino, Harikrishna Patnala, and Kaxil 
Naik.  


Project Releases and Updates --

New releases from Apache ActiveMQ (Messaging); Airflow (Workflow); APISIX 
(APIs); Camel (Integration); Commons (Libraries); EventMesh (incubating; 
Eventing); Flink (Big Data); Geode (Databases); Hop (incubating; 
Orchestration); Jackrabbit (Content); NiFi (Big Data); OFBiz (ERP/Enterprise 
Resource Planning); Portable Runtime (Libraries); Pulsar (Messaging); Qpid 
(Messaging); Roller (Content); ServiceComb (Libraries); Teaclave (incubating; 
Confidential Computing); Tika (Content); Tomcat (Servers); Traffic Server 
(Servers).

Apache Project Anniversaries in August: jUDDI (11 years); Any23, Lucene.Net, 
and Oozie (9 years); Ignite, Serf, and Usergrid (6 years); HAWQ (3 years). Many 
happy returns!

The Apache Incubator is the primary entry path for projects wishing to become 
an official part of the ASF. Linkis (Middleware) entered the Apache Incubator 
in August. More than three dozen projects are currently undergoing development 
in the Apache Incubator http://incubator.apache.org/ .

# # #

To see our Weekly News Round-ups (published every Friday), visit 
https://blogs.apache.org/foundation/ and click on the calendar or hop directly 
to https://blogs.apache.org/foundation/category/Newsletter . For real-time 
updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your 
support!

= = =

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


The Apache® Software Foundation Announces Annual Report for 2021 Fiscal Year

2021-08-31 Thread Sally Khudairi
[this announcement is available online at 
https://s.apache.org/FY2021AnnualReport-pressrelease ]

World's largest Open Source foundation's community rallies during pandemic; 
uptick in project activity, participation, and sponsor support advances 
Foundation to continue to provide $22B+ worth of software to the 
public-at-large at 100% no cost.

Wilmington, DE —31 August 2021— The Apache® Software Foundation (ASF), the 
world's largest Open Source foundation, announced today the availability of the 
annual report for its 2021 fiscal year (1 May 2020 – 30 April 2021).

The all-volunteer ASF stewards 227M+ lines of code —valued conservatively at 
more than $22B (constructive cost model - CoCoMo)— all available to the public 
at 100% no cost. Apache software is used in every Internet-connected country on 
the planet, and is integral to nearly every aspect of modern computing.

FY2021 highlights include:

1. 40 new individual Members elected, totalling 853 
2. Exceeded 8,200 individual Committers
3. 200 Project Management Committees overseeing 351 Apache Projects, plus 
dozens of sub-projects and initiatives
4. 14 Top-Level Projects graduated from the Apache Incubator
5. 35 projects (a.k.a. “podlings”) undergoing development in the Apache 
Incubator
6. Top 5 most active Apache Projects accessed: Kafka, Hadoop, ZooKeeper, POI, 
Logging 
7. Top 5 Apache Project repositories by commits: Camel, Flink, Airflow, 
Lucene-Solr, NuttX (incubating)
8. Top 5 most visited Apache Projects on GitHub: Spark, Flink, Kafka, Arrow, 
Beam
9. 17,758 authors sent 2,184,671 emails on 780,274 topics
10. Top 5 Apache Project user and developer email lists by activity: Flink 
(user), Tomcat (developer), James (developer), Flink (developer), Kafka 
(developer)  
11. 17,000+ emails sent to ASF Security team
12. 3,058 Committers changed 134,517,884 lines of code over 258,860 commits
13. 672 Individual Contributor License Agreements signed
14. 23 Corporate Contributor License Agreements signed
15. 32 Software Grant Agreements executed
16. ASF's seven-member Infrastructure team on three continents supports all 
Apache projects, initiatives, and their communities across ~200 individual 
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per 
month, and 2-3M daily emails on 2,000+ lists. Average uptime in FY2021 was 
99.75%
17. New Infrastructure-developed tools and services enable Apache Projects and 
their communities to self-administer numerous features around their code 
repositories
18. Fundraising yielded a positive net income, exceeding FY2021 targets
19. Foundation operations supported by contributions from 9 Platinum Sponsors, 
10 Gold Sponsors, 8 Silver Sponsors, 30 Bronze Sponsors, 10 Platinum Targeted 
Sponsors, 5 Gold Targeted Sponsors, 3 Silver Targeted Sponsors, 12 Bronze 
Targeted Sponsors, and more than 630 individual donors;
20. Less than 10% of income spent on overhead
21. Published new Website dedicated to data privacy https://privacy.apache.org
22. Produced and released "Trillions and Trillions Served" documentary series 
23. Launched "Inside Infra" interview series with members of ASF Infrastructure 
team
24. Held first ApacheCon@Home event online to thousands of attendees from 
around the world
25. Advanced Diversity & Inclusion goals, including securing internships, 
conducting Community Survey and User Experience Research, and easing barriers 
to entry for contributors from underrepresented groups
26. ASF was a mentoring organization in Google Summer of Code for the 16th 
consecutive year

The full report is available online at https://s.apache.org/FY2021AnnualReport

About The Apache Software Foundation (ASF)
Established in 1999, The Apache Software Foundation (ASF) is the world’s 
largest Open Source foundation, stewarding 227M+ lines of code and providing 
more than $22B+ worth of software to the public at 100% no cost. The ASF’s 
all-volunteer community grew from 21 original founders overseeing the Apache 
HTTP Server to 850+ individual Members and 206 Project Management Committees 
who successfully lead 350+ Apache projects and initiatives in collaboration 
with 8,200+ Committers through the ASF’s meritocratic process known as "The 
Apache Way". Apache software is integral to nearly every end user computing 
device, from laptops to tablets to mobile devices across enterprises and 
mission-critical applications. Apache projects power most of the Internet, 
manage exabytes of data, execute teraflops of operations, and store billions of 
objects in virtually every industry. The commercially-friendly and permissive 
Apache License v2 is an Open Source industry standard, helping launch billion 
dollar corporations and benefiting countless users worldwide. The ASF is a US 
501(c)(3) not-for-profit charitable organization funded by individual donations 
and corporate sponsors including Aetna, Alibaba Cloud Computing, Amazon Web 
Services, Anonymous, ARM, Baidu, Bloomberg, Budget Direct, Capital 

The Apache Drill Project Announces Apache® DrillTM v1.19 Milestone Release

2021-08-30 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/bfhy6 ]

Open Source, enterprise-grade, schema-free Big Data SQL query engine used by 
thousands of organizations, including Ant Group, Cisco, Ericsson, Intuit, 
MicroStrategy, Tableau, TIBCO, TransUnion, Twitter, and more.

Wilmington, DE —30 August 2021— The Apache Drill Project announced the release 
of Apache® DrillTM v1.19, the schema-free Big Data SQL query engine for Apache 
Hadoop®, NoSQL, and Cloud storage.

"Drill 1.19 is our biggest release ever," said Charles Givre, Vice President of 
Apache Drill. "With an already short learning curve, Drill 1.19 makes it even 
easier for users to quickly query, analyze, and visualize data from disparate 
sources and complex data sets.”

An "SQL-on-Hadoop" engine, Apache Drill is easy to deploy, highly performant, 
able to quickly process trillions of records, and scalable from a single laptop 
to a 1000-node cluster. With its schema-free JSON model (the first distributed 
SQL query engine of its kind), Drill is able to query complex semi-structured 
data in situ without requiring users to define schemas or transform data. It 
provides plug-and-play integration with existing Hive and HBase deployments, 
and is extensible out-of-the-box to access multiple data sources, such as S3 
and Apache HDFS, HBase, and Hive. Additionally, Drill can directly query data 
from REST APIs to include platforms like SalesForce and ServiceNow.

Drill supports the ANSI SQL 2003 standard syntax ecosystem as well as dozens of 
NoSQL databases and file systems, including Apache HBase, MongoDB, 
Elasticsearch, Cassandra, REST APIs, , HDFS, MapR-FS, Amazon S3, Azure Blob 
Storage, Google Cloud Storage, NAS, local files, and more. Drill leverages 
familiar BI tools (such as Apache Superset, Tableau, MicroStrategy, QlikView 
and Excel) as well as data virtualization and visualization tools, and runs 
interactive queries on Hive tables with different Hive metastores.

Apache Drill v1.19
Drill is designed from the ground up to support high-performance analysis on 
rapidly evolving data on modern Big Data applications. v1.19 reflects more than 
100 changes, improvements, and new features that include:

 - New Connectors for Apache Cassandra, Elasticsearch, and Splunk

 - New Format Reader for XML without schemas

 - Added Avro support for Kafka plugin

 - Integrated password vault for secure credential storage

 - Support for Linux ARM64 systems

 - Added limit pushdowns for file systems, HTTP REST APIs and MongoDB

 - Added streaming for Drill's REST API

 - Integration with Apache Airflow

Developers, analysts, business users, and data scientists use Apache Drill for 
data exploration and analysis for its enterprise-grade reliability, security, 
and performance. Drill's flexibility and ease-of-use have attracted thousands 
of users that include Ant Group, Cardlytics, Cisco, Ericsson, Intuit, 
MicroStrategy, Qlik, Tableau, TIBCO, TransUnion, Twitter, National University 
of Singapore, and more.

"Individuals, businesses, and organizations of all types rely on Apache Drill's 
rich functionality," added Givre. "We invite everyone to participate in our 
user and developer lists as well as our Slack channel, and contribute to the 
project to build on our momentum and help improve the future experience for all 
Drill users."

Catch Apache Drill in action at ApacheCon@Home, taking place online 21-23 
September 2021. For more information and to register, visit 
https://www.apachecon.com/ .

Availability and Oversight
Apache Drill software is released under the Apache License v2.0 and is overseen 
by a volunteer, self-selected team of active contributors to the project. A 
Project Management Committee (PMC) guides the Project's day-to-day operations, 
including community development and product releases.

About Apache Drill
Apache Drill is the Open Source, schema-free Big Data SQL query engine for 
Apache Hadoop, NoSQL, and Cloud storage. For more information, including 
documentation and ways to become involved with Apache Drill, visit 
http://drill.apache.org/ , https://twitter.com/ApacheDrill , and 
https://apache-drill.slack.com/ .

© The Apache Software Foundation. "Apache", "Drill", "Apache Drill", and 
"ApacheCon" are registered trademarks or trademarks of the Apache Software 
Foundation in the United States and/or other countries. All other brands and 
trademarks are the property of their respective owners.

# # #

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


The Apache® Software Foundation Announces Program for ApacheCon@Home 2021

2021-08-17 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/ACHome2021 ]

Official Apache global conference series to be held virtually for second year, 
featuring 140+ sessions, and keynotes from GitHub, NYU and Open Source Hardware 
Association, Red Hat, and the Wilson Center.

Wilmington, DE —17 August 2021— The Apache® Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced keynotes, sponsors, and program for 
ApacheCon@Home, taking place online 21-23 September 2021. Registration is open 
and free for all attendees.

"With dozens of compelling talks on the latest Apache innovations, presented by 
noted community experts and supported by an impressive roster of sponsors, we 
expect a record turnout of attendees," said Ruth Suehle, ASF Executive Vice 
President and ApacheCon@Home co-Chair. "We're excited to enable participants to 
join us at their own convenience online and to build on the success of last 
year's inaugural ApacheCon@Home, with nearly 3,500 attendees."

ApacheCon is the ASF's official global conference series, first held in 1998. 
ApacheCon draws attendees from more than 130 countries to experience 
"Tomorrow's Technology Today" independent of business interests, corporate 
biases, or sales pitches.

ApacheCon showcases the latest breakthroughs from dozens of Apache projects, 
with content selected entirely by Apache projects and their communities. 
ApacheCon@Home joins ApacheCon Asia, which took place online 6-8 August, to 
meet the educational demands of the growing Apache community of developers, 
users, and enthusiasts worldwide.

"The ApacheCon@Home format has been a game changer by letting many members of 
the Apache community experience ApacheCon for the first time —all from the 
comfort of their homes or any location,” said Rich Bowen, Vice President of 
Conferences at the ASF. "We continue to grow and evolve our events to enable 
participants from around the globe to experience the full event as it happens, 
and interact with community members and sponsors in real-time. Post-event 
session recordings enable thousands to enjoy ApacheCon year-round."

ApacheCon@Home features more than 140 sessions, all held virtually and online. 
Participants at all levels will learn about innovations in Apache projects and 
categories that include: ActiveMQ; AGE (incubating); APISIX; API and 
Microservice; Beam; Big Data; Calcite; Camel; Cassandra, Community; Content 
Delivery; Content Management; CXF; Daffodil; DataSketches; Data Visualization; 
DolphinScheduler; Druid; Federated Data; Fineract and FinTech; Flink; Geode; 
Geospatial; Groovy; Hadoop; Hadoop YARN; HBase; HDFS; Hive; Hop (incubating); 
HTTP Server; Hudi Ignite; Impala; Incubator; Integration; Internet of Things; 
James; Jena; Kafka; Karaf; Kudu; Liminal (incubating); Lucene; MADlib; MXNet 
(incubating); NiFi; NLPCraft (incubating); OpenNLP; Ozone; PLC4X; POI; Pulsar; 
Search; Sedona (incubating); SIS; SkyWalking; Sling; Solr; Spark; Storm; 
Streampipes (incubating); Teaclave (incubating); Thrift; Tika; Tomcat; Traffic 
Control; Traffic Server; Wayang (incubating); YuniKorn (incubating); Zookeeper; 
and more.

Keynote presentations will be delivered by Ashley Wolf, head of GitHub’s Open 
Source Program Office; Mark Cox, ASF Vice President Security, and Distinguished 
Software Engineer at Red Hat’s Open Source Program Office; Dr. Alison Parker, 
Senior Program Associate in the Science and Technology Innovation Program at 
the Wilson Center; and Michael Weinberg, Executive Director of the Engelberg 
Center on Innovation Law & Policy at NYU Law and the Board President of the 
Open Source Hardware Association.

The full program is available at https://www.apachecon.com/acah2021/tracks/

ApacheCon@Home sponsors include Strategic Sponsor Google; Platinum Sponsors 
Apple, Huawei, Instaclustr, and Tencent Cloud; Gold Sponsors AWS, Baidu, 
Cerner, Didi Chuxing, Dremio, Fiter, Red Hat, and Replicated; Silver Sponsors 
Imply, Securonix, and SphereEx; and Bronze Sponsor Technical Arts & 
Engineering. AWS, Huawei, Didi Chuxing, Tencent, Baidu, and SphereEx were also 
Sponsors of ApacheCon Asia.

To sponsor ApacheCon@Home, visit 
https://www.apachecon.com/acah2021/2021_ApacheCon_prospectus.pdf

Register today at https://www.apachecon.com/acah2021/register.html .

About ApacheCon
ApacheCon is the official global conference series of The Apache Software 
Foundation. Since 1998 ApacheCon has been drawing participants at all levels to 
explore "Tomorrow's Technology Today" across 350+ Apache projects and their 
diverse communities. In 2020 and 2021 ApacheCon events showcase ubiquitous 
Apache projects and emerging innovations virtually through sessions, keynotes, 
real-world case studies, community events, and more, all online and free of 
charge. For more information, visit http://apachecon.com/ and 
https://twitter.com/ApacheCon .

About The Apache 

The Apache Software Foundation Announces Apache® Pinot™ as a Top-Level Project

2021-08-02 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/ft8p6 ]

Open Source distributed real-time Big Data analytics infrastructure in use at 
Amazon-Eero, Doordash, Factual/FourSquare, LinkedIn, Stripe, Uber, Walmart, 
Weibo, and WePay, among others.

Wilmington, DE —2 August 2021— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® Pinot™ as a Top-Level Project 
(TLP).

Apache Pinot is a distributed Big Data analytics infrastructure created to 
deliver scalable real-time analytics at high throughput with low latency. The 
project was first created at LinkedIn in 2013, open-sourced in 2015, and 
entered the Apache Incubator in October 2018.

"We are pleased to successfully adopt 'the Apache Way' and graduate from the 
Apache Incubator," said Kishore Gopalakrishna, Vice President and original 
co-creator of Apache Pinot. "Pinot initially pushed the boundaries of real-time 
analytics by delivering insights to millions of Linkedin users. Today, as an 
Apache Top-Level Project, Pinot is in the hands of developers across the globe 
who are building it to power several user-facing  analytical applications and 
unlock the value of data within their organizations."

Scalable to trillions of records, Apache Pinot’s online analytical processing 
(OLAP) ingests both online and offline data sources from Apache Kafka, Apache 
Spark, Apache Hadoop HDFS, flat files, and Cloud storages in real time. Pinot 
is able to ingest millions of events and serve thousands of queries per second, 
and provide unified analytics in a distributed, fault-tolerant fashion. 
Features include:

Speed —answers OLAP queries with low latency on real-time data

Pluggable indexing —Sorted, Inverted, Text Index, Geospatial Index, JSON Index, 
Range Index, Bloom filters

Smart Materialized Views - Fast Aggregations via star-tree index

Supports different stream systems with near real-time ingestion —with Apache 
Kafka, Confluent Kafka, and Amazon Kinesis, as well as customizable input 
format, with out-of the box support for Avro and JSON formats

Highly available, horizontally scalable, and fault tolerant

Supports lookup joins natively and full joins using PrestoDB/Trino

Apache Pinot is used to power internal and external analytics at Adbeat, 
Amazon-Eero, Cloud Kitchens, Confluera, Doordash, Factual/FourSquare, Guitar 
Center, LinkedIn, Publicis Sapient, Razorpay, Scale Unlimited, Startree, 
Stripe, Traceable, Uber, Walmart, Weibo, WePay, and more.

Examples of how Apache Pinot helps organizations across numerous verticals 
include: 1) a fintech company uses Pinot to achieve financial data visibility 
across 500+ terabytes of data and sustain half million queries per second with 
financial transactions; 2) a food delivery service leveraged Pinot in the midst 
of the COVID-19 pandemic to analyze real-time data to provide a 
socially-distanced pick-up experience for its riders and restaurants; and 3) a 
large retail chain with geographically distributed franchises and stores uses 
Pinot for revenue-generating opportunities by analyzing real-time data for 
internal use cases, as well as real-time cart analysis to increase sales.

"We rely on Apache Pinot for all our real-time analytics needs at LinkedIn," 
said Kapil Surlaker, Vice President of Engineering at LinkedIn. "It's 
battle-tested at LinkedIn scale for hundreds of our low-latency analytics 
applications. We believe Apache Pinot is the best tool out there to build 
site-facing analytics applications and we will continue to contribute heavily 
and collaborate with the Apache Pinot community. We are very happy to see that 
it's now a Top-level Apache project."

"We use Apache Pinot in our real-time analytics platform to power external 
user-facing applications and critical operational dashboards," said Ujwala 
Tulshigiri, Engineering Manager at Uber. "With Pinot's multi-tenancy support 
and horizontal scalability, we have scaled to hundreds of use cases that run 
complex aggregations queries on terabytes of data at millisecond latencies, 
with the minimal overhead of cluster management."

"We've been using Apache Pinot since last year, and it's been a huge win for 
our client’s dashboard project," said Ken Krugler, President of Scale 
Unlimited. "Pinot's ability to rapidly generate aggregation results over 
billions of records, with modest hardware requirements, was critical for the 
success of the project. We've also been able to provide patches to add 
functionality and fix issues, which the Pinot community has quickly integrated 
and released. There was never any doubt in our minds that Pinot would graduate 
from the Apache incubator and become a successful top-level project."

"Last year, we started without analytics built into our product," said Pradeep 
Gopanapalli, technical staff member at Confluera. "By the end of the year, we 
were using Apache Pinot 

Apache Month in Review: July 2021

2021-08-01 Thread Sally Khudairi
[this post is available online at https://s.apache.org/July2021 ]

Welcome to the latest monthly overview of events from the Apache community. 
Here's a summary of what happened in July (video highlights available at 
https://youtu.be/KIYB1g6SKhg ):

New this month --

 - The Apache Cassandra Project Releases Apache Cassandra v4.0, the Fastest, 
Most Scalable and Secure Cassandra Yet https://s.apache.org/d30v9

 - Apache Attic --provides process and solutions when an Apache project has 
reached its end of life
  -- Apache Sqoop is now retired https://s.apache.org/0e51t

 - Apache Month in Review: June 2021 https://s.apache.org/June2021 + Video 
highlights https://youtu.be/yIE8SSHw2iw 


Important Dates --

 - Next Board Meeting: 18 August 2021. Board calendar and minutes 
http://apache.org/foundation/board/calendar.html

 - ApacheCon™ --the ASF's official global conference series, bringing 
Tomorrow's Technology Today since 1998-- will be held twice in 2021:
   --ApacheCon Asia - 6-8 August and ApacheCon@Home - 21-23 September
  The Apache® Software Foundation Welcomes its Global Community Online at 
ApacheCon Asia 2021 https://s.apache.org/ACAsia2021
  Program, Registration, and Sponsorship available for both events 
https://www.apachecon.com/


Infrastructure --

Our seven-member Infrastructure team on three continents oversees our 
highly-reliable, distributed network under the leadership of VP Infrastructure 
David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure 
supports 300+ Apache projects and their communities across ~200 individual 
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per 
month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly 
checks to ensure services are available around the clock. The average uptime in 
July was 99.88%. http://www.apache.org/uptime/


Committer Activity --
In July, 789 Apache Committers changed 13,194,378 lines of code over 17,560 
commits. The Committers with the top 5 highest contributions, in order, were: 
Bertrand Delacrétaz, Andrea Cosentino, Gary Gregory, Mark Thomas, and Xiang 
Xiao.  


Project Releases and Updates --

New releases from Apache Ant (Build Management); Arrow (Big Data); APISIX 
(APIs); Beam (Big Data); Camel (Integration); Cassandra (Databases); CloudStack 
(Cloud Computing); Commons (Libraries); Curator (Messaging); Directory 
(Identity Management); Druid (Big Data); Fortress (Identity Management); Geode 
(Databases); HBase (Big Data); Impala (Databases); Jackrabbit (Content); James 
(Mail); Jena (Libraries); MINA (Network Client/Server); NiFi (Big Data); 
OpenMeetings (Web Conferencing); Qpid (Messaging); ShardingSphere (Big Data); 
SkyWalking (Observability); Streampipes (incubating; IoT); Tika (Content); 
Tomcat (Servers); Tuweni (incubating; Blockchain); UIMA (Content); Unomi (Data 
Management); Wicket (Web Frameworks); XML Beans (Big Data)

The Apache Incubator is the primary entry path for projects wishing to become 
an official part of the ASF. No new projects entered the Apache Incubator in 
July. More than three dozen projects are currently undergoing development in 
the Apache Incubator http://incubator.apache.org/ .

# # #

To see our Weekly News Round-ups (published every Friday), visit 
https://blogs.apache.org/foundation/ and click on the calendar or hop directly 
to https://blogs.apache.org/foundation/category/Newsletter . For real-time 
updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your 
support!

= = =
NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


The Apache Cassandra Project Releases Apache® Cassandra™ v4.0, the Fastest, Most Scalable and Secure Cassandra Yet

2021-07-27 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/d30v9 ]

Open Source enterprise-grade Big Data distributed database powers 
mission-critical deployments with improved performance and unparalleled levels 
of scale in the Cloud

Wilmington, DE —27 July 2021— The Apache Cassandra Project released today v4.0 
of Apache® Cassandra™, the Open Source, highly performant, distributed Big Data 
database management platform.

"A long time coming, Cassandra 4.0 is the most thoroughly tested Cassandra 
yet," said Nate McCall, Vice President of Apache Cassandra. "The latest version 
is faster, more scalable, and bolstered with enterprise security features, 
ready-for-production with unprecedented scale in the Cloud."

As a NoSQL database, Apache Cassandra handles massive amounts of data across 
load-intensive applications with high availability and no single point of 
failure. Cassandra’s largest production deployments include Apple (more than 
160,000 instances storing over 100 petabytes of data across 1,000+ clusters), 
Huawei (more than 30,000 instances across 300+ clusters), and Netflix (more 
than 10,000 instances storing 6 petabytes across 100+ clusters, with over 1 
trillion requests per day), among many others. Cassandra originated at Facebook 
in 2008, entered the Apache Incubator in January 2009, and graduated as an 
Apache Top-Level Project in February 2010.

Apache Cassandra v4.0
Cassandra v4.0 effortlessly handles unstructured data, with thousands of writes 
per second. Three years in the making, v4.0 reflects more than 1,000 bug fixes, 
improvements, and new features that include:

 - Increased speed and scalability – streams data up to 5 times faster during 
scaling operations, and up to 25% faster throughput on reads and writes, that 
delivers a more elastic architecture, particularly in Cloud and Kubernetes 
deployments.

 - Improved consistency – keeps data replicas in sync to optimize incremental 
repair for faster, more efficient operation and consistency across data 
replicas.

 - Enhanced security and observability – audit logging tracks users access and 
activity with minimal impact to workload performance. New capture and replay 
enables analysis of production workloads to help ensure regulatory and security 
compliance with SOX, PCI, GDPR, or other requirements.

 - New configuration settings – exposed system metrics and configuration 
settings provides flexibility for operators to ensure they have easy access to 
data that optimize deployments.

 - Minimized latency – garbage collector pause times are reduced to a few 
milliseconds with no latency degradation as heap sizes increase.

 - Better compression – improved compression efficiency eases unnecessary 
strain on disk space and improves read performance.

Cassandra 4.0 is community-hardened and tested by Amazon, Apple, DataStax, 
Instaclustr, iland, Netflix, and others that routinely run clusters as large as 
1,000 nodes and with hundreds of real-world use cases and schemas. 

The Apache Cassandra community deployed several testing and quality assurance 
(QA) projects and methodologies to deploy the most stable release yet. During 
the testing and QA period, the community generated reproducible workloads that 
are as close to real-life as possible, while effectively verifying the cluster 
state against the model without pausing the workload itself.

"In our experience, nothing beats Apache Cassandra for write scaling, and we're 
looking forward to the performance and management improvements in the 4.0 
release," said Elliott Sims, Senior Systems Administrator at Backblaze. "We 
rely on Cassandra to manage over one exabyte of customer data and serve over 50 
billion files for our customers across 175 countries so optimizing Cassandra's 
capabilities and performance means a lot to us."

"Since 2016, software engineers at Bloomberg have turned to Apache Cassandra 
because it’s easy to use, easy to scale, and always available," said Isaac 
Reath, Software Engineering Team Lead, NoSQL Infrastructure at Bloomberg. 
"Today, Cassandra is used to support a variety of our applications, from 
low-latency storage of intraday financial market data to high-throughput 
storage for fixed income index publication. We serve up more than 20 billion 
requests per day on a nearly 1 PB dataset across a fleet of 1,700+ Cassandra 
nodes."

"Netflix uses Apache Cassandra heavily to satisfy its ever-growing persistence 
needs on its mission to entertain the world. We have been experimenting and 
partially using the 4.0 beta in our environments and its features like Audit 
Logging and backpressure," said Vinay Chella, Netflix Engineering Manager and 
Apache Cassandra Committer. "Apache Cassandra 4.0's improved performance helps 
us reduce infrastructure costs. 4.0's stability and correctness allow us to 
focus on building higher-level abstractions on top of data store compositions, 
which results in increased developer velocity and optimized data 

Re: The Apache® Software Foundation Welcomes its Global Community Online at ApacheCon(TM) Asia 2021

2021-07-19 Thread Sally Khudairi
Hello everyone --we're ramping up for ApacheCon Asia! 

Learn more about the event from Sheng Wu and Willem Jiang at 
https://youtube.com/watch?v=hfRCrpnbDhc 

Join us online 6-8 August --hundreds of sessions over a dozen tracks-- 
registration is free for all! 

Sign up today at https://www.apachecon.com/acasia2021/


On Wed, Jun 9, 2021, at 12:01, Sally Khudairi wrote:
> [this announcement is available online at https://s.apache.org/ACAsia2021 ]
> 
> Asia edition of the official Apache global conference series to be held 
> virtually, with 140+ sessions, and keynote and plenary sessions by 
> luminaries from AliCloud, API7, DiDi Chuxing, Huawei, Kyligence, 
> PingCAP, Tencent Cloud, Tsinghua University, and more. 
> 
> Wilmington, DE —9 June 2021— The Apache® Software Foundation (ASF), the 
> all-volunteer developers, stewards, and incubators of more than 350 
> Open Source projects and initiatives, announced keynotes, sponsors, and 
> program for ApacheCon(TM) Asia, taking place online 6-8 August 2021. 
> Registration is open and free for all attendees.
> 
> "We’re excited to hold ApacheCon Asia online following last year’s 
> highly successful ApacheCon@Home," said Sheng Wu, ApacheCon Asia 
> co-Chair and member of the ASF Board of Directors. "The pandemic 
> mobilized the global Apache community to collectively produce a 
> first-rate online event, supported by an outstanding group of sponsors. 
> We are proud to build on ApacheCon’s new virtual format and bring the 
> ApacheCon Asia program to participants joining us from any location."
> 
> ApacheCon is the ASF's official global conference series, first held in 
> 1998. ApacheCon draws attendees from more than 130 countries to 
> experience "Tomorrow's Technology Today" independent of business 
> interests, corporate biases, or sales pitches.
> 
> ApacheCon showcases the latest breakthroughs from dozens of Apache 
> projects, with content selected entirely by Apache projects and their 
> communities. ApacheCon Asia joins ApacheCon@Home, taking place online 
> 21-23 September, to meet the educational demands of the growing Apache 
> community of developers, users, and enthusiasts worldwide.
> 
> "Tune in to ApacheCon Asia's 140+ sessions to learn the latest 
> developments, best practices, and lessons learned with Apache projects, 
> incubating podlings, and community-led development 'The Apache Way',” 
> said Willem Jiang, ApacheCon Asia co-Chair and initiator of Apache 
> Local Community Beijing. "Participants can also connect and network 
> virtually with attendees, speakers, and sponsors in real-time, as well 
> as revisit presentations and explore additional tracks after the event."
> 
> Participants at all levels will learn about Apache project innovations 
> in categories that include: APIs and Microservices; Big Data; 
> Community; Culture; Data Visualization; Incubator; Integration; IoT and 
> IIoT; Messaging; Middleware; Observability; Streaming; Servers; 
> Workflow and Data Governance. 
> 
> Featured Apache projects include Airflow, APISIX, Arrow, Atlas, Bigtop, 
> BookKeeper, brpc (incubating), Camel, CarbonData, Cassandra, Commons, 
> DolphinScheduler, Doris (incubating), Druid, Dubbo, ECharts, Flink, 
> Hadoop, HBase, Hive, HUDI, Ignite, Impala, InLong (incubating), IoTDB, 
> Kafka, Kudu, Kylin, Liminal (incubating), MXNet (incubating), Nemo 
> (incubating), Ozone, Pegasus (incubating), Pinot (incubating), PLC4X, 
> Pulsar, RocketMQ, ServiceComb, ShardingSphere, SkyWalking, Sling, 
> Spark, StreamPipes (incubating), Superset, Teaclave (incubating), 
> Tomcat, YuniKorn (Incubating), and more.
> 
> Keynote presentations will be delivered by Dongxu Huang, CTO of 
> PingCAP; Jianmin Wang, Dean, School of Software at Tsinghua University; 
> Sharan Foga, ASF Board Member; and Sheng Wu, ASF Board Member. Plenary 
> sessions will be presented by AliCloud, API7, DiDi Chuxing, Huawei, 
> Kyligence, and Tencent Cloud.
> 
> The full program is available at https://apachecon.com/acasia2021/tracks.html
> 
> ApacheCon Asia sponsors include Strategic Sponsor Huawei; Platinum 
> Sponsors AliCloud, API7, DiDi Chuxing, Kyligence, and Tencent Cloud; 
> and Gold Sponsor Baidu. Huawei, Tencent, DiDi and Baidu are also 
> Sponsors of ApacheCon@Home at the above levels.
> 
> To sponsor ApacheCon Asia and/or ApacheCon@Home, visit 
> https://www.apachecon.com/acah2021/2021_ApacheCon_prospectus.pdf
> 
> Register today at https://apachecon.com/acasia2021/register.html .
> 
> About ApacheCon
> ApacheCon is the official global conference series of The Apache 
> Software Foundation. Since 1998 ApacheCon has been drawing participants 
> at all levels to explore "Tomorrow's Technology

The Apache News Round-up: week ending 2 July 2021

2021-07-02 Thread Sally Khudairi
[this newsletter is available online at https://s.apache.org/wynzf ]

Hello, July --we're midway through the year already. It's been another great 
week; let's see what the Apache community has been up to:

Apache Month in Review – a round-up of our Round-ups and other newsworthy bits 
over the past month.
 - June Month in Review https://s.apache.org/June2021 --video highlights at 
https://youtu.be/yIE8SSHw2iw

ASF Board – management and oversight of the business affairs of the corporation 
in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 July 2021. Board calendar and minutes 
https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's 
Technology Today since 1998. Two events are being held in 2021:
 - ApacheCon@Home (21-23 September) - program and registration are live 
https://www.apachecon.com/acah2021/
 - ApacheCon Asia (6-8 August) - program, registration, keynotes, and sponsors 
announced https://s.apache.org/ACAsia2021
 - Sponsorship opportunities available for both events 
https://www.apachecon.com/acah2021/2021_ApacheCon_prospectus.pdf

ASF Infrastructure – our distributed team on three continents keeps the ASF's 
infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.99%. Performance checks across 50 
different service components spread over more than 250 machines in data centers 
around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 349 Apache Committers changed 
3,463,699 lines of code over 4,141 commits. Top 5 contributors, in order, are: 
Jean-Baptiste Onofré, Xiaoxiang Yu, Penghui Li, Andrea Cosentino, and Tellier 
Benoit.

Apache Project Announcements – the latest updates by category.

Apache Attic --provides process and solutions when an Apache project has 
reached its end of life. http://attic.apache.org/
- Apache MetaModel is now retired https://s.apache.org/69b1q

Big Data --
 - Apache Druid CVE-2021-26920: The HTTP inputSource allows authenticated users 
to read data from other sources than intended https://s.apache.org/e5oai

Databases --
 - Apache Geode 1.13.3 and 1.12.3 released http://geode.apache.org/

Integration --
 - Apache Camel 3.11.0 released https://camel.apache.org/


Did You Know?

- Did you know that the following Apache projects are celebrating anniversaries 
this week? Many happy returns to Apache Tcl (21 years), DB (19 years); STeVe (9 
years); JSPWiki (8 years); Celix and Tez (7 years); NiFi (6 years); Kudu (5 
years); Fluo, MADlib, and Streams (4 years); OpenWhisk (2 years); APISIX (1 
year) https://projects.apache.org/committees.html?date

- Did you know that Airflow Summit kicks off 8-16 July? 
https://airflow.apache.org/

- Did you know that FlinkForward Global will be held virtually 26-27 October? 
https://flink.apache.org/


Apache Community Notices

- The Apache Month in Review: June 2021 https://s.apache.org/June2021 and video 
highlights https://youtu.be/yIE8SSHw2iw

- The Apache® Software Foundation Celebrates 22 Years of Open Source Leadership 
– world’s largest Open Source foundation advances community-led innovation "The 
Apache Way" https://s.apache.org/22ndAnniversay

- The Apache Software Foundation Operations Summary: Q3 FY2021 (November 2020 - 
January 2021) https://s.apache.org/Q3FY2021 + Video highlights 
https://youtu.be/S6FWqAuA_8M

- Apache in 2020 - By The Digits https://s.apache.org/Apache2020Digits + Video 
highlights https://s.apache.org/Apache2020Digits-vid

- ASF Security Report 2020 https://s.apache.org/SecurityReport2020 + Video 
highlights https://youtu.be/Z7yudar_da0

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature 
https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" 
https://s.apache.org/ApacheEverywhere 3) "Why Apache" 
https://s.apache.org/ASF-Trillions 4) “Apache Innovation” 
https://s.apache.org/ApacheInnovation 

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements 
http://www.apache.org/foundation/reports.html

 - All presentations from ApacheCon@Home are available at 
https://www.youtube.com/c/TheApacheFoundation/ 

 - "Success at Apache" focuses on the people and processes behind why the ASF 
"just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF 
infrastructure team --meet 
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
  ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III 
https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II 
https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I 

Apache Month in Review: June 2021

2021-07-01 Thread Sally Khudairi
[this post is available online at https://s.apache.org/June2021 ]

Welcome to the latest monthly overview of events from the Apache community. 
Here's a summary of what happened in June (video highlights available at 
https://youtu.be/yIE8SSHw2iw ):

New this month --

 - Success at Apache – the blog series that focuses on the people and processes 
behind why the ASF "just works".
   Security in Practice by Jarek Potiuk https://s.apache.org/1upl4

 - Apache Attic --provides process and solutions when an Apache project has 
reached its end of life http://attic.apache.org/
   Apache MetaModel is now retired https://s.apache.org/69b1q

 - Apache Month in Review: May 2021 https://s.apache.org/May2021 + Video 
highlights https://youtu.be/ByiPjxGu_Tg


Important Dates --

 - Next Board Meeting: 21 July 2021. Board calendar and minutes 
http://apache.org/foundation/board/calendar.html

 - ApacheCon™ --the ASF's official global conference series, bringing 
Tomorrow's Technology Today since 1998-- will be held twice in 2021:
   --ApacheCon Asia - 6-8 August
   --ApacheCon@Home - 21-23 September
  Program, Registration, and Sponsorship available for both events 
https://www.apachecon.com/
  The Apache® Software Foundation Welcomes its Global Community Online at 
ApacheCon Asia 2021 https://s.apache.org/ACAsia2021


Infrastructure --

Our seven-member Infrastructure team on three continents oversees our 
highly-reliable, distributed network under the leadership of VP Infrastructure 
David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure 
supports 300+ Apache projects and their communities across ~200 individual 
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per 
month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly 
checks to ensure services are available around the clock. The average uptime in 
May was 99.71%. http://www.apache.org/uptime/


Committer Activity --
In June, 703 Apache Committers changed 14,997,996 lines of code over 12,720 
commits. The Committers with the top 5 highest contributions, in order, were: 
Mark Thomas, Andrea Cosentino, Daniel Haywood, Andi Huber, and Benoit Tellier.  


Project Releases and Updates --

New releases from Apache Airflow (Workflow); Arrow (Big Data); Calcite (Big 
Data); Camel (Integration); Commons (Libraries); CXF (Libraries); Drill (Big 
Data); Druid (Big Data); Flink (Big Data); HTTP Server (Servers); IoTDB (IoT); 
Jackrabbit (Content); Kudu (Big Data); Logging Chainsaw (Libraries); Lucene 
(Search); MyFaces (Web Frameworks); NetBeans (IDE); NLPCraft (Natural Language 
Processing); PDFBox (Content); Pulsar (Messaging); Qpid (Messaging); 
ShardingSphere (Big Data); SkyWalking (Observability); Solr (Search); Tika 
(Content); Tomcat (Servers)

The Apache Incubator is the primary entry path for projects wishing to become 
an official part of the ASF. New to the Apache Incubator in June is Kyuubi, a 
distributed multi-tenant Thrift JDBC/ODBC server for Big Data management, 
processing, and analytics. We invite you to review the many projects currently 
in development in the Apache Incubator, including recent additions in the 
advertising, Big Data, geospatial, machine learning, messaging, natural 
language understanding, orchestration, and scheduling categories 
http://incubator.apache.org/ .

# # #

To see our Weekly News Round-ups (published every Friday), visit 
https://blogs.apache.org/foundation/ and click on the calendar or hop directly 
to https://blogs.apache.org/foundation/category/Newsletter . For real-time 
updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your 
support!

= = =

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


Success at Apache: Security in Practice

2021-06-23 Thread Sally Khudairi
[this post is available online at https://s.apache.org/1upl4 ]

by Jarek Potiuk

This post is about the Apache Software Foundation's Security process and 
security mindset of the Apache Software project’s PMC put to the best use in 
practice. From this post you can learn why security practices we apply at our 
projects are important and how they work when they are applied correctly and 
when the right security-driven mindset is applied by the PMCs but also how 
important it is for the users of the Apache Software Foundation projects to 
keep their software updated - including latest security fixes.

The idea of this article was triggered by a recent blog post of the security 
researcher Ian Caroll that has earned USD 13.000 on bug bounties by simply 
following up the results of Apache Security process applied by the Apache 
Airflow PMC. This saved quite a few businesses a lot of trouble, but it was 
only possible due to the foundations laid down by the ASF and the PMC of the 
project.

Here is what Ian Caroll has to say about it: "This issue was a great example of 
how ASF's transparent way of fixing and disclosing vulnerabilities worked to 
protect users of their software, and gave many organizations a wake-up call on 
ensuring they upgrade and protect their open-source software."

Apache Airflow is one of the most common orchestration software used in the 
industry currently, and due to its nature, it sounds like an important vector 
of attack - if you run it internally in your company, you are likely to 
interact with pretty much all your systems, and if you manage to break in 
through Airflow, it might cascade into as many systems you connect to. 
Therefore the Apache Airflow PMC takes security very seriously. So seriously 
that we have the whole discussion panel about Apache Airflow Security at the 
Airflow Summit that is coming soon - July 8-16th.

This post's main point is to show how important it is to follow the security 
best practices for all the software lifecycle and how important it is to think 
about it at every step of building and releasing the software (and beyond).

Let's start from the very beginning: making sure the code development process 
is secure. Like most of the ASF projects, the Apache Airflow project is 
developed in GitHub and together with a growing number of projects we use 
GitHub Actions to run continuous integration. There are a number of best 
practices and security hardening practices published by Github that you should 
follow when you run your CI with GitHub Actions, and we rigorously follow them, 
including monitoring of the "Security blog of GitHub" and following its 
advisories.

And we have not stopped there. We actively think and discuss the potential 
security threats and ways how - for example supply chain attacks can be 
performed on our project, and we share our findings at the discussion mailing 
lists of the ASF and introducing recommendations for all ASF projects to make 
use of the best practices. One of the results there is documenting the 
practices and sharing them at the bui...@apache.org. But we also raised a few 
security issues to GitHub and as a result of that (at least that's the feedback 
we got from GitHub) they implemented some improvements that we apply in 
practice. The recent example of that is a change implemented by GitHub to allow 
control of permissions of the GitHub Token used during the CI build which 
resulted in this PR. Few months ago, we raised concern that having the blanket 
"write" permission is quite dangerous, and GitHub responded and implemented the 
change, which allowed us to limit the scope of tokens used for our builds and 
increase protection against a wide range of attacks - with the supply-chain 
attacks being recently the most prominent ones, leading to ransomware threats 
and millions of dollars paid to hackers. 

This is where the security mindset for the Apache Airflow PMC starts with and 
this lays the foundation for the next steps where the Apache Software 
Foundation takes a crucial role in - releasing the software and monitoring for 
security vulnerabilities. The ASF has a rather well established process for 
disclosing and following up with security vulnerabilities for the ASF projects. 
One that is very straightforward and simple to follow for everyone involved - 
starting from security researchers, who raise those issues, going through the 
voluntary (!) security team of the ASF that has to handle (from the upcoming 
annual report) 387 reports of possible vulnerabilities spanned across 95 of the 
top level ASF projects, which led to 155 CVEs (Common Vulnerabilities and 
Exposures) assigned, and end up with the PMC that has to handle solving the 
issues and follow up with reporting. Heck, ASF even introduced an internal 
portal to report and keep track of all the CVEs as well as report the yearly 
security summary report and video.

This process is very clear about responsible disclosure and publishing the 

The Apache® Software Foundation Welcomes its Global Community Online at ApacheCon(TM) Asia 2021

2021-06-09 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/ACAsia2021 ]

Asia edition of the official Apache global conference series to be held 
virtually, with 140+ sessions, and keynote and plenary sessions by luminaries 
from AliCloud, API7, DiDi Chuxing, Huawei, Kyligence, PingCAP, Tencent Cloud, 
Tsinghua University, and more. 

Wilmington, DE —9 June 2021— The Apache® Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced keynotes, sponsors, and program for 
ApacheCon(TM) Asia, taking place online 6-8 August 2021. Registration is open 
and free for all attendees.

"We’re excited to hold ApacheCon Asia online following last year’s highly 
successful ApacheCon@Home," said Sheng Wu, ApacheCon Asia co-Chair and member 
of the ASF Board of Directors. "The pandemic mobilized the global Apache 
community to collectively produce a first-rate online event, supported by an 
outstanding group of sponsors. We are proud to build on ApacheCon’s new virtual 
format and bring the ApacheCon Asia program to participants joining us from any 
location."

ApacheCon is the ASF's official global conference series, first held in 1998. 
ApacheCon draws attendees from more than 130 countries to experience 
"Tomorrow's Technology Today" independent of business interests, corporate 
biases, or sales pitches.

ApacheCon showcases the latest breakthroughs from dozens of Apache projects, 
with content selected entirely by Apache projects and their communities. 
ApacheCon Asia joins ApacheCon@Home, taking place online 21-23 September, to 
meet the educational demands of the growing Apache community of developers, 
users, and enthusiasts worldwide.

"Tune in to ApacheCon Asia's 140+ sessions to learn the latest developments, 
best practices, and lessons learned with Apache projects, incubating podlings, 
and community-led development 'The Apache Way',” said Willem Jiang, ApacheCon 
Asia co-Chair and initiator of Apache Local Community Beijing. "Participants 
can also connect and network virtually with attendees, speakers, and sponsors 
in real-time, as well as revisit presentations and explore additional tracks 
after the event."

Participants at all levels will learn about Apache project innovations in 
categories that include: APIs and Microservices; Big Data; Community; Culture; 
Data Visualization; Incubator; Integration; IoT and IIoT; Messaging; 
Middleware; Observability; Streaming; Servers; Workflow and Data Governance. 

Featured Apache projects include Airflow, APISIX, Arrow, Atlas, Bigtop, 
BookKeeper, brpc (incubating), Camel, CarbonData, Cassandra, Commons, 
DolphinScheduler, Doris (incubating), Druid, Dubbo, ECharts, Flink, Hadoop, 
HBase, Hive, HUDI, Ignite, Impala, InLong (incubating), IoTDB, Kafka, Kudu, 
Kylin, Liminal (incubating), MXNet (incubating), Nemo (incubating), Ozone, 
Pegasus (incubating), Pinot (incubating), PLC4X, Pulsar, RocketMQ, ServiceComb, 
ShardingSphere, SkyWalking, Sling, Spark, StreamPipes (incubating), Superset, 
Teaclave (incubating), Tomcat, YuniKorn (Incubating), and more.

Keynote presentations will be delivered by Dongxu Huang, CTO of PingCAP; 
Jianmin Wang, Dean, School of Software at Tsinghua University; Sharan Foga, ASF 
Board Member; and Sheng Wu, ASF Board Member. Plenary sessions will be 
presented by AliCloud, API7, DiDi Chuxing, Huawei, Kyligence, and Tencent Cloud.

The full program is available at https://apachecon.com/acasia2021/tracks.html

ApacheCon Asia sponsors include Strategic Sponsor Huawei; Platinum Sponsors 
AliCloud, API7, DiDi Chuxing, Kyligence, and Tencent Cloud; and Gold Sponsor 
Baidu. Huawei, Tencent, DiDi and Baidu are also Sponsors of ApacheCon@Home at 
the above levels.

To sponsor ApacheCon Asia and/or ApacheCon@Home, visit 
https://www.apachecon.com/acah2021/2021_ApacheCon_prospectus.pdf

Register today at https://apachecon.com/acasia2021/register.html .

About ApacheCon
ApacheCon is the official global conference series of The Apache Software 
Foundation. Since 1998 ApacheCon has been drawing participants at all levels to 
explore "Tomorrow's Technology Today" across 350+ Apache projects and their 
diverse communities. In 2020 and 2021 ApacheCon events showcase ubiquitous 
Apache projects and emerging innovations virtually through sessions, keynotes, 
real-world case studies, community events, and more, all online and free of 
charge. For more information, visit http://apachecon.com/ and 
https://twitter.com/ApacheCon .

About The Apache Software Foundation (ASF)
Established in 1999, The Apache Software Foundation is the world’s largest Open 
Source foundation, stewarding 227M+ lines of code and providing more than $20B+ 
worth of software to the public at 100% no cost. The ASF’s all-volunteer 
community grew from 21 original founders overseeing the Apache HTTP Server to 
850+ individual Members and 200 Project Management Committees who successfully 
lead 

Apache Month in Review: May 2021

2021-06-01 Thread Sally Khudairi
[this post is available online at https://s.apache.org/May2021 ]

Welcome to the latest monthly overview of events from the Apache community. 
Here's a summary of what happened in May (video highlights available at 
https://youtu.be/ByiPjxGu_Tg ):

New this month --
 - The Apache Attic provides process and solutions when an Apache project has 
reached its end of life. Apache Trafodion has retired https://s.apache.org/57y49

 - Apache Month in Review: April 2021 https://s.apache.org/Apr2021 + Video 
highlights https://youtu.be/EOA1L1PjCYg


Important Dates --

 - Next Board Meeting: 16 June 2021. Board calendar and minutes 
http://apache.org/foundation/board/calendar.html

 - ApacheCon™ --the ASF's official global conference series, bringing 
Tomorrow's Technology Today since 1998-- will be held twice in 2021:
   --ApacheCon Asia - 6-8 August
   --ApacheCon@Home - 21-23 September
  Registration and sponsorship opportunities for both events available at 
https://www.apachecon.com/


Infrastructure --

Our seven-member Infrastructure team on three continents oversees our 
highly-reliable, distributed network under the leadership of VP Infrastructure 
David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure 
supports 300+ Apache projects and their communities across ~200 individual 
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per 
month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly 
checks to ensure services are available around the clock. The average uptime in 
May was 99.95%. http://www.apache.org/uptime/


Committer Activity --
In May, 699 Apache Committers changed 6,744,402 lines of code over 13,427 
commits. The Committers with the top 5 highest contributions, in order, were: 
Jean-Baptiste Onofré, Andrea Cosentino, Mark Thomas, Albumen Kevin, and Daniel 
Haywood.  


Project Releases and Updates --

New releases from Apache ActiveMQ (Messaging); Airflow (Big Data); Allura 
(Content); APISIX (API); Calcite (Big Data); Camel (Integration); Daffodil 
(Libraries); Fineract (FinTech); Flink (Big Data); HttpComponents (Servers); 
Jackrabbit (Content); Kafka (Big Data); Karaf (Application Servers/Middleware); 
Log4cxx (Libraries); MyFaces (Web Frameworks); OpenOffice (Content); Pulsar 
(Messaging); Qpid (Messaging); Skywalking (Application Performance Management); 
Tomcat (Servers); UIMA (Content).

The Apache Incubator is the primary entry path for projects wishing to become 
an official part of the ASF. New to the Apache Incubator in May is ShenYu, a 
Microservices API gateway. We invite you to review the many projects currently 
in development in the Apache Incubator, including recent additions in the 
advertising, Big Data, geospatial, machine learning, messaging, natural 
language understanding, orchestration, and scheduling categories 
http://incubator.apache.org/ .

# # #

To see our Weekly News Round-ups (published every Friday), visit 
https://blogs.apache.org/foundation/ and click on the calendar or hop directly 
to https://blogs.apache.org/foundation/category/Newsletter . For real-time 
updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your 
support!

= = =

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


Media Alert: Apache OpenOffice Recommends upgrade to v4.1.10 to mitigate legacy vulnerability

2021-05-04 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/4gj2y ]

Wilmington, DE —4 May 2021— 

Who: Apache OpenOffice, an Open Source office-document productivity suite 
comprising six productivity applications: Writer, Calc, Impress, Draw, Math, 
and Base. The OpenOffice suite is based around the OpenDocument Format (ODF), 
supports 41 languages, and ships for Windows, macOS, Linux 64-bit, and Linux 
32-bit. Apache OpenOffice delivers up to 2.4 Million downloads each month.

What: A recently reported vulnerability states that all versions of OpenOffice 
through 4.1.9 can open non-http(s) hyperlinks, and could lead to untrusted code 
execution. 

The Apache OpenOffice Project has filed a Common Vulnerabilities and Exposures 
report with MITRE Corporation’s national vulnerability reporting system:

> CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes 
> in Hyperlinks
>
> Severity: moderate
>
>Credit: Fabian Bräunlein and Lukas Euler of Positive Security 
>https://positive.security/blog/url-open-rce#open-libreoffice

The complete CVE report is available at 
https://www.openoffice.org/security/cves/CVE-2021-30245.html

How: Applications of the OpenOffice suite handle non-http(s) hyperlinks in an 
insecure way, allowing for 1-click code execution on Windows and Xubuntu 
systems via malicious executable files hosted on Internet-accessible file 
shares.

Why: The mitigation in Apache OpenOffice 4.1.10 assures that a security warning 
is displayed to give users the option of continuing to open the hyperlink. Best 
practice dictates to be careful when opening documents from unknown and 
unverified sources. 

When: The vulnerability predates OpenOffice entering the Apache Incubator. 
During the analysis of this issue, it was discovered that an incorrect bug fix 
was made by the StarOffice/OpenOffice.org developers preparing OpenOffice 2.0 
in 2005, whilst under the auspices of Sun Microsystems. 

Where: Download Apache OpenOffice v4.1.10 at 
https://www.openoffice.org/download/

Apache OpenOffice Highlights

24 October 2020 — 300 million downloads of Apache OpenOffice
14 October 2020 — 20 year anniversary of OpenOffice
18 October 2016 — 200 million downloads of Apache OpenOffice
17 April 2014 — 100 million downloads of Apache OpenOffice
17 October 2012 — OpenOffice graduated as an Apache Top Level Project (TLP)
13 June 2011 — OpenOffice.org entered the Apache Incubator

[downloads are binary installation files]

For more information, visit https://openoffice.apache.org/ and 
https://twitter.com/ApacheOO

About The Apache Software Foundation (ASF)
Established in 1999, The Apache Software Foundation is the world’s largest Open 
Source foundation, stewarding 227M+ lines of code and providing more than $20B+ 
worth of software to the public at 100% no cost. The ASF’s all-volunteer 
community grew from 21 original founders overseeing the Apache HTTP Server to 
850+ individual Members and 200 Project Management Committees who successfully 
lead 350+ Apache projects and initiatives in collaboration with more than 8,100 
Committers through the ASF’s meritocratic process known as "The Apache Way". 
Apache software is integral to nearly every end user computing device, from 
laptops to tablets to mobile devices across enterprises and mission-critical 
applications. Apache projects power most of the Internet, manage exabytes of 
data, execute teraflops of operations, and store billions of objects in 
virtually every industry. The commercially-friendly and permissive Apache 
License v2 is an Open Source industry standard, helping launch billion dollar 
corporations and benefiting countless users worldwide. The ASF is a US 
501(c)(3) not-for-profit charitable organization funded by individual donations 
and corporate sponsors including Aetna, Alibaba Cloud Computing, Amazon Web 
Services, Anonymous, Baidu, Bloomberg, Budget Direct, Capital One, Cloudera, 
Comcast, Confluent, Didi Chuxing, Facebook, Google, Handshake, Huawei, IBM, 
Microsoft, Namebase, Pineapple Fund, Red Hat, Reprise Software, Target, 
Tencent, Union Investment, Verizon Media, and Workday. For more information, 
visit http://apache.org/ and https://twitter.com/TheASF

© The Apache Software Foundation. "Apache", "OpenOffice", "Apache OpenOffice", 
and "ApacheCon" are registered trademarks or trademarks of the Apache Software 
Foundation in the United States and/or other countries. All other brands and 
trademarks are the property of their respective owners.

# # #

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


Apache Month in Review: April 2021

2021-05-01 Thread Sally Khudairi
[this post is available online at https://s.apache.org/Apr2021 ]

Welcome to the latest monthly overview of events from the Apache community. 
Here's a summary of what happened in April (video highlights available at 
https://youtu.be/EOA1L1PjCYg ):

New this month --
 - The Apache Software Foundation Welcomes 40 New Members 
https://s.apache.org/2021NewMembers

 - ApacheCon™ (the ASF's official global conference series, bringing Tomorrow's 
Technology Today since 1998) will be held twice in 2021: ApacheCon Asia (6-8 
August) and ApacheCon@Home (21-23 September). Registration and sponsorship 
opportunities at https://www.apachecon.com/ --CFP closes 3 May!

 - New Sponsor Success at Apache post (the blog series that focuses on the 
people and processes behind why the ASF "just works", featuring insights and 
experiences from the perspective of select ASF Sponsors): "The Fork" by Wei 
Zhou https://s.apache.org/snobd

 - The Apache Software Foundation Announces Apache® DolphinScheduler™ as a 
Top-Level Project https://s.apache.org/yavpt

 - The Apache Attic provides process and solutions when an Apache project has 
reached its end of life. 19 Apache projects --Apex, Aurora, Chukwa, Crunch, 
DRAT, Eagle, Forrest, Hama, Labs, Lens, Marmotta, Metron, Open Climate 
Workbench, PredictionIO, Sentry, Stanbol, Tajo, Twill, and VXQuery-- have 
retired in April http://attic.apache.org/

 - Apache Month in Review: March 2021 https://s.apache.org/Mar2021 + Video 
highlights https://youtu.be/wq2HXN4z9W0


Important Dates --

 - CFP closes for ApacheCon Asia and ApacheCon@Home: 3 May 2021 
https://www.apachecon.com/ 

 - Next Board Meeting: 19 May 2021. Board calendar and minutes 
http://apache.org/foundation/board/calendar.html


Infrastructure --

Our seven-member Infrastructure team on three continents oversees our 
highly-reliable, distributed network under the leadership of VP Infrastructure 
David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure 
supports 300+ Apache projects and their communities across ~200 individual 
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per 
month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly 
checks to ensure services are available around the clock. The average uptime in 
March was 99.95%. http://www.apache.org/uptime/

Committer Activity --
In April, 738 Apache Committers changed 8,108,869 lines of code over 13,898 
commits. The Committers with the top 5 highest contributions, in order, were: 
Andrea Cosentino, Mark Thomas, Shad Storhaug, Sebastian Rühl, and Stephen 
Mallette.  


Project Releases and Updates --

New releases from Apache Ant (Build Management); APISIX (API); Camel 
(Integration); Druid (Big Data); Flagon (Incubating; Libraries); Geode 
(Database); Groovy (Programming Languages); Hop (Incubating; Orchestration); 
Jackrabbit (Content); James (Mail); Kafka (Big Data); Karaf (Application 
Servers/Middleware); Maven (Build Management); MyFaces (Web Frameworks); MyNewt 
(Embedded OS); MXNet (Incubating; Libraries); OFBiz (Enterprise Processes 
Automation / ERP); OpenOffice (Content); Parquet (Big Data); PDFBox (Content); 
Qpid Proton (Messaging); Skywalking (Application Performance Management); Solr 
(Search); SpamAssassin (Mail); Syncope (Identity Management); Tika (Big Data); 
Tomcat (Servers); Traffic Server (Servers); Wicket (Web Frameworks); ZooKeeper 
(Databases).

The Apache Incubator is the primary entry path for projects wishing to become 
an official part of the ASF. We invite you to review the many projects 
currently in development in the Apache Incubator, including recent additions in 
the advertising, Big Data, geospatial, machine learning, messaging, natural 
language understanding, orchestration, and scheduling categories 
http://incubator.apache.org/ .

# # #

To see our Weekly News Round-ups (published every Friday), visit 
https://blogs.apache.org/foundation/ and click on the calendar or hop directly 
to https://blogs.apache.org/foundation/category/Newsletter . For real-time 
updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your 
support!

- - - 

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


Sponsor Success at Apache: The Fork

2021-04-12 Thread Sally Khudairi
[this post is available online at https://s.apache.org/snobd ]

by Wei Zhou

I joined the Apache CloudStack community in 2012 and became a committer in 
2013, eventually becoming a PMC (Project Management Committee) member in 2017. 
My journey to becoming a PMC was both physical and literal, and included 
several forks in the road. The forks presented themselves in all aspects of my 
journey – although the literal forks came later, mainly because my journey 
began in China.

In 2010 I was working at China Mobile, the world's largest mobile network 
operator, in Beijing as the manager of a cloud project based on OpenNebula 
(another Open Source project). A year later, my partner received her PhD in the 
Netherlands and began working in Belgium, so I started looking for new work 
opportunities in the area. 

In 2012 I visited Europe and had a few interviews, but it was difficult at the 
time as my English was quite poor.

I was committed to finding a good job and moving to Europe, which meant I 
needed to improve my English quickly. I studied the language, left China 
Mobile, and moved to Belgium permanently. It took me seven months to became 
fluent in English. I re-interviewed at the companies that had rejected me seven 
months prior and landed a position in Amsterdam at Leaseweb as a Cloud 
Innovation Engineer. At that time, we had two public cloud platforms based on 
Apache CloudStack. I was mainly working on the research of Apache CloudStack.

In the first two months I fixed some bugs we found in our productions. Thanks 
to the CloudStack community, I also received tons of help as I began 
contributing my changes to the mainstream. In 2013 was invited to be a 
committer, 3 months after my first submission. It was a huge surprise and a 
massive honor for me, and I began pushing my changes for new features and bug 
fixes much more quickly.

A year later, in 2014, Leaseweb released its first private cloud based on 
Apache CloudStack. It was very welcomed by many customers. As this was 
happening, we began finding issues with CloudStack as customers were requesting 
more features and functionalities. The same year, Apache CloudStack moved code 
repositories to GitHub.com and started using GitHub pull quests to review and 
merge commits. While all commits should be reviewed and approved by other 
commits before they are merged into the mainstream, we had already made many 
changes at Leaseweb and could not wait for next release. Because of this we 
created our own fork containing all our changes and bug fixes. 

We developed very quickly, and our process was much faster than the 
review/merge process of Apache CloudStack. The gap between our fork and the 
community was getting bigger and bigger. When we decided to upgrade from 
CloudStack 4.2.1 to CloudStack 4.7.1, we had to spend half of a year just to 
port all of our changes in our fork based on CloudStack 4.2.1 to new fork based 
on CloudStack 4.7.1. The same problem happened again when we tried to upgrade 
to CloudStack 4.14, and we had to spend around one year to port all of our 
changes. The lesson we learned from these two upgrades was that we needed to 
contribute more to the community and maintain a fork as small as possible. 
After realizing this, we contributed all of our features and bug fixes to the 
community by creating many GitHub PRs. Some PRs have now already been merged 
into mainstream, while others are still in review.

My colleague recently asked me, “If you could go back in time, would you still 
make the Leaseweb fork?” My answer is yes, I would do it again. A fork makes us 
more flexible, as we can offer more stable production and more functionalities 
to our customers. However, if I could go back in time, I would have spent much 
more time contributing our changes to the community. I’ve learned that the gap 
between the fork and the community should be less than 100 commits.

We learned so much from these two painstakingly long ports and have implemented 
the above advice. From now on, the Leaseweb fork only contains features we have 
developed in the past and bug fixes. For new features, we will always 
contribute to community and deploy to our production only if it is merged into 
the mainstream. By doing this, we will be able to upgrade to the next 
CloudStack release much easier, and will benefit more from the community (e.g., 
more bug fixes, more features by other contributors). When we contribute to the 
community, we also benefit from knowledge sharing and the contributions from 
others.


Wei Zhou has been an Apache committer since 2013 and a PMC member since 2017. 
He has a Masters in Computer Applied Technology from the University of Science 
and Technology of China, and a PHD in Computer Organization and Architecture 
from the Institute of Computing Technology, Chinese Academy of Sciences. Wei 
specializes in all things computers and has over 10 years of experience in 
software development. He is Principal Cloud 

The Apache Software Foundation Welcomes 40 New Members

2021-04-11 Thread Sally Khudairi
[this announcement is available at https://s.apache.org/2021NewMembers ]

The Apache Software Foundation (ASF) welcomes the following new Members who 
were elected during the annual ASF Members' Meeting on 9 and 11 March 2021:

Maxime Beauchemin, Bolke de Bruin, Wei-Chiu Chuang, Jiangjie (Becket), Pablo 
Estrada, Dave Grove, Madhawa Kasun Gunasekara, Nathan Hartman, Tilman Hausherr, 
Georg Henzler, Xiangdong Huang, Nikita Ivanov, Yu Li, Geoff Macartney, Denis A. 
Magda, Carl Marcum, Matteo Merli, Aaron Morton, Aizhamal Nurmamat kyzy, Enrico 
Olivelli, Jaikiran Pai, Juan Pan, Pranay Pandey, Arun Patidar, Jarek Potiuk, 
Rodric Rabbah, Katia Rojas, Maruan Sahyoun, Aditya Sharma, Atri Sharma, Ankit 
Singhal, Michael Adam Sokolov, Simon Steiner, Benoit Tellier, Josh Thompson, 
Abhishek Tiwari, Sven Vogel, William Guo Wei, Ming Wen, Andrew Wetmore, and 
Liang Zhang.

The ASF incorporated in 1999 with a core membership of 21 individuals who 
oversaw the progress of the Apache HTTP Server. This group grew with Committers 
—developers who contributed code, patches, documentation, and other 
contributions, and were subsequently granted access by the Membership:

 -  to "commit" or "write" directly to Apache code repositories as well as make 
non-code contributions;
  - the right to vote on community-related decisions; and
  - the ability to propose an active contributor for Committership.

Those Committers who demonstrate merit in the Foundation's growth, evolution, 
and progress are nominated for ASF Membership by existing Members.

This election brings the total number of ASF Members to 853 today. Individuals 
elected as ASF Members legally serve as the "shareholders" of the Foundation 
https://www.apache.org/foundation/governance/members.html

For more information on how the ASF works, visit 
http://www.apache.org/foundation/how-it-works.html 

Apache Is Open https://blogs.apache.org/foundation/entry/apache-is-open and 

Briefing: The Apache Way http://apache.org/theapacheway/

# # #

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


The Apache Software Foundation Announces Apache® DolphinScheduler™ as a Top-Level Project

2021-04-08 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/yavpt ]

Open Source distributed Big Data visual workflow scheduler system in use at 
thousands of organizations, including Budweiser, China Unicom, IDG Capital, IBM 
China, JD.com, Lenovo, New Oriental, Nokia China, Qihoo 360, SF Express, and 
Tencent, among others.

Wilmington, DE —8 April 2021— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® DolphinScheduler™ as a 
Top-Level Project (TLP).

Apache DolphinScheduler is a distributed, extensible visual Big Data workflow 
scheduler system. The project was first created at Analysys in December 2017, 
and entered the Apache Incubator in August 2019.

"We learned a lot about becoming a strong Open Source project during our time 
in the Apache Incubator," said Lidong Dai, Vice President of Apache 
DolphinScheduler. "Our incubation mentors helped guide us with developing our 
project and community the Apache Way. We are pleased to have graduated as an 
Apache Top-Level Project."

As a distributed and extensible data workflow scheduler platform with rich 
directed acyclic graph (DAG) visual interfaces, DolphinScheduler solves complex 
task dependencies and triggers in the data pipeline. Out-of-the-box, its 
easy-to-extend processing connects numerous systems to 100,000-level data task 
scheduling. Apache DolphinScheduler is:

 - Cloud Native —support multi-cloud/data center workflow  management, also 
supports Kubernetes, Docker deployment and custom task types, distributed 
scheduling, with overall scheduling capability increased linearly with the 
scale of the cluster

 - Highly Reliable —decentralized multi-master and multi-worker, high 
availability, supported by itself, overload processing

 - User-Friendly —all process definition operations are visualized, defines key 
information at a glance, one-click deployment

 - Supports Rich Scenarios —includes streaming, pause, recover operation, 
multi-tenant, and additional task types such as spark, hive, mr, shell, python, 
flink, sub_process, and more.


"Apache DolphinScheduler is designed for cloud-native," added Dai. "We are 
proud to have built a reliable and cloud friendly data workflow system while 
using next generation architecture and smart UI design."

Apache DolphinScheduler has more than 4,000 users in China, with Internet 
companies and banks forming a large percentage of users. Users include 
Budweiser, China Unicom, IDG Capital, IBM China, JD.com, Lenovo, New Oriental, 
Nokia China, Qihoo 360, SF Express, and Tencent, among others.

"Apache DolphinScheduler is an excellent data workflow open-source product," 
said Zhengjun Yin, Architect at China Unicom. "Its community is very friendly 
and gives us strong support. We save the cost of hundreds of human-months by 
using DolphinScheduler!"

"Apache DolphinScheduler is amazing," said Xide Gu, Architect at JD Logistics. 
"JD Logistics used Apache DolphinScheduler as  a stable and powerful platform 
to connect and control the data flow from various data sources in JDL, such as 
SAP Hana and Hadoop. It offers open API, easy plug-in and stable data flow 
development and scheduler environment. DolphinScheduler really helps JD 
Logistics data team accelerate development efficiency in many Agile BI 
projects!"

"I am honored to guide the DolphinScheduler community from day one of the 
incubating. In the past 1.5 years, it grows fast and healthy," said Sheng Wu, 
ASF Board Member and DolphinScheduler Incubator Champion. "They learned the 
Apache culture quickly, and have great executive capability. It is great to see 
the project graduating from the incubator with a diverse and active community. 
Being a top-level project is a new beginning for you, look forward to becoming 
a global and powerful project."

"I am honored to witness the entire process of DolphinScheduler from open 
source to entry into the Apache incubator, and then to graduation to become an 
independent Apache top-level project," said Shi Shaofeng, Member of the Apache 
Kylin and Apache Incubator Project Management Committees. "During more than one 
year, the participants in the DolphinScheduler community have been adhering to 
the open-source spirit, constantly innovating and making progress. The 
developers and contributors join in the community constantly and make 
DolphinScheduler, a big data scheduling tool created by the Chinese, become 
more and more perfect, more and more users, and enter a virtuous cycle of 
development. It is expected that after graduation from the incubator, she will 
continue to move forward under the management of PMCs and create more value for 
society and the public through open-source software."

"Congratulations to open source project DolphinScheduler for graduating from 
the Apache incubator and becoming ASF's top project," said Chen Liang, Vice 
President of Apache 

Apache Month in Review: March 2021

2021-04-01 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/Mar2021 --video 
highlights available at https://s.apache.org/exppv ]

Welcome to the latest monthly overview of events from the Apache community. 
Here's a summary of what happened in March:

New this month --
 - It's our anniversary! The Apache® Software Foundation Celebrates 22 Years of 
Open Source Leadership – world’s largest Open Source foundation advances 
community-led innovation "The Apache Way" https://s.apache.org/22ndAnniversay

 - Announcing New ASF Board of Directors https://s.apache.org/NewBoard2021

 - ApacheCon™ – the ASF's official global conference series, bringing 
Tomorrow's Technology Today since 1998.
   -- CFPs open for ApacheCon@Home AND ApacheCon Asia 
https://www.apachecon.com/ 
   -- Event Sponsorship available for both ApacheCon@Home and ApacheCon Asia 
https://www.apachecon.com/acah2021/2021_ApacheCon_prospectus.pdf

 - The Apache Software Foundation Operations Summary: Q3 FY2021 (November 2020 
- January 2021) https://s.apache.org/Q3FY2021 + Video highlights 
https://youtu.be/S6FWqAuA_8M

 - The Apache Software Foundation Announces Apache® Daffodil™ as a Top-Level 
Project https://s.apache.org/18vob

 - Apache Month in Review: February 2021 https://s.apache.org/Feb2021 + Video 
highlights https://youtu.be/6TMuYglu2Cc


Important Dates --

  - Next Board Meeting: 21 April 2021. Board calendar and minutes 
http://apache.org/foundation/board/calendar.html


Infrastructure --

Our seven-member Infrastructure team on three continents oversees our 
highly-reliable, distributed network under the leadership of VP Infrastructure 
David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure 
supports 300+ Apache projects and their communities across ~200 individual 
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per 
month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly 
checks to ensure services are available around the clock. The average uptime in 
March was 99.75%. http://www.apache.org/uptime/

Committer Activity --
In March, 783 Apache Committers changed 12,041,653 lines of code over 16,037 
commits. The Committers with the top 5 highest contributions, in order, were: 
Andrea Cosentino, Jean-Baptiste Onofré, Mark Thomas, Claus Ibsen, and Gary 
Gregory.


Project Releases and Updates --

New releases from Apache APISIX (API); Avro (Big Data); Camel (Integration); 
CloudStack (Cloud Computing); Commons Lang and Numbers (Libraries); Daffodil 
(Libraries); Flink (Big Data); HttpComponents (Servers); Jackrabbit (Content); 
Karaf (Application Servers/Middleware); Log4j (Libraries); NetBeans (Integrated 
Development Environment); NiFi (Big Data); OFBiz (Enterprise Processes 
Automation / ERP); OpenMeetings (Web Conferencing); Parquet (Big Data); PDFBox 
(Content); Qpid JMS (Messaging); Skywalking (Application Performance 
Management); SpamAssassin (Mail); Teaclave (Incubating; Computing); Tomcat 
(Servers); Velocity (Library); XMLBeans (Library).
The Apache Incubator is the primary entry path for projects wishing to become 
an official part of the ASF. We invite you to review the many projects 
currently in development in the Apache Incubator http://incubator.apache.org/ .


# # #

To see our Weekly News Round-ups (published every Friday), visit 
https://blogs.apache.org/foundation/ and click on the calendar or hop directly 
to https://blogs.apache.org/foundation/category/Newsletter . For real-time 
updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your 
support!

= = =

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


The Apache® Software Foundation Celebrates 22 Years of Open Source Innovation "The Apache Way"

2021-03-24 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/22ndAnniversay ]

World's largest Open Source foundation provides $22B+ in community-led software 
100% free of charge for the common good

Wilmington, DE —24 March 2021— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today its 22nd Anniversary.

Originally established by the 21-member Apache Group, who oversaw the 
then-3-year-old Apache HTTP Server, the ASF today is the world's largest, 
vendor-neutral, Open Source foundation, comprising 800+ individual Members, 
8,100+ Committers, and 40,000+ code contributors located on every continent. 
Conservatively valued at more than $22B, Apache’s 350+ projects and 37 
incubating podlings are all freely-available to the public-at-large, at 100% no 
cost, and with no licensing fees.

"Over the past 22 years the ASF has evolved to meet the growing needs of the 
greater community," said Sander Striker, Board Chair of The Apache Software 
Foundation. "The ASF enables people from all over the world to collaborate, 
develop, and shepherd the projects and communities that are helping 
individuals, sustaining businesses, and transforming industries."

Advancing its mission of providing software for the public good, the ASF's 
projects are integral to nearly every aspect of modern computing, benefitting 
billions worldwide. The "Apache Way" process of community-led, collaborative 
development has led to breakthrough innovations in Artificial Intelligence and 
Deep Learning, Big Data, Build Management, Cloud Computing, Content Delivery 
and Management, Edge Computing and IoT, Fintech, Identity Management, 
Integration, Libraries, Messaging, Mobile, Search, Security, Servers, and Web 
Frameworks, among other categories. Projects undergoing development in the 
Apache Incubator span AI, Big Data, blockchain, Cloud computing, cryptography, 
deep learning, email, IoT, machine learning, microservices, mobile, operating 
systems, testing, visualization, and more.

Nearly half a million people participate in ASF projects and initiatives, 
including ApacheCon, the ASF's official global conference series; Community 
Development, which oversees contributor onboarding and mentoring and programs 
such as Google Summer of Code; and Diversity & Inclusion, whose programs 
promote diversity, equity, and inclusion across the greater Apache community.

The ASF's influence is everywhere —countless ubiquitous and mission-critical 
applications across dozens of industries are powered by Apache projects; the 
Apache License 2.0 was the top-ranked Open Source license in 2020 (source: 
WhiteSource); the Apache Way is the backbone for open development and inner 
source environments; and new users, developers, and enthusiasts are onboarding 
to the greater Apache community every day (the ASF has been a Google Summer of 
Code mentoring organization for the past 16 years, since the program's 
inception). The ASF is the top-ranked Open Source not-for-profit organization 
with the most stars on GitHub (source: GitHub).

A just-released feature on the ASF in FOSSlife [1] states, "The Apache project 
has undeniably changed the world … Apache remains a crucial Web server, the 
most popular in the field. For building Open Source communities, the lessons 
learned by creating the project still resonate throughout the open source 
world. Every project is advised to respect the Apache value of 'community over 
code'."

ASF operations bolster Apache projects and their communities with 
infrastructure support, bandwidth, connectivity, servers, hardware, development 
environments, legal counsel, accounting services, trademark protection, 
marketing and publicity, educational events, and related administrative 
assistance. As a United States private 501(c)(3) not-for-profit charitable 
organization, the ASF's day-to-day operating expenses are offset through 
tax-deductible sponsorships, corporate contributions, and individual donations. 
Current ASF Sponsors are:

Platinum: Amazon Web Services, Facebook, Google, Huawei, Microsoft, Namebase, 
Pineapple Fund, Tencent, and Verizon Media.

Gold: Anonymous, Baidu, Bloomberg, Cloudera, Confluent, IBM, Indeed, Reprise 
Software, Union Investment, and Workday.

Silver: Aetna, Alibaba Cloud Computing, Capital One, Comcast, Didi Chuxing, Red 
Hat, and Target.

Bronze: Bestecasinobonussen.nl, Bookmakers, Casino2k, Cerner, Curity, GridGain, 
Gundry MD, Host Advice, HotWax Systems, Journal Review, LeoVegas Indian Online 
Casino, Miro-Kredit AG, Mutuo Kredit AG, Online Holland Casino, ProPrivacy, 
PureVPN, RX-M, RenaissanceRe, SCAMS.info, SevenJackpots.com, Start a Blog by 
Ryan Robinson, Talend, The Best VPN, The Blog Starter, The Economic 
Secretariat, Top10VPN, Twitter, and Writers Per Hour.

Targeted Platinum: Amazon Web Services, CloudBees, DLA Piper, Fastly, 
JetBrains, Leaseweb, Microsoft, OSU Open 

Re: The Apache Software Foundation Operations Summary: 1 November 2020 - 31 January 2021

2021-03-22 Thread Sally Khudairi
Video highlights of the ASF Q3 FY2021 Report are now available at 
https://youtu.be/S6FWqAuA_8M 

Many thanks for sharing!

= = =

On Mon, Mar 15, 2021, at 11:23, Sally Khudairi wrote:
> [this report is available online at https://s.apache.org/Q3FY2021 ]
> 
> FOUNDATION OPERATIONS SUMMARY
> 
> Third Quarter, Fiscal Year 2021 (November 2020 - January 2021)
> 
> "We’re proud to be a part of the ASF community and look forward to 
> continued support of its mission to provide Open Source software for 
> the public good."
> —Joel Marcey, Open Source Developer Advocate and Ecosystem Lead at 
> Facebook (ASF Platinum Sponsor)
> 
> 
> 
> > Conferences and Events http://apachecon.com/ 
> 
> We held no events during the reporting period.
> 
> We have begun discussion of dates and details for ApacheCon 2021, and 
> expect to have an announcement by March 1st. This event will, once 
> again, be an online-only event.
> 
> Please watch @apachecon (on Twitter) for that announcement.
> 
> 
> > Community Development http://community.apache.org/ 
> 
> During December an Apache Roadshow China was held in conjunction with 
> COSCon. The event was a great success and we are looking forward to 
> participation at future events.
> 
> A key theme this quarter was communication and ensuring our community 
> was being kept informed of what is happening. As a result, we have been 
> experimenting with a new format for the Apache News Roundup have been 
> trialling it with the community. A range of short videos have been 
> created focussed on different but hopefully useful topics. Feedback 
> from the community has been extremely positive.
> 
> We applied for and were accepted for an online booth at FOSDEM. 
> Throughout January most of our efforts were focussed on preparing for 
> our participation at FOSDEM. Even with the very short timeframe,  
> several of our volunteers worked quickly and efficiently to put 
> together an online presence for us during the event.
> 
> A request has been received to try and establish an Apache Local 
> Community (ALC) in Nigeria so we are currently looking for an ASF 
> member or PMC members from any Apache project that live locally that 
> can become the main point of contact. These are part of the minimum 
> requirements for governance when establishing a new ALC group.
> 
> We are in the final stages of our Google Summer of Code (GSoC) 
> application so have also been gathering ideas from our projects.
> 
> Our mailing list has seen a large increase in traffic this quarter. 
> Some of the increase is related to GSoC proposal requests being 
> received from our projects. Yet even with the break for the holidays, 
> it was good to see our discussion activity grow.  
> 
> 
> > Committers and Contributions 
> > http://apache.org/licenses/contributor-agreements.html 
> 
> Over the past quarter, 1,424 contributors committed 64,101 changes that 
> amount to 35,706,852 lines of code across Apache projects. The top 5 
> contributors, in order, were: Andrea Cosentino (1,544 commits), Xiang 
> Xiao (1,301 commits), Jean-Baptiste Onofré (971 commits), Kaxil Naik 
> (907 commits), and Gary Gregory (878 commits).
> 
> All individuals who are granted write access to the Apache repositories 
> must submit an Individual Contributor License Agreement (ICLA). 
> Corporations that have assigned employees to work on Apache projects as 
> part of an employment agreement may sign a Corporate CLA (CCLA) for 
> contributing intellectual property via the corporation. Individuals or 
> corporations donating a body of existing software or documentation to 
> one of the Apache projects need to execute a formal Software Grant 
> Agreement (SGA) with the ASF.
> 
> During Q3 FY2021, the ASF Secretary processed 198 ICLAs, 4 CCLAs, and 
> 16 Software Grants. History of Apache committer growth can be seen at 
> https://projects.apache.org/timelines.html
> 
> 
> 
> > Brand Management http://apache.org/foundation/marks/ 
> 
> Operations —the work of the Brand Management team falls broadly into 
> one of four categories:
> 
> providing advice to projects
> granting permission to use our marks
> trademark transfers and registrations
> addressing potential infringements of our marks
> As with previous quarters we provided both Apache projects and external 
> parties with advice on the correct use of Apache marks in a range of 
> scenarios including branding of YouTube channels, Docker images 
> Registrations, publishing, translations of project websites, tshirts, 
> and stickers. The COVID-19 pandemic doesn't appear to reduced the 
> number of project related events although all of the ones approves this 
> quar

The Apache Software Foundation Operations Summary: 1 November 2020 - 31 January 2021

2021-03-15 Thread Sally Khudairi
 Stein, David Nalley, and Ruth Suehle for the truly excellent 
collaboration which made a change of this extent possible.

We thank Virtual for their many years of service.  The Apache Software 
Foundation would not be where we are today without the tireless efforts of 
Virtual to modernize our accounting processes and make them sustainable.

In all, the transition has been extremely smooth.  Our books were imported 
without difficulties.  Thanks to the work Myrle Krantz and Greg Stein performed 
earlier this year to introduce bill.com, there were no interruptions in our 
vendor payments.  And thanks to heightened attention by Sally Khudairi, and 
Daniel Ruggeri and IgniteSpot, there were no interruptions to sponsor invoicing.

The financial report has a few more details than past quarterly reports.  We 
have adjusted reporting to include mention of restricted funds.

ASF Treasury has gone above and beyond to support fundraising this quarter.  In 
particular, to make possible a two year platinum sponsorship before the end of 
the sponsor’s fiscal year, Myrle Krantz, with support from Greg Stein, and 
direction from Sally Khudairi interfaced with a sponsor’s PO system and 
generated and submitted last minute estimates and invoices.  This team worked 
through multiple iterations over the course of several hours on New Year’s Eve 
and New Year’s Day to get it right.  This was possible, in part, because the 
ASF Treasury now has access to our own books via QuickBooks Online.

We have added a bank account at TDBank to our mix of financial instruments.  
The majority of our cash remains in a CDARS account at Boston Private which 
provides FDIC insurance for the full amount.

[please see the balance sheet at https://s.apache.org/Q3FY2021 ]


> Diversity and Inclusion http://diversity.apache.org/

Diversity & Inclusion

Q3 of FY2021 focused on wrapping up the first research on the current status of 
D at the ASF, securing funds for one more year of Outreachy internships and 
planning for FY2022. Below is a breakdown of these accomplishments.

Wrapping the research on the current status of Diversity and Inclusion at the 
ASF
This project was composed of two initiatives: The ASF Community Survey and a 
User Experience Research for contributors of underrepresented groups. These two 
initiatives concluded in Q2 and we have a final draft 
https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=173087952 to 
be published in multiple channels, such as research publications and 
conferences like ApacheCon.

Continuing the internships for underrepresented groups through Outreachy.org
The third period of Outreachy internships is underway and we have six interns 
for six different Apache projects 
https://cwiki.apache.org/confluence/display/EDI/2020-11-25+Outreachy+Meeting+notes
 . We secured $52,000 in sponsorship from Google to continue with this program 
for one more year. The sponsorship will be processed in March 2021.  

FY2022 planning
The findings and recommendations from the research completed in FY2021 will be 
the platform  for taking action in FY2022. The D committee will have the 
following goals in FY2022: 

Act on the findings and recommendations from the research done in FY2021
Continue the Outreachy Internships
Re-application of the community survey to measure changes since the survey was 
last done in 2020. 
 The ultimate objective is to scope and define a project that will help us take 
the current state of D at the ASF to better neights. We will partner with 
Bitergia again, this is the firm that conducted the research and ran the ASF 
community survey in 2020. One of the alternatives we’re strongly considering is 
the creation of a program that helps podlings in the incubator develop strong 
practices for inclusion, enabling the projects to be diverse from the moment 
they graduate from incubation. This is still one are of consideration, and 
we’ll have the final selection by the end of the quarter. 

 

> Fundraising http://apache.org/foundation/contributing.html

As was noted in prior quarterly reports, Fundraising continues to move along 
well operationally. In addition to performing regular renewals, we are further 
honing our processes by experimenting with automation and tooling to augment 
our work. In this quarter, we are pleased to note that all ApacheCon 
sponsorships have completed and closed in the early quarter. Additionally, we 
managed to continue business-as-usual during a very busy December as the 
foundation onboarded a new accounting provider and platform.

We continue maintaining cautious optimism as we weather the current pandemic 
with our Sponsors and are tremendously thankful for the continued sponsorship 
despite the hard times. While we regret that two Bronze sponsors chose not to 
renew their sponsorship this quarter, we are thrilled to welcome a new Platinum 
Sponsor, Gold Sponsor, Silver Sponsor, and Bronze Sponsor! This growth in 
sponsorships is a heart war

Announcing New ASF Board of Directors

2021-03-11 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/NewBoard2021 ]

At The Apache Software Foundation (ASF) Annual Members' Meeting held this week, 
the following individuals were elected to the ASF Board of Directors:

- Bertrand Delacretaz (current Director)
- Roy Fielding (current Director)
- Sharan Foga (new Director)
- Justin Mclean (current Director)
- Craig Russell (current Director)
- Sam Ruby (current Director)
- Roman Shaposhnik (former Director)
- Sander Striker (current Director)
- Sheng Wu (new Director)


The ASF thanks Shane Curcuru, Patricia Shanahan, and Niclas Hedhman (who 
resigned from the Board prior to the Members’ Meeting) for their service, and 
welcomes our new and returning directors.

An overview of the ASF's governance, along with the complete list of ASF Board 
of Directors, Executive Officers, and Project/Committee Vice Presidents, can be 
found at http://apache.org/foundation/

For more information on the Foundation's operations and structure, see 
http://apache.org/foundation/how-it-works.html#structure

# # #

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


The Apache Software Foundation Announces Apache® Daffodil™ as a Top-Level Project

2021-03-04 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/18vob ]

Open Source universal data interchange implementation of the Data Format 
Description Language (DFDL) standard in use at DARPA, GE Research, Naval 
Postgraduate School, Owl Cyber Defense, Perspecta Labs, and Raytheon BBN 
Technologies, among others.

Wilmington, DE —4 March 2021— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® Daffodil™ as a Top-Level 
Project (TLP).

Apache Daffodil is an Open Source implementation of the Data Format Description 
Language 1.0 specification (DFDL; the Open Grid Forum open standard framework 
for describing the attributes of any data format [1]) to enable universal data 
interchange. The project was first created at the University of Illinois 
National Center for Supercomputing Applications (NCSA) in 2009, and entered the 
Apache Incubator in August 2017.

"We’re extremely excited that Apache Daffodil has achieved this important 
milestone in its development. The Daffodil DFDL implementation is a game 
changer in complex text and binary data interfaces and creates massive 
opportunities for organizations to easily implement highly sophisticated 
processes like data decomposition, inspection, and reassembly," said Michael 
Beckerle, Vice President of Apache Daffodil. "Instead of spending a lot of time 
worrying about how to deal with so many kinds of data that you need to take in, 
from day one you can convert all sorts of data into XML, or JSON, or your 
preferred data structure, and convert back if you need to write data out in its 
original format."

Apache Daffodil is particularly useful in large-scale organizations, such as 
governments and large corporations, where massive amounts of complex and legacy 
data must be exchanged and made accessible every day. Daffodil is also 
particularly useful in cybersecurity, where data must be inspected for 
correctness and sanitized.

Apache Daffodil is in use at major global organizations that include DARPA, GE 
Research, Naval Postgraduate School, Owl Cyber Defense, Perspecta Labs, and 
Raytheon BBN Technologies, among others.

"We are using Daffodil to translate DFDL schema specifications into code for 
our Monitoring & INspection Device (MIND) as part of our work on DARPA’s 
Guaranteed Architecture for Physical Security (GAPS) program," said said Bill 
Smith, Principal Engineer at GE Research. "One of our engineers has joined the 
Apache Daffodil Project Management Committee and is building out the new 
DFDL-to-C backend on a dedicated Daffodil development branch. We are now 
translating DFDL schemas provided by other DARPA GAPS performers to C code 
suitable for the small resource-constrained controllers in our MIND device. 
When complete, Daffodil’s DFDL-to-C backend will give us the ability to 
annotate DFDL schemas with security policies and rapidly reconfigure our MIND 
device for different mission security profiles."

"Apache Daffodil is an important asset to our cross domain solutions technology 
stack, allowing Owl to support our customers by extending our filtering 
capabilities to new data types faster and with less risk," said Ken Walker, CTO 
at Owl Cyber Defense. "It’s directly in line with our company priorities, as 
supporters of the Open Source community, and highly beneficial to our product 
lines to have this high-quality Open Source implementation of DFDL to support 
challenging, sometimes proprietary data formats, such as Link16, VMF, USMTF, 
OSIsoft PI System, and JANAP-128, without the need to develop additional 
software. DFDL enables our Raise-the-Bar compliant cross domain solutions to 
support new data types without additional rounds of lengthy lab-based testing 
and recertification."

"The DFDL open spec and the Apache Daffodil implementation have helped us 
tremendously in parsing and transforming fixed-format data in a variety of 
different R projects at BBN," said Michael Atighetchi, Lead Scientist at 
Raytheon BBN Technologies. "Sharing parsers through a vendor-neutral XML 
representation is a game changer that enables a significant speedup in 
developing, maturing, and transitioning advanced capabilities to help war 
fighters."

"Our research on applying Data Format Description Language (DFDL) is exploring 
how to unlock and archive a plethora of diverse data streams from unmanned 
systems," said Don Brutzman, Naval Postgraduate School. "Both the DFDL standard 
and the Apache Daffodil open-source implementation provide a big benefit for 
these potential capabilities. Continuing work at Naval Postgraduate School 
(NPS) Consortium for Robotics and Unmanned Systems Education and Research 
(CRUSER) hopes to make telemetry from field experimentation and simulation 
repeatably tractable for Big Data analytics."

"Graduation to a TLP recognizes that the Apache Daffodil project follows the 
rigorous software 

Apache Month in Review: February 2021

2021-03-01 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/Feb2021 ]

Welcome to the latest monthly overview of events from the Apache community. 
Here's a summary of what happened in February:

New this month --
 - Call for Apache project proposals and mentors: Outreachy Open Source 
internship program May-Aug 2021 https://s.apache.org/s7tz2

 - The Apache Software Foundation Announces Apache® DataSketches™ as a 
Top-Level Project https://s.apache.org/jhvqu

 - The Apache Software Foundation Announces Apache® Gobblin™ as a Top-Level 
Project https://s.apache.org/df92k

 - The Apache® Software Foundation Sustains its Mission of Providing Software 
for the Public Good through Corporate Sponsorships and Charitable Giving 
https://s.apache.org/8foo2

 - Apache Month in Review: January 2020 https://s.apache.org/Jan2021


Important Dates --

  - Next Board Meeting: 17 March 2021. Board calendar and minutes 
http://apache.org/foundation/board/calendar.html


Infrastructure --

Our seven-member Infrastructure team on three continents oversees our 
highly-reliable, distributed network under the leadership of VP Infrastructure 
David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure 
supports 300+ Apache projects and their communities across ~200 individual 
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per 
month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly 
checks to ensure services are available around the clock. The average uptime in 
February was 99.97%. http://www.apache.org/uptime/

Committer Activity --
In February, 718 Apache Committers changed 8,293,634 lines of code over 13,685 
commits. The Committers with the top 5 highest contributions, in order, were: 
Andrea Cosentino, Gary Gregory, Claus Ibsen, Andi Huber, and Benoit Tellier.


Project Releases and Updates --

New releases from Apache Airflow (Big Data); APISIX (API); Beam (Big Data); 
BookKeeper (Big Data); Camel (Integration); Commons NET (Libraries); Directory 
Studio (Network Client / Server); Druid (Big Data); Flink (Big Data); 
FreeMarker (Templating); HttpComponents (Servers); Lucene (Search); MyFaces 
(Web Frameworks); NiFi (Big Data); NLPCraft (Incubating; Natural Language 
Processing); PLC4X (IoT); Qpid Broker (Messaging); Qpid Dispatch (Messaging); 
Skywalking (Application Performance Management); Tomcat (Servers).

The Apache Incubator is the primary entry path for projects wishing to become 
an official part of the ASF. EventMesh entered the Apache Incubator as a new 
podling this month. We invite you to review the many projects currently in 
development in the Apache Incubator http://incubator.apache.org/ .

# # #

To see our Weekly News Round-ups (published every Friday), visit 
https://blogs.apache.org/foundation/ and click on the calendar or hop directly 
to https://blogs.apache.org/foundation/category/Newsletter . For real-time 
updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your 
support!

= = =

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


Re: Apache Software Foundation Security Report: 2020

2021-02-23 Thread Sally Khudairi
Video highlights of the ASF Security Report: 2020 now available at 
https://youtu.be/Z7yudar_da0

Do enjoy,
Sally

- - - 
Vice President Marketing & Publicity
Vice President Sponsor Relations
The Apache Software Foundation


On Mon, Jan 25, 2021, at 08:59, Sally Khudairi wrote:
> [this report is available online at https://s.apache.org/SecurityReport2020 ]
> 
> Synopsis: This report explores the state of security across all Apache 
> Software Foundation projects for the calendar year 2020. We review key 
> metrics, specific vulnerabilities, and the most common ways users of 
> ASF projects were affected by security issues.
> 
> Released: January 2021
> 
> Author: Mark Cox, Vice President Security, Apache Software Foundation
> 
> Background
> The security committee of the Apache Software Foundation (ASF) oversees 
> and coordinates the handling of vulnerabilities across all of the 340+ 
> Apache projects.  Established in 2002 and composed of all volunteers, 
> we have a consistent process  https://s.apache.org/cveprocess for how 
> issues are handled, and this process includes how our projects must 
> disclose security issues.
> 
> Anyone finding security issues in any Apache project can report them to 
> secur...@apache.org where they are recorded and passed on to the 
> relevant dedicated security teams 
> https://apache.org/security/projects.html or private project management 
> committees (PMC) to handle.  The security committee monitors all the 
> issues reported across all the addresses and keeps track of the issues 
> throughout the vulnerability lifecycle.
> 
> The security committee is responsible for ensuring that issues are 
> dealt with properly and will actively remind projects of their 
> outstanding issues and responsibilities.  As a board committee, we have 
> the ability to take action including blocking their future releases or, 
> worst case, archiving a project if such projects are unresponsive to 
> handling their security issues.  This, along with the Apache Software 
> License, are key parts of the ASF’s general oversight function around 
> official releases, allowing the ASF to protect individual developers 
> and giving users confidence to deploy and rely on ASF software.
> 
> The oversight into all security reports, along with tools we have 
> developed, gives us the ability to easily create metrics on the issues. 
>  Our last report covered the metrics for 2019 
> https://s.apache.org/security2019 .
> 
> Statistics for 2020
> In 2020 our security email addresses received in total 18,000 emails. 
> After spam filtering and thread grouping this was 946 (2019: 620) 
> non-spam threads.  Unfortunately many security reports do look like 
> spam and so the security team are careful to review all messages to 
> ensure real reports are not missed for too long.
> 
> [see image online at https://s.apache.org/SecurityReport2020 ]
> 
> Diagram 1: Breakdown of ASF security email threads for calendar year 2020
> 
> Diagram 1 gives the breakdown of those 946 threads.  257 threads (27%) 
> were people confused by the Apache License.  As many projects use the 
> Apache License, not just those under the ASF umbrella, people can get 
> confused when they see the Apache License and they don't understand 
> what it is.  This is most common for example on mobile phones where the 
> licenses are displayed in the settings menu, usually due to the 
> inclusion of software by Google released under the Apache License.  We 
> no longer reply to these emails. This is nearly double the number we 
> saw in 2019.
> 
> The next 220 of the 946 (23%) are email threads with people asking 
> non-security (usually support-type) questions.
> 
> The next 93 of those reports were researchers reporting issues in an 
> Apache web site.  These are almost always false negatives; where a 
> researcher reports us having directory listings enabled, source code 
> visible, or the lack of various domain headers.  These reports are 
> generally the unfiltered output of some publicly available scanning 
> tool, and often where the reporter asks us for some sort of monetary 
> reward (bounty) for their report.
> 
> That left 376 (2019: 320) reports of new vulnerabilities in 2020, which 
> spanned across 101 of the top level projects.  These 376 reports are a 
> mix of both external reporters and internal; for example where a 
> project has found an issue themselves and followed the ASF process to 
> assign it a CVE name and address it we’d still count it here.  We don’t 
> keep metrics that would give the breakdown of internal vs external 
> reports.
> 
> The next step is that the appropriate project triages the report to see 
> if it's really an issue or not.  Invalid repor

The Apache® Software Foundation Sustains its Mission of Providing Software for the Public Good through Corporate Sponsorships and Charitable Giving

2021-02-23 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/8foo2 ]

World's largest Open Source Foundation provides more than $22B worth of 
community-led software at 100% no charge to users worldwide.

Wilmington, DE —23 February 2021— The Apache® Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today that Corporate Sponsorship and 
Charitable Giving has enabled the Foundation to sustain its mission of 
providing software for the public good.

The ASF is the world's largest Open Source foundation. Apache software projects 
are integral to nearly every end-user computing device, benefit billions of 
users worldwide, with Web requests received from every Internet-connected 
country on the planet. Valued conservatively at more than $22B, Apache Open 
Source software is available to the public-at-large at 100% no cost. No payment 
of any kind is ever required to use, contribute to, or otherwise participate in 
Apache projects. The ASF depends on tax-deductible Sponsorships and donations 
to offset its operations expenses that include infrastructure, marketing and 
publicity, accounting, and legal services.

"We are proud of our Sponsors, whose generous support helps our volunteer 
community continue to develop essential software that keeps the world running," 
said Daniel Ruggeri, ASF Vice President of Fundraising. "ASF Sponsorship allows 
us to make great strides towards developing and improving our projects, 
enriching our communities, educating and mentoring newcomers, and encouraging 
and facilitating participation by under-represented groups. Fiscal support 
today secures the groundwork to ensure future Apache benefits can be shared by 
all."

ASF Sponsors include:

Platinum —Amazon Web Services, Facebook, Google, Huawei, Microsoft, Namebase, 
Pineapple Fund, Tencent, and Verizon Media.

Gold —Anonymous, Baidu, Bloomberg, Cloudera, Confluent, IBM, Indeed, Reprise 
Software, Union Investment, and Workday.

Silver —Aetna, Alibaba Cloud Computing, Capital One, Comcast, Didi Chuxing, Red 
Hat, and Target.

Bronze —Bestecasinobonussen.nl, Bookmakers, Casino2k, Cerner, Curity, Gundry 
MD, GridGain, Host Advice, HotWax Systems, LeoVegas Indian Online Casino, 
Miro-Kredit AG, Mutuo Kredit AG, Online Holland Casino, ProPrivacy, PureVPN, 
RX-M, RenaissanceRe, SCAMS.info, SevenJackpots.com, Start a Blog by Ryan 
Robinson, Talend, The Best VPN, The Blog Starter, The Economic Secretariat, 
Top10VPN, and Twitter.

In addition to ASF Sponsors, Targeted Sponsors provide in-kind support for 
select Foundation operations and initiatives that benefit Apache Projects and 
their communities. They include:

Platinum —Amazon Web Services, CloudBees, DLA Piper, JetBrains, Leaseweb, 
Microsoft, OSU Open Source Labs, Sonatype, and Verizon Media.

Gold —Atlassian, Datadog, Docker, PhoenixNAP, and Quenda.

Silver —HotWax Systems, Manning Publications, and Rackspace.

Bronze —Bintray, Education Networks of America, Friend of Apache Cordova, 
Hopsie, Google, No-IP, PagerDuty, Peregrine Computer Consultants Corporation, 
Sonic.net, SURFnet, and Virtru.

"We deeply appreciate the ongoing support over the course of this 
unprecedentedly challenging year," said Sally Khudairi, ASF Vice President of 
Sponsor Relations. "Widespread awareness of the value of The Apache Software 
Foundation has led organizations and individuals to reach deep and help ensure 
our day-to-day operations continue without interruption. We are grateful and 
humbled by the support."

Corporate Contributions
In addition to Sponsorship, a variety of Corporate Giving programs benefit the 
ASF. They include:

Annual Corporate Giving —organizations such as Bloomberg Philanthropies, IBM, 
Microsoft, PayPal, Vanguard, and many others offer tax benefits and provide 
their employees the ability to boost their support of a diverse set of 
nonprofit organizations that include the ASF.

Matching Gifts and Volunteer Grants —donations to the ASF can be doubled or 
tripled through a corporate matching gift program. Employers such as American 
Express, AOL, Bloomberg, IBM, and Microsoft match contributions and volunteer 
hours made by their employees.

Charitable Gifts and Payroll Giving —as an official charity in Benevity 
https://www.benevity.com/ , the Blackbaud Giving Fund 
https://blackbaudgivingfund.org/ , and other philanthropic giving distributors, 
the ASF benefits from numerous corporate giving initiatives, such as the 
Microsoft Tech Talent for Good volunteer program and Charles Schwab Charitable, 
among others.

Individual Donations
Individuals and organizations wishing to support Apache with one-time and 
recurring tax-deductible donations using a credit or debit card, PayPal, ACH 
electronic bank transfer, or Apple/Google/Microsoft Pay on their mobile device 
are invited to do so at https://donate.apache.org/ . Supporting

The Apache Software Foundation Announces Apache® Gobblin™ as a Top-Level Project

2021-02-16 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/df92k ]

Open Source distributed Big Data integration framework in use at Apple, CERN, 
Comcast, Intel, LinkedIn, Nerdwallet, PayPal, Prezi, Roku, Sandia National 
Labs, Swisscom, Verizon, and more.

Wilmington, DE —16 February 2021— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® Gobblin™ as a Top-Level 
Project (TLP).

Apache Gobblin is a distributed Big Data integration framework used in both 
streaming and batch data ecosystems. The project originated at LinkedIn in 
2014, was open-sourced in 2015, and entered the Apache Incubator in February 
2017.

"We are excited that Gobblin has completed the incubation process and is now an 
Apache Top-Level Project," said Abhishek Tiwari, Vice President of Apache 
Gobblin and software engineering manager at LinkedIn. "Since entering the 
Apache Incubator, we have completed four releases and grown our community the 
Apache Way to more than 75 contributors from around the world."

Apache Gobblin is used to integrate hundreds of terabytes and thousands of 
datasets per day by simplifying the ingestion, replication, organization, and 
lifecycle management processes across numerous execution environments, data 
velocities, scale, connectors, and more.

"Originally creating this project, seeing it come to life and solve 
mission-critical problems at many companies has been a very gratifying 
experience for me and the entire Gobblin team," said Shirshanka Das, Founder 
and CTO at Acryl Data, and member of the Apache Gobblin Project Management 
Committee.

As a highly scalable data management solution for structured and byte-oriented 
data in heterogeneous data ecosystems, Apache Gobblin makes the arduous task of 
creating and maintaining a modern data lake easy. It supports the three main 
capabilities required by every data team: 

 - Ingestion and export of data from a variety of sources and sinks into and 
out of the data lake while supporting simple transformations. 
 - Data Organization within the lake (e.g. compaction, partitioning, 
deduplication).
 - Lifecycle and Compliance Management of data within the lake (e.g. data 
retention, fine-grain data deletions) driven by metadata.

"Apache Gobblin supports deployment models all the way from a single-process 
standalone application to thousands of containers running in cloud-native 
environments, ensuring that your data plane can scale with your company’s 
growth," added Das.

Apache Gobblin is in use at Apple, CERN, Comcast, Intel, LinkedIn, Nerdwallet, 
PayPal, Prezi, Roku, Sandia National Laboratories, Swisscom, and Verizon, among 
many others.

"We chose Apache Gobblin as our primary data ingestion tool at Prezi because it 
proved to scale, and it is a swiss army knife of data ingestion," said Tamas 
Nemeth, Tech Lead and Manager at Prezi. "Today, we ingest, deduplicate, and 
compact more than 1200 Apache Kafka topics with its help, and this number is 
still growing. We are looking forward to continuing to contribute to the 
project and helping the community enable other companies to use Apache Gobblin."

"Apache Gobblin has been at the center stage of the data management story at 
LinkedIn. We leverage it for various use-cases ranging from ingestion, 
replication, compaction, retention, and more," said Kapil Surlaker, Vice 
President of Engineering at LinkedIn. "It is battle-tested and serves us well 
at exabyte scale. We firmly believe in the data wrangling capabilities that 
Gobblin has to offer, and we will continue to contribute heavily and 
collaborate with the Apache Gobblin community. We are happy to see that Gobblin 
has established itself as an industry standard and is now an Apache Top-Level 
Project."

"Open community and meritocracy are the key drivers for Apache Gobblin's 
success," added Tiwari. "We invite everyone interested in the data management 
space to join us and help shape the future of Gobblin."

Catch Apache Gobblin in action in the upcoming hackathon planned for late Q1 
2021. Details will be posted on the Apache Gobblin mailing lists and Twitter 
feed listed below.

Availability and Oversight
Apache Gobblin software is released under the Apache License v2.0 and is 
overseen by a self-selected team of active contributors to the project. A 
Project Management Committee (PMC) guides the Project's day-to-day operations, 
including community development and product releases. For downloads, 
documentation, and ways to become involved with Apache Gobblin, visit 
https://gobblin.apache.org/ and https://twitter.com/ApacheGobblin 

About the Apache Incubator
The Apache Incubator is the primary entry path for projects and codebases 
wishing to become part of the efforts at The Apache Software Foundation. All 
code donations from external organizations and existing external projects enter 
the ASF through the 

The Apache Weekly News Round-up: week ending 12 February 2021

2021-02-12 Thread Sally Khudairi
[this newsletter is available online at https://s.apache.org/26lb3 ]

Friday arrived quickly --happy Lunar New Year to those who celebrate! The 
Apache community has had a productive week; let's review:

ASF Board – management and oversight of the business affairs of the corporation 
in accordance with the Foundation's bylaws. 
 - Next Board Meeting: 17 February 2021. Board calendar and minutes 
https://apache.org/foundation/board/calendar.html

Apache Diversity & Inclusion – initiatives that promote diversity, equity, and 
inclusion across the greater Apache community.
 - Call for Apache project proposals and mentors: Outreachy Open Source 
internship program May-Aug 2021 
https://lists.apache.org/thread.html/r7ba52de92d2a31d623aa510573de89c9d8a82ab01e85c87f43a792d4%40%3Cannounce.apache.org%3E

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's 
Technology Today since 1998.
 - ApacheCon@Home keynotes, plenaries, and presentations on Big Data, 
Camel/Integration, Cassandra, Community, Content Delivery (Traffic 
Server/Traffic Control), cTAKES, Fineract/Fintech, Geode, Geospatial, Groovy, 
HTTP Server (httpd and the Web), Ignite, Incubator, IoT, Jena, Karaf, Machine 
Learning, Mahout, Multi-lingual tracks (Hindi/German/Mandarin/Spanish), 
Observability, OpenOffice, Pulsar/Bookkeeper, Royale, Solr/Lucene/Search 
Learning, Streaming, Tomcat, and more are available at 
https://www.youtube.com/c/TheApacheFoundation/  

ASF Infrastructure – our distributed team on three continents keeps the ASF's 
infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.96%. Performance checks across 50 
different service components spread over more than 250 machines in data centers 
around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 388 Apache Committers changed 
2,346,803 lines of code over 4,410 commits. Top 5 contributors, in order, are: 
Bernd Bohmann, Gary Gregory, Tellier Benoit, Andrea Cosentino, and Claus Ibsen.

Apache Project Announcements – the latest updates by category.

APIs --
 - Apache APISIX 2.3 released https://apisix.apache.org/

IoT --
 - Apache PLC4X 0.8.0 released https://plc4x.apache.org/

Observability --
 - Apache SkyWalking CLI 0.6.0 released https://skywalking.apache.org/

Servers --
 - Apache HttpComponents Core 5.1 BETA3 released https://hc.apache.org/
 - Apache Tomcat 8.5.63 released https://tomcat.apache.org/

Web Frameworks --
 - Apache MyFaces Core 2.2.14 released http://myfaces.apache.org/ 


Did You Know?

- Did you know that downloads of Apache OpenOffice exceed 1 Million each month? 
https://openoffice.apache.org/

- Did you know that Airbnb uses Apache Superset for deep data insights, 
visualizing metrics, and business intelligence at scale? 
https://superset.apache.org/

- Did you know that the Apache Groovy, Kafka, and Maven communities will be 
participating at DevNexus online on 17 February? Registration is free and open 
to all http://devnexus.com


Apache Community Notices

- Apache Month In Review: January 2021 https://s.apache.org/Jan2021 + Video 
highlights https://youtu.be/hWMonAbaprU

- The Apache Software Foundation Operations Summary: Q2 FY2021 (August - 
October 2020) https://s.apache.org/Q2FY2021

- Apache in 2020 - By The Digits https://s.apache.org/Apache2020Digits + Video 
highlights https://s.apache.org/Apache2020Digits-vid

- ASF Security Report 2020 https://s.apache.org/SecurityReport2020

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature 
https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" 
https://s.apache.org/ApacheEverywhere 3) "Why Apache" 
https://s.apache.org/ASF-Trillions 4) “Apache Innovation” 
https://s.apache.org/ApacheInnovation 

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements 
http://www.apache.org/foundation/reports.html

 - "Success at Apache" focuses on the people and processes behind why the ASF 
"just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF 
infrastructure team --meet 
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
  ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III 
https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II 
https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II 
https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II 
https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II 

The Apache Software Foundation Announces Apache® DataSketches™ as a Top-Level Project

2021-02-03 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/jhvqu ]

Open Source high-performance Big Data streaming algorithm library in use at 
Nielsen Identity, Permutive, Splice Machine, and Verizon Media, among others.

Wilmington, DE —3 February 2021— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® DataSketches™ as a Top-Level 
Project (TLP).

Apache DataSketches is a highly performant Big Data analysis library for 
scalable approximate algorithms. The project originated at Yahoo in 2012, was 
open-sourced in 2015, and entered the Apache Incubator in March 2019.

"We are excited to be part of the ASF," said Lee Rhodes, Vice President of 
Apache DataSketches. "We have learned a great deal from the incubation process 
and look forward to working with new users of our library that want to take 
advantage of sketching technology."

Apache DataSketches’s library of specialized streaming algorithms —known as 
sketches— comprise small data structures that process data at massive scale. 
Sketches are ideal for queries that cannot afford the time or huge compute 
resources needed to generate exact results. Where approximate results are 
acceptable, sketches are the only viable alternative for interactive queries 
with real-time analysis. Apache DataSketches is:

 - Fast —produces approximate results at orders of magnitude faster than 
traditional methods -- user configurable size vs accuracy tradeoff;
 - Efficient —sketch algorithms process data in a single pass for both 
real-time and batch;
 - Mergeable —allows for parallelization;
 - Optimized for large-scale computing environments that process Big Data —such 
as Apache Hadoop, Apache Spark, Apache Druid, Apache Hive, Apache Pig, 
PostgreSQL;
 - Binary compatible across multiple languages and platforms —available in 
Java, C++, and Python;
 - Expanded Analysis —including count distinct with set operations, quantiles, 
most frequent items (heavy hitters), matrix computations, and more; and
 - Mathematically defined and proven error properties —provides a priori and a 
posteriori error estimation and upper and lower bounds with statistically 
derived confidence intervals.

Apache DataSketches is used in large-scale computing environments such as 
Nielsen Identity, Permutive, Splice Machine, and Verizon Media, among others, 
as well as Apache Druid and Apache Pinot (incubating).

"The Apache DataSketches project takes powerful algorithms for data 
summarization and analysis, and makes them available to everyone," said 
Professor Graham Cormode of the  University of Warwick. "While these methods 
are tremendously useful in practice, their descriptions were previously only in 
highly technical scientific papers. This project has made robust, dependable 
and well-documented implementations available to all. Already the library has 
been used for a wide range of applications, including service quality, 
monitoring, ad analytics and the sciences."

"Using Apache DataSketches has enabled Apache Druid users to perform common 
tasks such as quantiles and unique counting in a highly performant and 
efficient manner," said Gian Merlino, Vice President of Apache Druid. "We have 
worked closely together over the years to make the power of DataSketches 
accessible to Apache Druid users, helping us provide real-time analytics at 
scale."

"Sketches are fundamental to calculating many of our key company metrics," said 
Tom Miller, Director of Software Development Engineering at Verizon Media. "It 
allows us to greatly simplify our data processing and reduce storage costs by 
allowing us to calculate non-additive metrics across user specified dimension 
combinations at report time instead of having to either retain raw data or 
pre-calculate for each set of dimensions."

"Combining Apache Druid and DataSketches allows us to provide our customers 
real-time insights into their target audiences and advertising campaigns," said 
Yakir Buskilla, Senior Vice President of Research and Development and General 
Manager Israel at Nielsen Identity. "The ability to evaluate set expressions 
make the Theta Sketch especially powerful for multi-set cardinality estimation 
as well as funnel analysis."

“Apache DataSketches has provided us with a solid theoretical foundation upon 
which we are able to store and process data at scale - in a simple, fast and 
cost-efficient manner," said David Cromberge, Senior Software Engineer at 
Permutive. "It has been a pleasure to engage with their creators and community 
who have been helpful at every step of the way.”

"We use DataSketches's Theta-Sketches for distinct-count aggregations that are 
used to solve large multi-set cardinality approximation," said Mayank 
Shrivastava, Committer and member of the Apache Pinot (incubating) Podling 
Project Management Committee. "The ability to evaluate set expressions make the 

Apache Month in Review: January 2021

2021-02-01 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/Jan2021 --Video 
highlights https://youtu.be/hWMonAbaprU ]

Welcome to the latest monthly overview of events from the Apache community. 
Here's a summary of what happened in January:

New this month --
 - Apache in 2020 - By The Digits – a look at the achievements from the Apache 
Community over the past 12 months.
   -- Summary and stats at https://s.apache.org/Apache2020Digits
   -- Video highlights https://s.apache.org/Apache2020Digits-vid

 - ASF Security Report 2020 – the annual state of security across all Apache 
projects https://s.apache.org/SecurityReport2020

 - The Apache Way to Sustainable Open Source Success  – Apache is for Everyone. 
Every developer has their personal motivations for building software. We 
celebrate their right to choose when and how they build their software, 
including their right to use a non-open license. https://s.apache.org/GhnI

 - ApacheCon™ – the ASF's official global conference series, bringing 
Tomorrow's Technology Today since 1998.
   -- Videos of all ApacheCon@Home sessions, including Plenaries and Keynotes, 
are available https://www.youtube.com/c/TheApacheFoundation/

 - Apache Software Foundation Operations Summary: Q2 FY2021 (August - October 
2020) https://s.apache.org/Q2FY2021

 - "Inside Infra" – the interview series featuring members of the ASF 
Infrastructure team
   -- Meet Chris Lambertus --Part I https://s.apache.org/InsideInfra-ChrisL and 
Part II https://s.apache.org/InsideInfra-ChrisL2

 - Apache Month in Review: December 2020 https://s.apache.org/Dec2020


Important Dates --

  - Next Board Meeting: 17 February 2021. Board calendar and minutes 
http://apache.org/foundation/board/calendar.html


Infrastructure --

Our seven-member Infrastructure team on three continents oversees our 
highly-reliable, distributed network under the leadership of VP Infrastructure 
David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure 
supports 300+ Apache projects and their communities across ~200 individual 
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per 
month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly 
checks to ensure services are available around the clock. The average uptime in 
January was 99.96%. http://www.apache.org/uptime/

Committer Activity --
In January, 726 Apache Committers changed 11,011,714 lines of code over 14,708 
commits. The Committers with the top 5 highest contributions, in order, were: 
Rohit Yadav, Jean-Baptiste Onofré, Andrea Cosentino, Gary Gregory, and Mark 
Thomas.


Project Releases and Updates --

New releases from Apache Accumulo (Big Data); Arrow (Big Data); Beam (Big 
Data); Camel (Integration); CloudStack (Cloud Computing); Commons Daemon 
(Libraries); Flink (Big Data);  Guacamole (Network Client); Hadoop (Big Data); 
Ignite (Big Data); IoTDB (IoT); Jackrabbit (Content); JMeter (Testing); Nutch 
(Web Crawler); OFBiz (Enterprise Processes Automation / ERP); Oak (Content); 
Rya (Big Data); Qpid Broker (Messaging); ShardingSphere (Big Data); Skywalking 
(Application Performance Management); Tika (Big Data); Tomcat (Servers); 
Traffic Server (Servers).
Upcoming Apache Project community events include ESUP Days & Apereo Paris (2 
February); Airflow Virtual Meetup (12 February); Joint ASF–OCG–OSGeo Code 
Sprint (17-19 February); and Big Data Technology Warsaw Summit (23 February).

The Apache Incubator is the primary entry path for projects wishing to become 
an official part of the ASF. New to the Apache Incubator in January: ECharts 
(Library) and Superset (Big Data). We invite you to review the many projects 
currently in development in the Apache Incubator http://incubator.apache.org/ .

# # #

To see our Weekly News Round-ups (published every Friday), visit 
https://blogs.apache.org/foundation/ and click on the calendar or hop directly 
to https://blogs.apache.org/foundation/category/Newsletter . For real-time 
updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your 
support!

= = =

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


The Apache Software Foundation Announces Apache® ECharts™ as a Top-Level Project

2021-01-26 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/txmmr ]

Adaptable, interactive, responsive Open Source charting and data visualization 
software in use at Alibaba, Amazon, Baidu, GitLab, Intel, and Tencent, among 
others.

Wilmington, DE —26 January 2021— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® ECharts™ as a Top-Level 
Project (TLP).

Apache ECharts is an intuitive, interactive, and powerful charting and 
visualization library ideally suited for commercial-grade presentations. The 
project originated in 2013 at Baidu and entered the Apache Incubator in January 
2018.

"Our decision to incubate ECharts at The Apache Software Foundation was a wise 
one," said Ovilia Zhang, Vice President of Apache ECharts. "Through the Apache 
Way, our community is healthier and more diverse, which has improved ECharts to 
become a more attractive, competitive choice for visualization professionals 
and enthusiasts."

Written in JavaScript and based on the ZRender rendering engine supporting both 
Canvas and SVG, Apache ECharts provides an array of dynamic, 
highly-customizable chart types that include line, column, scatter, pie, radar, 
candlestick, gauge, funnel, heatmap, and more. Features include:

 - Customized and amalgamated chart styles with more than 20 chart types
 - Multi-dimensional data analysis and coding
 - Interactive components available out-of-the-box
 - Cross-device responsiveness
 - Optimized dynamic scaling
 - Server side rendering
 - Immediate UI response on millions of streaming data through progressive 
rendering
 - Extensions for:
   --3-D visualization and other rich special effects
   --Python, R, Julia, and other languages
   --Platforms that include Wechat App and Baidu Smart Program

Examples of ECharts' many data visualization options are available at 
https://echarts.apache.org/examples/ 

The project has recently released ECharts 5, which provides rendering ability 
for tens of millions of data points, and supports accessibility requirements in 
compliance with W3C’s Web Accessibility Initiative Accessible Rich Internet 
Applications Suite (WAI-ARIA) standards.

Building on EChart’s core features, ECharts 5 makes it even easier for 
developers to tell the story behind the data through 15 new features and 
improvements in story-telling and data expression, optimized visualization and 
responsive design, interaction and performance enhancement, developer 
experience, internationalization, and more.

Apache ECharts is in use at Alibaba, Amazon, Baidu, GitLab, Intel, and Tencent, 
among others, as well as solutions such as Apache Superset data visualization 
software. The project continues to grow in popularity, with more than 44,000 
stars on GitHub and 250,000 weekly downloads on npm to date. 

"The world we live in today is powered by software and data," said Erica 
Brescia, COO of GitHub. "With Apache ECharts, developers around the world have 
access to a powerful, free and open source library for data visualization. It 
is great to see the project flourishing on GitHub. Congrats to the Apache 
ECharts on their graduation to a top level project at the Apache Software 
Foundation."

"Apache ECharts helps visualization experts and data analysts easily create a 
wide variety of visualizations that are very helpful for us to analyze and 
explore the story behind the data," said visualization academia pioneer 
Professor Wei Chen of Zhejiang University.

"We are glad to witness ECharts’ pleasant process in the Apache Incubator," 
said Ming Zu, Senior Manager at Baidu. "Our community grew with individuals 
from many countries and organizations, who contributed to bug fixing, issue 
resolving, and new feature implementation."

"When the Apache Superset community looked into visualization libraries to 
rebuild the core visualization plugins, ECharts stood out as the absolute best 
fit," said Maxime Beauchemin, original creator of both Apache Airflow and 
Superset, and serves as Vice President of Apache Superset. "It has an 
unparalleled variety of visualizations, a rich and composable visual grammar, 
an intuitive and well designed API, a flexible and performant rendering engine, 
a very lean tree of dependencies, and the important set of guarantees that the 
ASF provides when committing long term to using an Open Source project."

"It was a pleasure guiding the ECharts community through the Apache Incubator," 
said Dave Fisher, ASF Member and Apache ECharts Incubating Mentor. "They have 
embraced the Apache Way of community-led development, encouraging those 
interested in helping improve ECharts to contribute and become part of its 
growing community.”

"This is an exciting time for the ECharts community," added Zhang. "We are 
enjoying continued growth, and invite those interested in contributing to the 
project to join us on our developer and user 

Apache Software Foundation Security Report: 2020

2021-01-25 Thread Sally Khudairi
[this report is available online at https://s.apache.org/SecurityReport2020 ]

Synopsis: This report explores the state of security across all Apache Software 
Foundation projects for the calendar year 2020. We review key metrics, specific 
vulnerabilities, and the most common ways users of ASF projects were affected 
by security issues.

Released: January 2021

Author: Mark Cox, Vice President Security, Apache Software Foundation

Background
The security committee of the Apache Software Foundation (ASF) oversees and 
coordinates the handling of vulnerabilities across all of the 340+ Apache 
projects.  Established in 2002 and composed of all volunteers, we have a 
consistent process  https://s.apache.org/cveprocess for how issues are handled, 
and this process includes how our projects must disclose security issues.

Anyone finding security issues in any Apache project can report them to 
secur...@apache.org where they are recorded and passed on to the relevant 
dedicated security teams https://apache.org/security/projects.html or private 
project management committees (PMC) to handle.  The security committee monitors 
all the issues reported across all the addresses and keeps track of the issues 
throughout the vulnerability lifecycle.

The security committee is responsible for ensuring that issues are dealt with 
properly and will actively remind projects of their outstanding issues and 
responsibilities.  As a board committee, we have the ability to take action 
including blocking their future releases or, worst case, archiving a project if 
such projects are unresponsive to handling their security issues.  This, along 
with the Apache Software License, are key parts of the ASF’s general oversight 
function around official releases, allowing the ASF to protect individual 
developers and giving users confidence to deploy and rely on ASF software.

The oversight into all security reports, along with tools we have developed, 
gives us the ability to easily create metrics on the issues.  Our last report 
covered the metrics for 2019 https://s.apache.org/security2019 .

Statistics for 2020
In 2020 our security email addresses received in total 18,000 emails. After 
spam filtering and thread grouping this was 946 (2019: 620) non-spam threads.  
Unfortunately many security reports do look like spam and so the security team 
are careful to review all messages to ensure real reports are not missed for 
too long.

[see image online at https://s.apache.org/SecurityReport2020 ]

Diagram 1: Breakdown of ASF security email threads for calendar year 2020

Diagram 1 gives the breakdown of those 946 threads.  257 threads (27%) were 
people confused by the Apache License.  As many projects use the Apache 
License, not just those under the ASF umbrella, people can get confused when 
they see the Apache License and they don't understand what it is.  This is most 
common for example on mobile phones where the licenses are displayed in the 
settings menu, usually due to the inclusion of software by Google released 
under the Apache License.  We no longer reply to these emails. This is nearly 
double the number we saw in 2019.

The next 220 of the 946 (23%) are email threads with people asking non-security 
(usually support-type) questions.

The next 93 of those reports were researchers reporting issues in an Apache web 
site.  These are almost always false negatives; where a researcher reports us 
having directory listings enabled, source code visible, or the lack of various 
domain headers.  These reports are generally the unfiltered output of some 
publicly available scanning tool, and often where the reporter asks us for some 
sort of monetary reward (bounty) for their report.

That left 376 (2019: 320) reports of new vulnerabilities in 2020, which spanned 
across 101 of the top level projects.  These 376 reports are a mix of both 
external reporters and internal; for example where a project has found an issue 
themselves and followed the ASF process to assign it a CVE name and address it 
we’d still count it here.  We don’t keep metrics that would give the breakdown 
of internal vs external reports.

The next step is that the appropriate project triages the report to see if it's 
really an issue or not.  Invalid reports and reports of things that are not 
actually vulnerabilities get rejected back to the reporter.  Of the remaining 
issues that are accepted they are assigned appropriate CVE names and eventually 
fixes are released.

As of January 1st 2021, 35 of those 376 reports were still under triage (i.e. 
the project had not yet determined if the report is accepted or rejected).  

The remaining closed 341 (2019: 301) reports led to us assigning 151 (2019: 
122) CVE names.  Some vulnerability reports may include multiple issues, some 
reports are across multiple projects, and some reports are duplicates where the 
same issue is found by different reporters, so there isn't an exact one-to-one 
mapping of accepted 

The Apache Way to Sustainable Open Source Success

2021-01-24 Thread Sally Khudairi
[this post is available at https://s.apache.org/GhnI ]

(originally published 19 March 2019)

As Open Source software continues to grow in importance, it seems appropriate 
to reflect upon the ongoing success of The Apache Software Foundation (ASF) as 
it approaches its 20th anniversary. The Apache Way of community-driven 
development continues to gain momentum despite the compounding challenges of 
building software in the greater Open Source ecosystem.

This approach, The Apache Way, was defined over 24 years ago by the original 
Apache Group, prior to the establishment of the Foundation. It has led to our 
success as a foundation and we believe it has been fundamental to the triumph 
of Open Source as a whole.

While The Apache Way has been refined over the years, it remains true to the 
original goals of transparent, community-driven collaboration in a 
vendor-neutral environment that is accessible to all.
The Apache Way defines Open Source in terms of both a legal and a social 
framework for collaboration. It helps others understand what makes Open Source 
powerful and how participants are expected to behave. In this post we will 
examine The Apache Way in the context of the Foundation's mission:

"The mission of the Apache Software Foundation (ASF) is to provide software for 
the public good. We do this by providing services and support for many 
like-minded software project communities consisting of individuals who choose 
to participate in ASF activities." 

Let's dissect this mission statement. 

"Provide Software for the Public Good"

Key points in this section: 

 - We produce software that is non-excludable and non-rivalrous

 - Use of the software in any context does not reduce its availability to others

 - Users and contributors have no committed responsibility to the foundation, 
our projects or our communities

 - Use of a license that conforms to the Open Source Definition is necessary 
but not sufficient to deliver on our mission 

Investopedia defines a public good as "a product that one individual can 
consume without reducing its availability to another individual, and from which 
no one is excluded." On the surface, this is a good definition for our use of 
the term. However, there is a nuance in our use. Our mission is not to produce 
"public goods" but to "provide software for the public good". 

To understand why this is important, one needs to think about what motivates 
the ASF to produce software that is a public good.

Open Source software can be digitally copied and reused in an unlimited number 
of ways. Every user can modify it for their specific needs. They can combine it 
with other software. They can design innovative new products and services using 
it and can make a living from the proceeds. This is all possible without 
impacting other people's use of the software. As such, the ASF produces 
software that can be used for the public good in many different ways.

To allow us to deliver on this part of the mission, it is critical that we 
adopt a license that uses the law to protect the software curated here at the 
Foundation. For us that license is the Apache License, Version 2. In addition, 
we adopt an inbound licensing policy that defines which licenses are allowable 
on software reused within Apache projects. This policy can be summarized as: 

The license must meet the Open Source Definition (OSD).

The license, as applied in practice, must not impose significant restrictions 
beyond those imposed by the Apache License 2.0.

This means that you can be assured that software curated by projects within The 
Apache Software Foundation is both a public good and for the public good. You 
can use Apache software for any purpose and you have no responsibility to the 
Foundation or the project to contribute back (though as addressed in the next 
section, it is often in your interests to do so). 

It is important to recognize that there are software projects out there that 
adopt our license but do not adopt our inbound licensing policy. Such projects 
may bring restrictions that are not covered by our license; therefore, it is 
important to carefully examine the licensing policies of these projects. Using 
the Apache License alone may not provide you with the same options a Foundation 
project provides. 

Apache projects are successful, in large part, because of our diligence with 
respect to clearly-defined licensing policies. Such diligence makes it much 
easier for downstream users to understand what they can and cannot do with 
Apache software. The Apache License is deliberately permissive to ensure that 
everyone has an opportunity to participate in Open Source within the ASF or 
elsewhere. Modifications of our license are allowed, but modified licenses are 
neither the Apache License nor affiliated with or endorsed by The Apache 
Software Foundation. No modified license can be represented as such. Modified 
licenses that use the Apache name are strictly disallowed, 

Inside Infra: Chris Lambertus --Part II

2021-01-24 Thread Sally Khudairi
[this interview is available online at https://s.apache.org/InsideInfra-ChrisL2 
]

Part II of the of the "Inside Infra" interview with Chris Lambertus, the last 
of the series of interviews with members of the ASF Infrastructure team, who 
share their experiences with Sally Khudairi, ASF VP Marketing & Publicity. 
[catch up on Part I of the interview https://s.apache.org/InsideInfra-ChrisL ]

- - -
"...you want to limit your exposure... You have to keep that in mind as you 
move through the day to make sure that you are minimizing your risk and 
minimizing your security threat vectors."
- - -

 - So, in the scope of the team, I understand that you're a more "senior" 
developer. Not that you know better; it's not an issue of better or worse, but 
you're more seasoned. How does ASF compare to other groups that you've worked 
with? Are there special technical requirements or special security issues you 
have to be concerned with? Especially as we mentioned before, it seems like 
there's an unlimited number of project development environments. Are there 
certain things that you have to consider or accommodate or do that's so 
different with ASF that you've never experienced before? Can you give a little 
bit of a frame of reference for folks unfamiliar with how it is within the ASF?

First of all, I'm not a developer. I am terrible at programming. Absolutely, 
I'm awful at it. I don't consider myself a developer in any way, shape, or 
form. I am a system administrator, 100%.

 - ...Administrator. Okay, so, you're a more "senior" sysadmin then.

I hesitate to use the word senior, because it has some implications in the 
industry that I don't necessarily feel are appropriate for the ASF. I believe 
that I have been doing it longer than most other people on the team just as a 
career. I'm guessing that's probably what you mean by that.

 - Right. That's why I used the word "seasoned" also. It's hard because some 
people go, "Are you saying I'm old, or are you saying hierarchical, that I'm 
above others?" It's a hard way of describing it, because some folks have been 
programming or dealing with computers since there were kids, others later in 
life, but you guys are all moving in the same direction. So, how does one 
describe it?

Yeah, I think seasoned is a good word. Just like I said, I've been working in 
the industry as a system administrator since 1992, pretty much continuously 
with some brief changes in the 2000s. It's not here nor there. So, it's not 
hierarchical. Everybody is equivalent in terms of the Infra team. Nobody's 
above anybody else or below anybody else, right?

 - ...I was wondering how is the ASF different from other groups you've worked 
with.

All right. It's actually not all that different. There are a couple of things 
that make it unique. Well, a number of things that make it unique. One is that 
it's completely remote and completely geographically dispersed. Two is that the 
participants on the team are all from very different backgrounds and cultures 
and countries, which is fairly unusual for a system admin team, a small system 
admin team, I would say. But beyond that, it actually shares quite a lot of 
things that I typically see in system administration teams. There's a central 
job board, if you will, like the Jira stuff. There's a communications channel. 
We have Slack.

There's a nominal leader in Greg, that directs the general movement of the 
barge. Yeah, by and large, it's pretty similar with most environments that I've 
worked in. I mean, some are much different. Some are very corporate, some are 
very open. Yeah, now I remember one of your previous questions --one of the 
biggest challenges that I found is the openness.

The ASF for quite some time has been incredibly public with its configurations, 
with its systems, with its documentation. These types of things are very 
unusual in the corporate world or in commercial IT. Typically, you would never 
make that stuff public. The fact that it is and has been at the ASF, that's 
been a challenge for me. It's an unusual way to maintain systems. It's got some 
downsides. Having that stuff available can be concerning at times.

 - ...How so? Help me understand this, because I've been with the ASF forever. 
What you're mentioning right now reminds me of about 10 years ago, something 
failed in Infrastructure. I can't remember what it was, but it was a big thing. 
People were talking about it. It was even in the press at the time. It wasn't 
catastrophic, but it was big. We actually wrote a blog post about it and we 
presented about it at ApacheCon. From a marketing perspective and a media 
perspective, I was uncomfortable, because from a corporate perspective, you 
don't do that. The fact that we not only encouraged it but published it and 
educated everyone about it, admitted it, ate it all, we took responsibility, 
100%: "Here's what failed. Here's w

The Apache Software Foundation Announces Apache® Superset™ as a Top-Level Project

2021-01-21 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/scefo ]

Open Source enterprise-grade Big Data visualization and business intelligence 
Web application in use at Airbnb, American Express, Dropbox, Lyft, Netflix, 
Nielsen, Rakuten Viki, Twitter, and Udemy, among others.

Wilmington, DE —21 January 2021— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® Superset™ as a Top-Level 
Project (TLP).

Apache Superset is a modern, Open Source data exploration and visualization 
platform that  enables users to easily and quickly build and explore dashboards 
using its simple no-code visualization builder and state-of-the-art SQL editor. 
The project originated at Airbnb in 2015 and entered into the Apache Incubator 
program in May 2017.

"It's been amazing to be an active part of growing a welcoming, diverse and 
engaged community over the past five years while following the ASF principles 
around inclusion, openness and collaboration," said Maxime Beauchemin, Vice 
President of Apache Superset. "At the scale and level of diversity that the 
Superset project has achieved, it's critical to have a solid governance model 
in place like the one prescribed by the ASF."

Apache Superset v1.0
Superset helps streamline the analytics process by providing an intuitive 
interface to rapidly explore and visualize datasets, create interactive 
dashboards, and model real-time business intelligence insights at scale. The 
platform integrates with most SQL speaking data sources, including modern 
cloud-native databases, data warehouses, and engines at petabyte scale. 

The Project also celebrates a major milestone with the release of Apache 
Superset 1.0. Features include: 

 - Rich library of visualizations with support for integrating custom 
visualizations
 - Thin caching layer to optimize performance of charts and dashboards 
 - Code-free visualization builder
 - State-of-the-art SQL editor and metadata workflow
 - Extensible enterprise authentication and security model 
 - Easy-to-use, lightweight semantic layer
 - Notification alerts and scheduled reports

"Apache Superset 1.0 is a solid, mature, self-standing solution that fully 
solves business intelligence and data visualization needs for modern data 
teams," added Beauchemin. "Superset not only covers the table stakes, but also 
offers guarantees, features and a fresh approach that existing BI solutions 
can't match."

Apache Superset is in use at Airbnb, American Express, Dropbox, Lyft, Netflix, 
Nielsen, Rakuten Viki, Twitter, and Udemy, among others. A list of known users 
is available at https://github.com/apache/superset/blob/master/INTHEWILD.md .

"Apache Superset helps Airbnb democratize data insights and make data-informed 
decisions," said Jeff Feng, Product Lead at Airbnb and member of the Apache 
Superset Project Management Committee. "Superset uniquely connects SQL analysis 
with data exploration for thousands of employees each week. It also serves as a 
flexible and reliable platform for visualizing metrics, helping executives and 
knowledge workers see and understand data."

"We had an amazing journey with Superset at Dropbox," said Chloe Wang, Senior 
Product Manager, Data Insights Platform at Dropbox. "Superset got introduced in 
2019 and soon became the most widely adopted query engine within the analytical 
organization. As a result, our analysts are able to make timely and high 
confidence product decisions."

"Before Superset, we were paying for a patchwork of proprietary tools and we 
kept running into limitations when it came to customizing charts and 
dashboards," said Amit Miran, Software Team Lead for Media Application 
Framework group at Nielsen. "Once the Superset project supported adding of 
custom visualizations, that was the turning point for us at Nielsen to start 
adopting Superset in large projects. We’re very excited about native dashboard 
filters and future support for cross filtering, which will make our viz plugins 
even more powerful. The excitement for the project drove me to become involved 
in my first open source project."

"Apache Superset is an amazing project that enables engineers to easily execute 
data analysis," said Grace Guo, member of the Apache Superset Project 
Management Committee. "I have been a Superset user and a Superset builder for a 
few years. I run queries in SQL Lab, visualize data using one of the many 
supported chart types, and build dashboards, specifically focusing on 
performance and product adoption metrics. As an engineer, I appreciate the 
ability to contribute to the product. If I see some area to improve, or need a 
feature which doesn’t exist, I am happy to create a PR to fix it for myself and 
benefit other users."

"Apache Superset’s strength lies in its community," added Beauchemin. "We 
invite those interested in data visualization to join our mailing 

The Apache CloudStack Project Releases Apache® CloudStack® v4.15

2021-01-19 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/vi0v8 ]

Mature Open Source Enterprise Cloud platform powers billions of dollars in 
transactions for the world's largest Cloud providers, Fortune 5 multinationals, 
educational institutions, and more.

Wilmington, DE —19 January 2021— The Apache CloudStack Project announced today 
v4.15 of Apache® CloudStack®, the mature, turnkey Open Source enterprise Cloud 
orchestration platform.

Apache CloudStack is the proven, highly scalable IaaS platform of choice to 
rapidly and easily create private, public, and hybrid Cloud environments: it 
"just works".

Apache CloudStack powers mission-critical clouds for the world’s largest users 
and service providers, including Alcatel-Lucent, Apple, Autodesk, Bell Canada, 
BT, China Telecom, Dell, Disney, Fujitsu, Huawei, INRIA, Juniper Networks, 
Korea Telecom, Leaseweb, Melbourne University, Nokia, NTT, Orange, SAP, 
Schuberg Philis, Taiwan Mobile, Tata, TrendMicro, Verizon, WebMD, and countless 
others.

"We are pleased to announce our latest release, making CloudStack even easier 
to deploy full-featured public and private clouds," said Sven Vogel, Vice 
President of Apache CloudStack. "Apache CloudStack continues to grow from 
strength to strength, with upgraded software and powerful deployments, backed 
by a robust community."

Apache CloudStack v4.15
Apache CloudStack includes the entire "stack" of features in an IaaS cloud: 
compute orchestration, Network-as-a-Service, user and account management, full 
and open native API, resource accounting, and a first-class user interface. The 
new 4.15 release ships with more than 200 new features, improvements, and bug 
fixes that include:

 - A new, modern user interface at general availability
 - vSphere advanced storage capabilities to support VMware storage policies, 
vSAN, VMFS6, vVols and datastore clusters
 - VMware "deploy-as-is" templates with OVF properties support for deploying 
virtual appliances in CloudStack clouds
 - Secondary storage management tools
 - Roles based users in projects
 - Dynamic roles enhancements for more granular RBAC
 - Support for CentOS 8, Ubuntu 20.04, XCP-ng 8.1, and MySQL 8
 - noVNC console for performance improvements to VM console access
 - Redfish support for out of band management
 - Unmanaging guest VMs
 - PVLAN support for L2 networks
 - Boot into hardware setup (VMware)
 - Configure root disk via service offering

The full list of new features is available in the project release notes at 
https://docs.cloudstack.apache.org/en/4.15.0.0/releasenotes/about.html

"At NTT/Itelligence we were eagerly anticipating this latest version of Apache 
CloudStack as many of the features in the release are of importance to our 
Itelligence cloud solution," said Andre Walter, VP, Head of GMS Cloud 
Infrastructure Services at Itelligence Global Managed Services GmbH. "We are 
particularly excited about the vSphere advanced capabilities and full OVF 
properties support. It is important for us to see the Open Source community 
bringing more and more features that allow us to enhance our global cloud 
operations capabilities."

"Apache CloudStack continues to bring innovative features for public cloud 
providers like us,"  said Wido den Hollander, CTO of PCExtreme. "With the 4.15 
release, we are very interested in the Redfish implementation for Out of Band 
Management which helps bring the next generation of server management to our 
data centres. The fact that the CloudStack community is driven by users of the 
software as opposed to vendors with competing interests means that time and 
time again we see these exciting features delivered In Apache CloudStack."

"Apache CloudStack continues to cement itself as the logical choice for 
reliable, open source IaaS orchestration," said Giles Sirett, CEO of ShapeBlue. 
"It is proven, hugely scalable and, most importantly, easy to deploy and 
operate. The 4.15 release brings many features that will allow both public and 
private cloud operators to further innovate on their service offerings. I’d 
like to thank everybody in the Apache CloudStack community for this latest 
release."

The Apache CloudStack community invites those interested to join its mailing 
lists and global events, including CloudStack Collaboration Conference and 
numerous regional user groups. To get started and for ways to contribute, visit 
http://cloudstack.apache.org/contribute.html 

Availability and Oversight
Apache CloudStack software is released under the Apache License v2.0 and is 
overseen by a volunteer, self-selected team of active contributors to the 
project. A Project Management Committee (PMC) guides the Project's day-to-day 
operations, including community development and product releases.

Apache CloudStack Resources

Source code downloads http://cloudstack.apache.org/downloads.html
Documentation http://docs.cloudstack.apache.org/ 
Upgrade instructions 

The Apache News Round-up: week ending 1 January 2020

2021-01-01 Thread Sally Khudairi
[this newsletter is available online at https://s.apache.org/5ag3n ]

Welcome, 2021! We hope that you have had a festive holiday season and are 
excited to kick off the new year. Here's what happened over the past week:

Apache in 2020 - By The Digits – a look at the achievements from the Apache 
Community over the past 12 months.
 - Summary and stats at https://s.apache.org/Apache2020Digits
 - Video highlights https://s.apache.org/Apache2020Digits-vid

The Apache Month in Review – highlights of what we've accomplished over the 
past month.  
- December 2020 https://s.apache.org/Dec2020

ASF Board – management and oversight of the business affairs of the corporation 
in accordance with the Foundation's bylaws.
 - The Apache Software Foundation Operations Summary: Q2 FY2021 (August - 
October 2020) https://s.apache.org/Q2FY2021
 - Next Board Meeting: 20 January 2021. Board calendar and minutes 
https://apache.org/foundation/board/calendar.html
ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's 
Technology Today since 1998.
 - all videos from ApacheCon@Home are available at 
https://www.youtube.com/c/TheApacheFoundation/  

ASF Infrastructure – our distributed team on three continents keeps the ASF's 
infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.95%. Performance checks across 50 
different service components spread over more than 250 machines in data centers 
around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 214 Apache Committers changed 
1,634,010 lines of code over 2,290 commits. Top 5 contributors, in order, are: 
Gary Gregory, Andreas Veithen, Chesnay Schepler, Rene Cordier, and Sylwester 
Lachiewicz.

Apache Project Announcements – the latest updates by category.

Application Performance Monitoring --
 - Apache SkyWalking Python v0.5.0 released https://skywalking.apache.org/

Big Data --
 - Apache ShardingSphere ElasticJob 3.0.0-RC1 released 
http://shardingsphere.apache.org/elasticjob/
 - Apache Accumulo 1.10.1 and 2.0.1 released http://accumulo.apache.org/
 - Apache Accumulo CVE-2020-17533: Improper Handling of Insufficient Permission 
https://s.apache.org/ixwwc

Data Management Platform --
 - Apache Ignite 2.9.1 released http://ignite.apache.org/


Did You Know?

- Did you know that the following Apache projects are celebrating anniversaries 
this month? Many happy returns to Apache Cocoon, James, and Web Services (17 
years); Lucene (15 years); ActiveMQ (13 years); Hadoop (12 years); River (9 
years); Empire-db and Gora (8 years); OpenMeetings (7 years); Samza (5 years); 
Arrow (4 years); and Ranger (3 years)! 
https://projects.apache.org/committees.html?date 

- Did you know that the Top Ten of Fortune's "Future 50" companies 
--ServiceNow, Veeva Systems, Atlassian, Workday, Splunk, Adyen, MercadoLibre, 
DexCom, Square, and Spotify-- are all Powered by Apache? Everyone is welcome to 
use ASF and Apache Project badges to show that your projects are Powered by 
Apache http://apache.org/foundation/press/kit/#poweredby

- Did you know that ASF Targeted Sponsor Manning Publications is offering 
special deals on the latest books on Apache Airflow, Pulsar, Spark, and Thrift, 
among other titles and MEAP (Manning Early Access Program) eBooks? 
https://deals.manning.com/the-latest-apache-innovations/


Apache Community Notices

- Apache Month In Review: November 2020 https://s.apache.org/Nov2020

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport 

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature 
https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" 
https://s.apache.org/ApacheEverywhere 3) "Why Apache" 
https://s.apache.org/ASF-Trillions 4) “Apache Innovation” 
https://s.apache.org/ApacheInnovation 

 - The Apache Software Foundation Statement on the COVID-19 Coronavirus 
Outbreak https://s.apache.org/COVID-19  

 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership 
https://s.apache.org/21stAnniversary

 - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements 
http://www.apache.org/foundation/reports.html

 - "Success at Apache" focuses on the people and processes behind why the ASF 
"just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF 
infrastructure team --meet 
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
  ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III 
https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II 
https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I 

Apache in 2020 - By The Digits

2021-01-01 Thread Sally Khudairi
[this report, including charts and graphics, is available online at 
https://s.apache.org/Apache2020Digits ]

Whilst 2020 has been quite a challenging year world-wide, the all-volunteer 
Apache community has demonstrated commendable strength, resilience, and 
commitment to our tenet of "Community Over Code" — 

 - 238 Apache Projects, sub-projects, incubating podlings, and their 
communities produced nearly 3,500 releases across dozens of categories (API 
Gateways, Application Performance Management, Big Data, Blockchain, Build 
Management Cloud Computing, Content, Cryptography, Customer Profile Platform, 
Databases, eMail, Enterprise Resource Planning, FinTech, Identity Management, 
Integrated Development Environments, Integration, IoT, Libraries, Logging, 
Machine Learning, Messaging, Natural Language Processing, Operating Systems, 
Programming Languages, Remote Desktop Gateway, Search, Security Frameworks, 
Servers, Services Framework, Templating, Testing, Version Control, Web 
Conferencing, Web Crawlers, Web Frameworks, and more).

 - We produced the "Trillions and Trillions Served" documentary that showcases 
how The Apache Way skyrocketed the ASF from overseeing a single project two 
decades ago to 350+ projects that produce $22B+ worth of software today.

 - Apache events moved online, and attracted our most diverse and greatest 
number of participants. ApacheCon@Home drew nearly 5,750 participants from more 
than 150 countries, who enjoyed 300+ sessions across 27 tracks. A staggering 
1.5M+ viewers tuned in to the Apache Roadshow/China over its 2-day online event.

Additional highlights:

Apache Projects —https://projects.apache.org/

 - Total number of projects + sub-projects - 342
 - Top-Level Projects - 199
 - Podlings undergoing development in the Apache Incubator - 41
 - New Top-Level Projects that graduated from the Incubator - 10 


Community/People —http://home.apache.org/

The ASF’s merit-driven "Contributor-Committer-Member" progression is the 
central governing process across the Apache ecosystem. The core Apache Group of 
21 individual Members grew with developers who contributed code, patches, or 
documentation. Some of these contributors were subsequently granted Committer 
status by the Membership, and provided access to: 1) commit code directly to 
Apache repositories; 2) vote on community-related decisions; and 3) propose an 
active user for Committership. Today, ASF Committers contribute not just code 
and documentation, but also an array of initiatives that provide value across 
the greater Apache ecosystem, including Project promotion and community 
development through mentoring, events, and diversity and inclusion programs. 
Those Committers who demonstrate merit in the Foundation's growth, evolution, 
and progress are nominated for ASF Membership by existing members.

The Apache community continues to grow: we welcomed 3,612 contributors in 2020, 
51.87% of whom were newcomers to Apache

 - 905 individuals earned Committer status, totalling 8,022. 
 - 34 individuals were elected as new ASF Members, totalling 813.


Apache Projects/Code —https://projects.apache.org/statistics.html

 - 3,258 Apache Committers changed 117,350,563 lines of code over 247,451 
commits.

Top 5 Committers

 - Andrea Cosentino (6,357 commits; 2,003,123 lines changed)
 - Jean-Baptiste Onofré (3,120 commits; 735,656 lines changed)
 - Claus Ibsen (2,838 commits; 1,919,860 lines changed)
 - Mark Thomas (2,360 commits; 185,548 lines changed)
 - Gary Gregory (2,188 commits; 234,845 lines changed)

Top 5 Apache Project Repositories by Size (Lines of Code)

 - Tuweni (incubating; 7,822,771 --Tuweni is Apache's first project in the 
Blockchain space)
 - Flex (7,007,693)
 - NetBeans (6,582,707)
 - OpenOffice (6,376,683)
 - Hadoop (3,521,559)

Top 5 Apache Project Repositories by Commits

 - Camel
 - Flink
 - Airflow
 - Lucene/Solr
 - Spark

GitHub: Top 5 Most Active Apache Project Sources (clones)

 - Thrift
 - Beam
 - Arrow
 - Geode
 - Cordova

GitHub: Top 5 Most Active Apache Project Sources (visits)

 - Spark
 - Flink
 - Kafka
 - Beam
 - Camel


Mailing Lists —https://lists.apache.org/

"If it didn’t happen on-list, it didn’t happen" 

The ASF’s day-to-day operations, including Apache project and community 
development, takes place on ~1,450 public and ~700 private mailing lists. 

 - In 2020, 18,388 authors sent 2,139,458 emails on 774,364 topics.


Top 5 most active Apache Project user@ mailing lists

 - Flink
 - Lucene-Solr
 - OpenMeetings
 - Ignite
 - Tomcat

Top 5 most active Apache Project dev@ mailing lists

 - Tomcat
 - Flink
 - Royale
 - James
 - Beam


Contributor License Agreements and Software Grants 
—https://www.apache.org/licenses/

Individuals who are granted write access to the Apache repositories must submit 
an Individual Contributor License Agreement (ICLA). Corporations that have 
assigned employees to work on Apache projects as part of an employment 
agreement may sign a Corporate CLA 

Apache Month in Review: December 2020

2021-01-01 Thread Sally Khudairi
[this post is available online at https://s.apache.org/Dec2020 ]

Welcome to the latest monthly overview of events from the Apache community. 
Here's a summary of what happened in December:

Support Apache --

When we founded the ASF 21 years ago, we made a commitment to ensure Apache 
software is freely available to everyone worldwide at 100% no cost. Today the 
ASF provides more than $21B worth of software developed by an all-volunteer 
community. 

 - from Individual and Corporate donations to online shopping, Corporate 
Charitable Giving, Matching Gifts, and Sponsorship, There are many ways to help 
the ASF with a tax-deductible contribution 
https://s.apache.org/2020SupportApache


New this month --

 - ApacheCon™ – the ASF's official global conference series, bringing 
Tomorrow's Technology Today since 1998.
   -- Videos of all ApacheCon@Home sessions, including Plenaries and Keynotes, 
are available https://www.youtube.com/c/TheApacheFoundation/ 

 - Apache Software Foundation Operations Summary: Q2 FY2021 (August - October 
2020) https://s.apache.org/Q2FY2021

 - "Inside Infra" – the interview series featuring members of the ASF 
Infrastructure team
   -- Meet Andrew Wetmore --Part I https://s.apache.org/InsideInfra-Andrew and 
Part II https://s.apache.org/InsideInfra-Andrew2

 - Apache Month in Review: November 2020 https://s.apache.org/Nov2020


Important Dates --

  - Next Board Meeting: 20 January 2021. Board calendar and minutes 
http://apache.org/foundation/board/calendar.html


Infrastructure --

Our seven-member Infrastructure team on three continents oversees our 
highly-reliable, distributed network under the leadership of VP Infrastructure 
David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure 
supports 300+ Apache projects and their communities across ~200 individual 
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per 
month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly 
checks to ensure services are available around the clock. The average uptime in 
December was 99.95%. http://www.apache.org/uptime/

Committer Activity --
In December, 837 Apache Committers changed 11,192,118 lines of code over 18,775 
commits. The Committers with the top 5 highest contributions, in order, were: 
Andrea Cosentino, Xiang Xiao, Hugh Miles, Andi Huber, and Gary Gregory.


Project Releases and Updates --

New releases from Apache Accumulo (Big Data); Airflow (Big Data); APISIX (API); 
Avro (Big Data); Beam (Big Data); Bigtop (Big Data); Camel (Integration); Flink 
(Big Data); Groovy (Programming Languages); HBase (Big Data); HttpComponents 
Core (Servers); IoTDB (IoT); Jackrabbit (Content); JMeter (Testing); JSPWiki 
(Content); Kafka (Big Data); Knox (Big Data); OpenMeetings (Web Conferencing); 
PDFBox (Content); Pulsar (Messaging); Rya (Big Data); ShardingSphere (Big 
Data); SINGA (Machine Learning); Skywalking (Application Performance 
Management); Struts (Web Frameworks); Syncope (Identity Management); Tika (Big 
Data); Tomcat (Servers); Traffic Control (Servers); Traffic Server (Servers); 
Yetus (Library).
The Apache Incubator is the primary entry path for projects wishing to become 
an official part of the ASF. New to the Apache Incubator in December: Wayang 
(Big Data). We invite you to review the many projects currently in development 
in the Apache Incubator http://incubator.apache.org/ .

# # #

To see our Weekly News Round-ups (published every Friday), visit 
https://blogs.apache.org/foundation/ and click on the calendar or hop directly 
to https://blogs.apache.org/foundation/category/Newsletter . For real-time 
updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your 
support!

= = =

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


Final days to Support Apache.

2020-12-24 Thread Sally Khudairi
[this post is available online https://s.apache.org/2020SupportApache ]

When we founded the ASF 21 years ago, we made a commitment to ensure Apache 
software is freely available to everyone worldwide at 100% no cost.

Today the ASF provides more than $21B worth of software developed by an 
all-volunteer community. Your tax-deductible contribution has an immediate 
impact by helping us continue to steward, develop, and incubate Apache projects 
and their communities. 

There are many ways to help the ASF:

 - Individual and Corporate donations --contribute on a one-time, monthly, or 
quarterly basis via credit card, PayPal, or ACH (US banks). 
https://donate.apache.org/

 - Online shopping --start at http://smile.amazon.com, select The Apache 
Software Foundation as the beneficiary organization, and Amazon will contribute 
0.5% of the sale to the ASF.

 - Corporate Charitable Giving --companies such as Bloomberg, IBM, Microsoft, 
Charles Schwab, Vanguard, and others support Apache through an array of 
philanthropic programs and matching gifts. 
http://apache.org/foundation/contributing.html

 - Sponsor the ASF --ASF Sponsors provide essential annual support that helps 
make a lasting impact. http://apache.org/foundation/sponsorship


Just one week remains to make an end-of-year tax-deductible contribution in 
2020. 

Thank you in advance for your generous support!

= = =

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


The Apache Software Foundation Operations Summary: 1 August - 31 October 2020

2020-12-22 Thread Sally Khudairi
D BRONZE: Bintray, Education Networks of America, Google, Hopsie, No-IP, 
PagerDuty, Peregrine Computer Consultants Corporation, Sonic.net, SURFnet, 
Virtru

To sponsor The Apache Software Foundation, visit 
http://apache.org/foundation/sponsorship.html . To make a one-time or monthly 
recurring donation, please visit https://donate.apache.org/ .

= = =

Report prepared by Sally Khudairi, Vice President Marketing & Publicity, with 
contributions by David Nalley, President; Rich Bowen, Vice President 
Conferences; Mark Cox, Vice President Security; Sharan Foga, Vice President 
Community Development; Christian Grobmeier, Vice President Data Privacy; Myrle 
Krantz, Treasurer; Griselda Cuevas, Vice President Diversity & Inclusion, Vice 
President Fundraising; and Mark Thomas, Vice President Brand Management.

For more information, subscribe to the announce@apache.org mailing list 
http://apache.org/foundation/mailinglists.html#foundation-announce and visit 
http://www.apache.org/ , the ASF Blog at http://blogs.apache.org/ , the @TheASF 
on Twitter https://twitter.com/TheASF , and LinkedIn 
https://www.linkedin.com/company/the-apache-software-foundation .

(c) The Apache Software Foundation 2020.

# # #

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


Inside Infra: Andrew Wetmore --Part II

2020-12-14 Thread Sally Khudairi
[this interview is available online at https://s.apache.org/InsideInfra-Andrew2 
]

The "Inside Infra" series continues with members of the ASF Infrastructure 
team. Andrew Wetmore shares his experience in Part II of his interview with 
Sally Khudairi, ASF VP Marketing & Publicity.

= = =

"The nice thing is that the Infrastructure team does so much so well and almost 
making it look easy that any project in Apache that's really got itself 
organized to do its work is going to find success, because there's going to be 
no roadblock or brick wall or power failure that will keep them from it. That 
makes me feel like I'm engaged in a very small way in a very large good thing."

= = =

- Let's talk about your background and your road to the ASF. How did you become 
a technical writer and editor? What sorts of projects were you working on?

Well, let's see. I spent 20 years as an ordained minister and I was working for 
the Episcopal Church in the US and the Anglican Church in Canada. I got to the 
point where I preached my many thousands of sermons and it was time to stop. It 
was about then I moved over into QA and documentation with a company building 
healthcare software in DOS. That tells you how far back we are. One of my first 
great excitements was helping that team through the Y2K tensions. I got myself 
a bit smarter and took courses and had a lot of hands-on experience. I became 
proficient as a tester as well as a documenter. I worked over the next 15 years 
for a number of companies, large corporations, startups, and nonprofits, and 
leading teams or participating in teams, both for documentation and testing, 
but also at one point, I was the director of user experience. It was designing 
the front-end for a big complex project.

I've built applications from end to end, usually using Flex which compiled to 
Flash in the days when we could trust it, when we hadFlash to play with, 
ColdFusion for munging things around and communicating with the database and a 
MySQL database.


 - … That's a blast from the past with ColdFusion.

It's still around. There's a new ColdFusion. It's even brighter and shinier, 
I'm sure. I was just looking at it and thinking, "Gosh, I really should take a 
look at the tutorial and see if I still recognize anything."


 - I'm curious, when you tell people what you do, how would you describe the 
ASF to the uninitiated?

I would say it is a benevolent community home for a whole bunch of highly 
focused teams who are trying to do good stuff. The benevolent community home 
provides the support features that let those teams do their things without 
crashing into each other. 


 - How do you explain what you do?

Do you know the movie Fifth Element?


 - … Yes. That's a cult film in the tech community. I've only seen parts of it 
superficially, I don't know it years after so I might have to watch it again.

You were very young. Your parents probably had to give you permission to go to 
it.


 - No. I'm older than you think.

In that movie, there's a sequence when a bad guy is explaining economics by 
knocking a drinking glass off his table and it breaks and there's a mess. Out 
from the baseboards of the wall come all these little robots, one robot with a 
broom, one robot with a dustpan and one robot with a vacuum cleaner and a 
duster and they go. They run around and they clean up the mess and they 
disappear back in the baseboard. That's me on the Infra team.

I'm the little guy with the dustpan.


 - … I love it. I understand that you are also very active with ApacheCon 
--were you involved in this past ApacheCon that we had in September?

I was. I thought Royale had some things to say that could be said and I looked 
around and nobody seemed to have the time or have paid attention to the fact 
that there should be a Royale track. I said, "Oh, there's going to be a Royale 
track and I guess I'll coordinate it." 


 - … You volunteered to do that, you decided to do it, you just rolled up 
sleeves and dove it?

Well, I said to the team, "If nobody else will do it, I'm going to do it."

I was sure, I was so hoping, that someone else would say, "Oh, no, I'll do 
that," and then I'd be in a support role, but that didn't happen. I also 
engaged with the team that Rich had to put ApacheCon together, but in a very 
minor way. I didn't help as much as I felt I should have helped just from a 
lack of time.


 - … You were on the Planners list; you were involved with that as well?

Yeah, in the regular meetings and so on and testing out things like the --


 - … Hopin platform.

I have my own Hopin account now because I found it quite useful.


 - Was that your first ApacheCon or have you gone to a face-to-face event 
before?

I've never been to an ApacheCon until this one. Obviously I've never been in a 
face-to-face one because there hasn't been one since. In fact, the Infra team 
was going to have one of its annual fa

The Apache Software Foundation Announces Apache® TVM™ as a Top-Level Project

2020-11-30 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/59g4a ]

Open Source End-to-End Deep Learning Hardware Compiler Stack in use at Alibaba 
Cloud, AMD, ARM, AWS, Facebook, Huawei, Intel, Microsoft, NVIDIA, and Xilinx, 
among others.

Wilmington, DE —30 November 2020— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® TVM™ as a Top-Level Project 
(TLP).

The ASF's first  full stack software and hardware co-optimization project, 
Apache TVM is an end-to-end open deep learning compiler stack for CPUs, GPUs, 
and specialized accelerators. TVM enables machine learning developers to 
optimize and run computations efficiently on any hardware backend. The project 
originated in 2017 as a research project at Washington University and entered 
the Apache Incubator in March 2019.

"It is amazing to see how the Apache TVM community members come together and 
collaborate under The Apache Way," said Tianqi Chen, Vice President of Apache 
TVM. "Together, we are building a solution that allows machine learning 
engineers to optimize and run computations efficiently on any hardware backend."

Apache TVM’s extensible full-stack framework enables deep learning applications 
to efficiently deploy across an array of hardware modules, platforms, and 
systems, including mobile phones, wearables, specialized chips, and embedded 
devices. Features include:

High Performance: compilation and minimal runtimes commonly unlock ML workloads 
on existing hardware.

Runs Everywhere: automatically generates and optimizes tensor operators on 
backends, CPUs, GPUs, browsers, microcontrollers, FPGAs, ASICs, and more.

Flexible: deep learning compilation models in Keras, Apache MXNet (incubating), 
PyTorch, Tensorflow, CoreML, and DarkNet, among other libraries. Supports block 
sparsity, quantization, random forests/classical ML, memory planning, MISRA-C 
compatibility, Python prototyping, and more.

Easy to Use: easily build out production stacks using C++, Rust, Java, or 
Python. Deploy deep learning workloads across diverse hardware devices.

Apache TVM is in use at dozens of organizations and institutions that include 
Alibaba Cloud, AMD, ARM, AWS, Carnegie Mellon University, Cornell University, 
Edge Cortix, Facebook, Huawei, Intel, ITRI, Microsoft, NVIDIA, Oasis Labs, 
OctoML, Qualcomm, University of California/Berkeley, UCLA, University of 
Washington, Xilinx, and more.

"ML compilers and runtimes thrive on diversity of models supported and HW 
targets, which is a perfect way to show the power of Open Source communities," 
said Luis Ceze, CEO of OctoML and Professor at the University of Washington. 
"It has been fantastic to see Apache TVM's fast adoption among hardware vendors 
and ML end-users, being well on its way to becoming a de-facto industry 
standard."

"Apache TVM brings unique value to deep learning researchers and developers. It 
closes the gap between model development and the demand to efficiently deploy 
it on various hardware targets," said Yizhi Liu, Senior Software Development 
Engineer at AWS and member of the Apache TVM Project Management Committee. "I'm 
thrilled to see Apache TVM now becomes the Top-Level Project and looking 
forward to further collaboration with the community."

"Congratulations to the Apache TVM community for graduating to be one of the 
Top Level Projects of The Apache Software Foundation," said Henry Saputra, ASF 
Member and Apache TVM Incubating Mentor. "The Apache TVM ecosystem has a 
healthy mix of representation and contribution from the industries and academia 
that provides a good balance of innovations and production readiness for wider 
and faster adoption. As one of the mentors of the podling, I am grateful and 
glad to be part of the journey."

"The key to Apache TVM's success is its open community," added Chen. "We 
welcome everyone interested in the field to join us and shape the future of ML 
compilation together under The Apache Way."

Catch Apache TVM in action at the annual TVM Conference being held 2-4 December 
2020. The online event is free of charge to participate: for more information 
and to register, visit https://tvmconf.org/  

Availability and Oversight
Apache TVM software is released under the Apache License v2.0 and is overseen 
by a self-selected team of active contributors to the project. A Project 
Management Committee (PMC) guides the Project's day-to-day operations, 
including community development and product releases. For downloads, 
documentation, and ways to become involved with Apache TVM, visit 
http://tvm.apache.org/ and https://twitter.com/ApacheTVM 

About the Apache Incubator
The Apache Incubator is the primary entry path for projects and codebases 
wishing to become part of the efforts at The Apache Software Foundation. All 
code donations from external organizations and existing external projects enter 
the ASF 

Inside Infra: Andrew Wetmore --Part I

2020-11-29 Thread Sally Khudairi
[this interview is available online at https://s.apache.org/InsideInfra-Andrew ]

The "Inside Infra" series with members of the ASF Infrastructure team continues 
with Part I of the interview with Andrew Wetmore, who shares his experience 
with Sally Khudairi, ASF VP Marketing & Publicity.

- - -
"...I really had a distant but benevolent appreciation of Apache until I 
started to get more and more involved with Royale and began to understand from 
that angle all the things that the Foundation does to support these little 
projects that could not survive without it. Of course, now that I've become 
part of the Infrastructure team, I'm awestruck by the amount of work that the 
team does to support all these little projects, so they can do their thing."
- - - 

 - What is your name and how is it pronounced?

I'm An-drew Wet-more. The "Wetmore" is like a rainy day, very easy to pronounce.


 - When and how did you get involved with the ASF?

I was a Flex and ColdFusion developer. When Flex came to end-of-support with 
Adobe and they passed it over to Apache, I followed along. I wasn't an active 
committer: I was a participant in the Apache Flex project and contributing in 
my little ways here and there. Then when the Apache Royale project split off 
Apache Flex, I went there, but I was not an active, not a heavily significant 
contributor. That is, I was helping with documentation, a bit of testing, a bit 
of organizing and helping. I was truly surprised when I was invited to become a 
Committer. Then at some point, somebody noted on the Apache Royale list that 
the Apache Software Foundation Infrastructure Team was looking for a 
documentation person. I thought, "Well, that's interesting. Maybe I would be 
able to contribute to that."

I followed that up. I wrote to (ASF Infrastructure Administrator) Greg Stein 
and introduced myself and said, "Oh, I'd be interested if this is something 
that's happening." Then for one reason and another, nothing happened for quite 
a long time. That was fine. He told me nothing was going to happen for a while. 
He was migrating some monstrous mountain of something. Then when that long time 
was up, I pinged him again and said, "I'm still around if that's an interesting 
possibility," and we got talking. He did that wonderful interviewer thing of 
saying, "Well, if you were going to hire someone for this sort of a job, that 
has this heading, what sort of job description would you write?"

He made me write the job description. I thought, "this is cute: I'm happy to 
help. I don't know what person not me is going to get this job, but I'm happy 
to write what I think is a good job description for this thing." Truly, I 
really expected this to go out and a whole bunch of people to apply for it and 
that I would get a participation trophy. I was very pleased when I was invited 
to join the team.


 - … You got the real trophy.

Yes, I did.


 - You got involved when Flex came to Apache, so that goes back to 2011, you've 
been with the Foundation for nine years or so?

I was aware and downloading builds as soon as there were builds to download and 
participating. I was still building my own Flex stuff, but I don't think I was 
really contributing significantly until around maybe 2015. Then I didn't become 
a Committer until 2018.


 - The other things you were doing prior to Infra were limited to Apache Flex 
and then onto Royale?

Yeah, I had a glancing awareness of Apache. Without even thinking about it, of 
course, I was using Apache tools like Apache Tomcat packages, but I really had 
a distant but benevolent appreciation of Apache until I started to get more and 
more involved with Royale and began to understand from that angle all the 
things that the Foundation does to support these little projects that could not 
survive without it. Of course, now that I've become part of the Infrastructure 
team, I'm awestruck by the amount of work that the team does to support all 
these little projects, so they can do their thing.


 - It's interesting with Apache projects because they're mostly ingredient 
brands versus a customer-facing final product. Of course we do have those too, 
but the majority of them power something else. A lot of times people aren't 
aware until they're in it: then they’re like, "Oh, wow, Apache is everywhere."

Well, I keep trying to improve myself and I go and choose a product project at 
random and read its homepage and its "about our product" thing and see how far 
I can get before I've hit five things that I don't understand at all. I don't 
even understand what I would do with the thing that I do understand which is 
not a knock on those projects. It's what you just said, they're not 
end-user-facing. I, as a Flex developer, was a Flex developer. I was using Flex 
and now Royale to build other things, not getting in with the toolkit and 
adjustin

The Apache Weekly News Round-up: week ending 20 November 2020

2020-11-20 Thread Sally Khudairi
[this newsletter is available online at https://s.apache.org/fwsym ]

Happy Friday! Here's what the Apache community has been up to this week:

Inside Infra – the interview series featuring members of the ASF Infrastructure 
team.
 - Gavin McDonald --Part II https://s.apache.org/InsideInfra-Gavin2 

ASF Board – management and oversight of the business affairs of the corporation 
in accordance with the Foundation's bylaws.
 - Next Board Meeting: 16 December 2020. Board calendar and minutes 
https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's 
Technology Today since 1998.
 - ApacheCon@Home sessions now online at 
https://www.youtube.com/c/TheApacheFoundation/  

ASF Infrastructure – our distributed team on three continents keeps the ASF's 
infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.74%. Performance checks across 50 
different service components spread over more than 250 machines in data centers 
around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 310 Apache Committers changed 
806,646 lines of code over 3,127 commits. Top 5 contributors, in order, are: 
Jarek Potiuk, Kaxil Naik, Andrea Cosentino, Mark Miller, and Maruan Sahyoun.


Apache Project Announcements – the latest updates by category.

Application Performance Monitoring --
 - Apache SkyWalking Could on Kubernetes 0.1.0 and SkyWalking Client JS version 
0.2.0 released http://skywalking.apache.org/ 

Big Data --
 - Apache BookKeeper 4.11.1 released http://bookkeeper.apache.org/ 
 - Apache ShardingSphere 5.0.0-alpha released http://shardingsphere.apache.org/ 

Content --
 - Apache Jackrabbit Oak 1.36 released http://jackrabbit.apache.org/ 

Libraries --
 - Apache Log4j 2.14.0 released http://logging.apache.org/
 - Apache CXF CVE-2020-13954 Reflected XSS in the services listing page via the 
styleSheetPath https://s.apache.org/tsb9p

Messaging --
 - Apache Qpid Proton-J 0.33.8 released http://qpid.apache.org/

Servers --
 - Apache Tomcat 8.5.60, 9.0.40, and 10.0.0-M10 available 
http://tomcat.apache.org/

 
Did You Know?

- Did you know that the following Apache projects are celebrating their 
anniversaries this month? Three cheers to Apache Ant (18 years); HttpComponents 
(13 years); Attic, Buildr, CouchDB, and Qpid (12 years); Community Development 
("ComDev", 11 years); OODT and ZooKeeper (10 years); Kafka and Syncope (8 
years); Ambari (7 years); BookKeeper, Drill, and MetaModel (6 years); Brooklyn, 
Groovy, Kylin, and REEF (5 years); Geode (4 years); Guacamole, Impala, and 
Mnemonic (3 years); Griffin (2 years); and Petri (1 year). Many happy returns! 
https://projects.apache.org/committees.html?date 

- Did you know that you can make a tax-deductible individual or corporate 
contribution to the ASF to help us continue to provide more than $20B worth of 
software to the public at 100% no cost? Donate today at 
https://donate.apache.org/ 

- Did you know that Alibaba’s real-time computing platform processed data 
streams totaling 4 billion items per second during Singles Day, the largest 
global online shopping event, using Apache Flink? https://flink.apache.org/ 

- Did you know that more than 300 videos from ApacheCon@Home are now available, 
including keynotes, plenaries, and sessions on Big Data, Clinical Data, 
Community, Content Delivery, Fintech, Incubator, Integration, IoT, Machine 
Learning, Mobile, Observability, Search, Servers, Streaming, and more are now 
available? https://www.youtube.com/c/TheApacheFoundation/ 


Apache Community Notices

- Apache Month In Review: October 2020 https://s.apache.org/Oct2020

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport 

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature 
https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" 
https://s.apache.org/ApacheEverywhere 3) "Why Apache" 
https://s.apache.org/ASF-Trillions 4) “Apache Innovation” 
https://s.apache.org/ApacheInnovation 

 - The Apache Software Foundation Statement on the COVID-19 Coronavirus 
Outbreak https://s.apache.org/COVID-19  

 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership 
https://s.apache.org/21stAnniversary

 - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements 
http://www.apache.org/foundation/reports.html

 - "Success at Apache" focuses on the people and processes behind why the ASF 
"just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF 
infrastructure team --meet 
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
  ...Part II 

Inside Infra: Gavin McDonald --Part II

2020-11-16 Thread Sally Khudairi
[this interview is available online at https://s.apache.org/InsideInfra-Gavin2 ]

The "Inside Infra" series with members of the ASF Infrastructure team continues 
with Part II of the interview with Gavin McDonald, who shares his experience 
with Sally Khudairi, ASF VP Marketing & Publicity.

- - -
"... you don't know you need somebody until somebody like that arrives."
- - -

 - Earlier you mentioned growth: preparing for growth and being able to 
accommodate that growth. What areas are you guys experiencing the biggest 
growth? Is there a specific type of request that's coming in more than others? 
I'm hearing all the time when I'm dealing with our  Targeted Sponsors, for 
example, I'm hearing "We need more CI. We want more services in this area. We 
want more credits." What is it that you guys are feeling, or what are you 
dealing with in terms of big picture? What's the biggest demand, where are 
things coming from?

Yeah, as far as I'm concerned you're spot on with CI.


 - … That's you.

I mean it's not me totally. I have been concentrating on it more as others have 
been concentrating on other things, yes. Jenkins for example, we had this one 
--I call it a mega monolith of a service that had all the project services that 
was on one server, one Jenkins instance. And it was the same instance being 
upgraded for the last 10 years. So it was time to migrate it, so it's been 
migrated to five smaller Jenkins services.

BuildBot is also being upgraded and moved to a bigger server. You've got 
actually Travis is being used to its full capacity.


 - What does that mean, "to its full capacity"?

When Travis came out, projects started using it, and we're now at the stage 
where it's at the full capacity ASF is provided.


 - Oh okay. So if they're giving us 20 whatever, we're at 20.

Right. It's not unlimited. This is why a lot of projects have decided to start 
moving to GitHub actions, which is also not unlimited. So the more that's 
provided, the more is needed. I don't think we'll ever keep up with the pace.


 - Greg says that often. When I talk to him about donations and things like 
that coming from different companies, he just says "more" and "more" and 
"more", so he's not exaggerating, right?

No, no, he's not exaggerating.


 - ... If we offer, they'll take it?

Yeah. There's ways in which projects can use CI in the same way they can use 
other things. And they will use everything that's given to them.


 - … Insatiable need.

Yeah. Not understanding that there's 300 other Projects that could be using 
those same services. But there's a few beginning to realize, and there's talks 
on certain mailing lists that how can we make this more efficient, how can we 
projects help each other in managing the best usage of these services that 
we've got. Because they don't want to have it all. They've just been creating 
whatever they feel is needed for their project. Then sometime later they 
realize, "Oh, I'm using 80% of what everyone's been given."


 - … So it's not malicious, just a lack of awareness. When you guys get a new 
service do you go, "Hi PMCs, we have this thing, there's 20 units available, 
use with your discretion," or does someone say, "Hey, Infra has this now. We're 
going to run and take it all," without realizing they're taking it all. How do 
you introduce new services to the projects? I'm curious because I never see 
that side of the activity.

Sometimes it's via the mailing list, users@infra. Projects can come to us and 
ask questions on that mailing list if it's not appropriate for a Jira ticket. 
People join that mailing list because they're interested in what Infra is up 
to. So we use that mailing list as a heads up for whatever it could be: "Jira 
is getting upgraded this weekend, or there's going to be some downtime on 
this", or it could be things like "okay we've now enabled GitHub actions across 
the board" or whatever. There were some new features added to one of our self 
serve things is asf.yaml, which I know you've spoken to Daniel Gruno about.


 - … You guys actually published a blog post on that. I saw that on Twitter and 
 just added it to today's weekly news roundup.

Right.


 - … I was really surprised to see that. It was exciting. Is that new for you 
to be announcing publicly like that, sharing outside of the ASF's mailing lists?

It is and it isn't. We used to do it all the time years ago. Then as we've 
become bigger, it's paid staff not volunteers, we're busy all the time. Blog 
posts got put out of the picture I guess for a while. So this really new cool 
feature that was provided, the code was provided by a volunteer via a GitHub 
pull request. And we looked at it, Daniel made some comments, the changes came 
backwards and forwards until it was ready to be committed the other day. And 
it's fantastic new features that projec

Inside Infra: Gavin McDonald --Part I

2020-11-02 Thread Sally Khudairi
[this interview is available online at https://s.apache.org/InsideInfra-Gavin ]

The "Inside Infra" series with members of the ASF Infrastructure team continues 
with Gavin McDonald, who shares his experience with Sally Khudairi, ASF VP 
Marketing & Publicity.

- - -
"...The Foundation itself has a responsibility to the Projects to ensure that 
there is solid infrastructure there. So there's got to be a requirement that 
there's people there all the time to maintain this infrastructure. The 
Infrastructure team has become more professional over the years. The Projects 
have become customers, I guess. Volunteers are always welcome; at Infra we 
still have plenty of areas in which volunteers can help out."
- - -

- All right, let's get started. What is your name and how is it pronounced?

Nice and easy one. Gavin McDonald. Just McDonald as in Big Mac and fries 
McDonald's. It's M and C, no Mac.


 - When and how did you get involved with the ASF?

That was back around about 2005. I was looking for something different to do 
than what I was doing. And I came across the Apache Forrest Project. I knew a 
little bit about XML and websites and stuff like that. So I started 
contributing to the Apache Forrest Project. And some months later they made me 
a Committer.


 - So you first got involved with the Forrest project, then at some point you 
became part of infra. How did that evolution happen?

That's me looking around for more things to do. I've always been involved in 
and interested in system administration work. My first real communications with 
the Infra team was whilst working on a Forrest Solaris Zone and needed some 
help with it. Shortly after that I started volunteering there. 

First of all, I saw a huge number of tickets regarding mirrors, you know for 
our software downloads. I'd say it was probably around 150 tickets outstanding 
for mirrors wanting to join.


 - ... What?!

Yeah.


 - ... One Hundred and Fifty...

Something like that; some of them had been outstanding for quite a while. At 
the time there was only one person being paid. There were volunteers obviously 
looking after the machines and stuff like that. Mirrors were sort of lagging 
behind as they were less important. So that was my in. I started off with 
getting karma to add all the mirrors.

There was a certain standard that mirrors have to have, certain configurations. 
So I was going backwards and forwards with the mirror providers and making sure 
they were up to scratch, then adding them into our configuration.

>From then, I introduced BuildBot to Infrastructure. And I think maybe a year 
>after that, this is now talking 2009, a position opened. I think more or less 
>the rest of the Infrastructure volunteers said, "Gavin is doing the job 
>anyway. Let's give it to him."

That was my interview.

Around October, November 2009 I became paid staff.


 - Are you the longest serving member of the current Infra team?

Yes. Last year at ApacheCon I got presented with a 10 year t-shirt. Next time 
there's a physical conference I'll be bringing it along.


 - 10 years thumbs up: that's good! Explain the structure of the Infra team and 
your role in it.

There are six of us, plus Greg (Stein), our Infra Admin, and David (Nalley), VP 
Infra. One of them is a documentation guy, that's Andrew (Wetmore). The rest of 
us all various system administration devops work. We look through tickets, 
what's needed to be done, and obviously we're looking to improve our 
infrastructure uptime and software and updates. So we all do what's needed, 
basically. Everyone has various roles.


 - What's your role?

Well it's a bit of everything, I think. I have been concentrating quite a lot 
on the CI/CD side of things. That was written into my original contract, which 
is now not part of the contract. Basically that means the whole entire time 
I've been here, I've been involved in BuildBot and Jenkins and other CI/CD 
stuff, and I've been doing a lot of that lately as well. Migrating Jenkins over 
to new Cloudbees software, and on a whole load of VMs, mainly in AWS.


 - You mention that CI/CD is a key part of your role. Is that what you're 
specifically responsible for within Infra? Are you "the CI guy"? Are there 
other things you do? Everyone says to me, "Hey we do everything." That sounds 
amazing, but how is that possible? Do you do everything else in addition to the 
CI work?

Yeah pretty much. Yeah. Everyone can do pretty much everything that we touch 
on. Some just choose to do certain things that they're more capable of or more 
used to working with or they like it better. Nobody is told, "You're working on 
this."


 - That's interesting. Fill that part in: if there's six things that need to 
get done, but five of you are actually hands-on sysadmins, so you guys do what 
you like to do or what you prefer to do? No one says, "Okay you go handle that 
mail serve

The Apache Software Foundation Celebrates 20 Years of OpenOffice®

2020-10-14 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/86lex ]

Leading Open Source office application and personal productivity suite under 
development as a community-led Apache® Project for the past 8 years

Wakefield, MA —14 October 2020— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today the twenty-year anniversary of 
OpenOffice®, the last eight of which as an Apache® Top-Level Project.

"It’s inspiring to see so many dedicated people from around the world volunteer 
their time to mentor, contribute code, test issues, moderate mailing lists, 
help on forums, translations, marketing and more to keep making this great 
product better and available for millions of users," said Carl Marcum, Vice 
President of Apache OpenOffice. "OpenOffice is more than just software. It’s a 
great community that I’m glad to be a part of."

With more than 300 million downloads, Apache OpenOffice is used by countless 
individuals, organizations, and institutions around the world who are seeking a 
reliable, robust, and freely-available Open Source office document productivity 
suite. Apache OpenOffice features the following applications for Windows, macOS 
and Linux:

 - "Writer" word processor;
 - "Calc" spreadsheet tool;
 - "Impress" presentation editor;
 - "Draw" vector graphics editor; 
 - "Math" mathematical formula editor; and 
 - "Base" database management program. 

Apache OpenOffice supports more than 120 languages, 41 of which are officially 
maintained and released by the Project. Apache OpenOffice is the productivity 
suite of choice for governments seeking to meet mandates for using ISO/IEC 
standard Open Document Format (ODF) files.

Originally created as "StarOffice" in 1985 by StarDivision, who was acquired by 
Sun Microsystems in 1999. The project was open-sourced under the name 
"OpenOffice.org", and continued development after Oracle Corporation acquired 
Sun Microsystems in 2010. OpenOffice entered the Apache Incubator in 2011 and 
graduated as an Apache Top-level Project in October 2012.

"At Apache OpenOffice we are very excited about 20 years of OpenOffice," said 
Marcus Lange, ASF Member and Apache OpenOffice Committer since the project 
first arrived at the ASF. "Countless users, developers and friends have made it 
possible that we can today celebrate this incredible anniversary. Their 
commitment makes me believe that we will see many more years of this great Open 
Source productivity suite."

"The need and, in fact, the demand, for a permissively licensed Open Source 
office suite, available to the masses and not just the privileged few fortunate 
enough to have the latest hardware and software, has never been greater within 
the last two decades," said Jim Jagielski, ASF co-Founder and Apache OpenOffice 
incubating mentor. "Apache OpenOffice exists to provide essential 
functionality, with as few licensing restrictions as possible, to the world at 
large. It is truly a noble mission, and I am honored to be a small part of it."

"As a long-term user, I joined the project in 2016 to give something back," 
said Matthias Seidel, Committer and member of the Apache OpenOffice Project 
Management Committee. "After a steep learning curve, I am proud to be part of 
the community that provides this great software for the public good and 
benefits millions worldwide."

Apache OpenOffice is available as a free download to all users at 100% no cost, 
charge, or fees of any kind. OpenOffice source code is readily available for 
anyone who wishes to enhance the applications. The Project welcomes 
contributions back to the project, its code, and its community. Those 
interested in participating with Apache OpenOffice can find out more at 
https://openoffice.apache.org/get-involved.html .

Availability and Oversight
As with all Apache projects, OpenOffice software is released under the Apache 
License v2.0 and is overseen by a self-selected team of active contributors to 
the project. A Project Management Committee (PMC) guides the Project's 
day-to-day operations, including community development and product releases. 
For project data, documentation, and more information on Apache OpenOffice, 
visit https://openoffice.apache.org/ and https://twitter.com/ApacheOO .

12 releases have been made under the auspices of the ASF. The project strongly 
recommends that users download OpenOffice only from the official site 
https://www.openoffice.org/download/ to ensure that they receive the original 
software in the correct and most recent version.

About The Apache Software Foundation (ASF)
Established in 1999, The Apache Software Foundation (ASF) is the world’s 
largest Open Source foundation, stewarding 227M+ lines of code and providing 
more than $20B+ worth of software to the public at 100% no cost. The ASF’s 
all-volunteer community grew from 21 original founders overseeing the Apache 
HTTP 

The Apache Software Foundation Operations Summary: 1 May - 31 July 2020

2020-10-12 Thread Sally Khudairi
he.org/FY2019AnnualReport

The Foundation is in excellent fiscal shape with all tax and compliance forms 
filed on time. Latest public filings can be found at 
http://www.apache.org/foundation/records/ . I have advised that officers 
minimize expenses until there is more certainty in global economic outlooks.  
Officers have done so by delaying new investments.  This combined with a 
reduction in travel costs from conferences has made it possible for us to 
significantly reduce costs without reducing our service level to our projects.

In the last quarter we also completed our transition to accounts payable 
approvals via bill.com.  This has vastly improved the accuracy and auditability 
of our vendor payments and reduced the level of expertise required of the 
volunteers and staff who manage vendor payments.

The majority of our cash remains in a CDARS account at Boston Private which 
provides FDIC insurance for the full amount.

[See income and expenses summary at https://s.apache.org/2mefr ]


> Fundraising http://apache.org/foundation/contributing.html

Although we find ourselves in unprecedented times, we are happy to report that 
Fundraising for the foundation continues operating well. We have seen only a 
few changes in sponsorships with a Platinum sponsor renewing at the Gold level, 
a Gold sponsor renewing to the Platinum level, a Silver sponsor renewing at the 
Gold level, and two Silver sponsors unable to renew. Despite the trying times 
of this pandemic, we are again humbled and honored by our Sponsors' continued 
support!

This quarter we finished a long-running effort to normalize all sponsorship 
links on our Thanks page with the rel="sponsored" tag. This is in support of 
popular webmaster best-practices announced last year which we broadcast as our 
go-forward model in November of last year.

Fundraising support for ApacheCon @Home launched this quarter with excellent 
interest. At the close of the quarter, we were pleased to not only see several 
returning sponsors, but several new sponsors for the ApacheCon events.

In addition to the generous support of our corporate sponsors, we were honored 
to have received more than $4,000 USD through individual giving to the 
foundation. Part of this was driven by participation in the #GivingTuesdayNOW 
COVID-focused giving campaign. We were also awarded a distribution from the 
UPLIFT! initiative led by FOSS Responders.

As always, we are immensely thankful to our sponsors, who make it possible for 
our communities to build world-changing software

PLATINUM: Amazon Web Services, Comcast, Facebook, Google, LeaseWeb, Pineapple 
Fund, Verizon Media, Tencent

GOLD: Anonymous, ARM, Bloomberg, Cloudera, Handshake, Huawei, IBM, Indeed, 
Union Investment, Workday

SILVER: Aetna, Alibaba Cloud Computing, Baidu, Budget Direct, Capital One, 
Cerner, Inspur, Red Hat, Target

BRONZE: Airport Rentals, The Blog Starter, Bookmakers, Cash Store, 
Bestecasinobonussen.nl, CarGurus, Casino2k, Cloudsoft, The Economic 
Secretariat, Emerio, Footprints Recruiting, Gundry MD, HostChecka.com, Host 
Advice, HostingAdvice.com, Journal Review, LeoVegas Indian Online Casino, Mutuo 
Kredit AG, Online Holland Casino, ProPrivacy, PureVPN, RX-M, SCAMS.info, Site 
Builder Report, Start a Blog by Ryan Robinson, Talend, The Best VPN, Top10VPN, 
Twitter, Web Hosting Secret Revealed, Xplenty

TARGETED PLATINUM: CloudBees, DLA Piper, JetBrains, Microsoft, OSU Open Source 
Labs, Sonatype, Verizon Media

TARGETED GOLD: Atlassian, The CrytpoFund, Datadog, PhoenixNAP, Quenda

TARGETED SILVER: Amazon Web Services, HotWax Systems, Rackspace

TARGETED BRONZE: Bintray, Education Networks of America, Google, Hopsie, No-IP, 
PagerDuty, Peregrine Computer Consultants Corporation, Sonic.net, SURFnet, 
Virtru

Going into the second quarter of our fiscal year, we remain energized and 
cautiously optimistic that we will weather the current storm.

To sponsor The Apache Software Foundation, visit 
http://apache.org/foundation/sponsorship.html . To make a one-time or monthly 
recurring donation, please visit https://donate.apache.org/

= = =

Report prepared by Sally Khudairi, Vice President Marketing & Publicity, with 
contributions by Rich Bowen, Vice President Conferences; Mark Cox, Vice 
President Security; Sharan Foga, Vice President Community Development; 
Christian Grobmeier, Vice President Data Privacy; Myrle Krantz, Treasurer; 
David Nalley, Vice President Infrastructure; Tom Pappas, Vice President 
Finance; Daniel Ruggeri, Vice President Fundraising; Greg Stein, ASF 
Infrastructure Administrator; and Mark Thomas, Vice President Brand Management.

For more information, subscribe to the announce@apache.org mailing list and 
visit http://www.apache.org/, the ASF Blog at http://blogs.apache.org/, the 
@TheASF on Twitter, and 
https://www.linkedin.com/company/the-apache-software-foundation.

(c) The Apache Software Foundation 2020.

# # #

NOTE: you are receiving this message because you a

Inside Infra: Daniel Gruno --Part II

2020-10-12 Thread Sally Khudairi
[this interview is available online at https://s.apache.org/InsideInfra-Daniel2 
]

The "Inside Infra" series with members of the ASF Infrastructure team continues 
with Part II of the interview with Daniel Gruno, who shares his experience with 
Sally Khudairi, ASF VP Marketing & Publicity.

- - - 
"...it speaks of how tenaciously the Foundation guards its core values, one of 
which really is provenance, because it's the Apache seal of approval, means 
this has been thoroughly vetted. We know where every single piece of code comes 
from. And we know that it works."
- - -

 - What about "user demand" --what does it take for you collectively to decide, 
"OK, we'll support Kubernetes," as you mentioned it earlier, or whatever? Are 
there strategic technologies that you want to work with or plan to support, or 
is it all coming from the projects themselves? How does that process work? 
You're creating projects out of some kind of pain point or some kind of vision. 
So for you, is it a longer-term thing? Do you have an influence on this? What 
drives the growth of services delivered?

It's a mix. It's a mix of, first of all, the Infrastructure team is paid by The 
Apache Software Foundation and it's paid by The Apache Software Foundation to 
help the projects. So what we do must first and foremost be something that 
helps the projects and not something that just helps Infra. 

I mean, of course, we can make tools and have services that will assist us in 
our work, but the ultimate goal must be supporting the projects. First and 
foremost, we listen for projects that come and tell us, "We would really like 
this or we would really like that." Having said that, we do not always say yes. 
We have costs to consider. We have maintainability to consider. So as a general 
rule of thumb we will say, "Okay, project A wants to use service foo. Does 
anyone else want to use service foo right now?"

On occasion, you get, "Nope. No one else wants to use service foo." And then we 
go back to project A and say, "It doesn't seem like this is feasible for us 
economically to maintain if it's just you." But you can also have a situation 
where 10 projects suddenly say, "Yep, we really, really want to use this."

Once you have a trend for something, we are usually not proactive, but reactive 
to these trends. So a project will come and tell us, "We really want you to use 
this." We will go out and see if anyone else wants to use this, and they will 
say, "Yes, please." That's when we'll add that feature or service.

We also have ideas of our own that are, by and large, a result of either 
existing services not doing what they're supposed to, or they're being... Let's 
say you have... For example, there is Google and there are mail archives that 
we had in the olden days. At some point we wondered, "Why don't we combine it 
so you can search for emails in the archive?" That's how lists.apache.org came 
to be. 

So we have both things that projects come and say, "We really want this," and 
we also have this crystal ball where we look at problems we're having with 
existing services, where we look at possible combinations between existing 
services and other existing services or new services that are emerging in the 
Web. Or we just have someone say, "Hey, wouldn't it be wonderful if something 
like this existed?" So it's really a mix of projects asking us and trends 
emerging and just blue skying, "Wouldn't it be cool if...?"


 - Have you guys been in the situation where you found yourselves caught where 
there was this magical trend that everyone wanted, and it just didn't serve the 
Foundation, it failed? Were you guys in that situation where you had to back 
pedal? Or is that not part of your experience?

I would say the most prominent or obvious feature or service would probably be 
GitHub where we started in 2010 with mirrors of our local Subversion and Git 
repositories. They would be mirrored to GitHub. That was actually a bit later, 
but around that time, they started mirroring stuff to get up, but you couldn't 
write to GitHub.

We were adamantly against it. Because provenance, provenance, provenance: that 
is that thing that if you know Apache, you know that provenance is one of our 
key features. We like to be able to say, "Oh this came from that. This came 
from this. This came from that."

We had concerns at Infra that we were not able to have the exact --emphasis on 
exact-- same provenance as we had on our own servers, and we got a lot of 
pushback for that. In the end, we figured that maybe we don't need this kind of 
providence that we had. Because we had very verbose logging going on for our 
own service that we couldn't get from GitHub because GitHub is a third party 
provider. They're not going to fork over sensitive data about their customers

The Apache News Round-up: week ending 2 October 2020

2020-10-02 Thread Sally Khudairi
[this newsletter is available online at https://s.apache.org/yhiw4 ]

Hello, October --we've had a super-busy week, with ApacheCon drawing thousands 
of online participants as well as a slew of activities from the Apache 
community:

ASF Board – management and oversight of the business affairs of the corporation 
in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 October 2020. Board calendar and minutes 
https://apache.org/foundation/board/calendar.html
ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's 
Technology Today since 1998.
 - It's a wrap! ApacheCon@Home recordings will be posted in the coming weeks 
(send email to subscribe-annou...@apachecon.com to receive updates and future 
conference notifications). Thank you to event sponsors Apple, AWS, DataStax, 
IBM, Imply, Instaclustr, MuseDev, OpenLogic/Perforce, Red Hat, RX-M, and 
VMWare. 

ASF Infrastructure – our distributed team on three continents keeps the ASF's 
infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.97%. Performance checks across 50 
different service components spread over more than 250 machines in data centers 
around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 306 Apache Committers changed 
748,827 lines of code over 2,445 commits. Top 5 contributors, in order, are: 
Jean-Baptiste Onofré, Andrea Cosentino, Mark Thomas, Duo Zhang, and Claus Ibsen.

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache HBase 2.3.2 released https://hbase.apache.org/
 - Apache Flink Stateful Functions 2.2.0 released https://flink.apache.org/
 - Apache NiFi 1.12.1 released http://nifi.apache.org/
 - Apache NiFi CVE-2020-9486, CVE-2020-9487, CVE-2020-9491, CVE-2020-13940 
https://s.apache.org/hlh3t 

Build Management --
 - Apache Ant 1.10.9 released https://ant.apache.org/
 - Apache Ant CVE-2020-11979 insecure temporary file vulnerability 
https://s.apache.org/rnaf4

Integration --
 - Apache Camel 3.4.4 released https://camel.apache.org/
Libraries --
 - Apache Commons DBCP 2.8.0 released http://commons.apache.org/dbcp/
 - Apache Commons Pool 2.9.0 released 
https://commons.apache.org/proper/commons-pool/

Messaging --
 - Apache Pulsar Manager 0.2.0 released https://pulsar.apache.org/

Programming Languages --
 - Apache Groovy 3.0.6 released http://groovy.apache.org/
Servers --
 - Apache HttpComponents Client 5.0.2 GA released https://hc.apache.org/

Web Conferencing --
 - Apache OpenMeetings CVE-2020-13951 DoS via public web service 
https://s.apache.org/1ugzb

Web Frameworks --
 - Apache Struts 2.5.25 released https://struts.apache.org/


Did You Know?

- Did you know that dozens of Apache project and community presentations are 
available at the ASF's official YouTube channel? 
https://www.youtube.com/c/TheApacheFoundation

- Did you know that Apache Druid powers real-time analytics for Airbnb, 
Alibaba, British Telecom, Cisco, Didi Chuxing, eBay, Hulu, Lyft, Netflix, and 
many more? http://druid.apache.org/ 

- Did you know that members of the Apache community will be presenting at All 
Things Open, taking place online in a few weeks? Registration is open 
https://2020.allthingsopen.org/
 

Apache Community Notices

- Apache Month In Review: September 2020 https://s.apache.org/Sep2020

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport 

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature 
https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" 
https://s.apache.org/ApacheEverywhere 3) "Why Apache" 
https://s.apache.org/ASF-Trillions 4) “Apache Innovation” 
https://s.apache.org/ApacheInnovation 

 - The Apache Software Foundation Statement on the COVID-19 Coronavirus 
Outbreak https://s.apache.org/COVID-19  

 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership 
https://s.apache.org/21stAnniversary

 - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements 
http://www.apache.org/foundation/reports.html

 - "Success at Apache" focuses on the people and processes behind why the ASF 
"just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF 
infrastructure team --meet Christ Thistlethwaite 
https://s.apache.org/InsideInfra-Chris | Drew Foulks 
https://s.apache.org/InsideInfra-Drew | Greg Stein Part I 
https://s.apache.org/InsideInfra-Greg , Part II 
https://s.apache.org/InsideInfra-Greg2 and Part III 
https://s.apache.org/InsideInfra-Greg3 | Daniel Gruno --Part I 
https://s.apache.org/InsideInfra-Daniel1

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter 
(https://twitter.com/TheASF) and on LinkedIn at 
https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on 

Apache Month in Review: September 2020

2020-10-01 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/Sep2020 ]

Welcome to the latest monthly overview of events from the Apache community. 
Here's a summary of what happened in September:

New this month --

 - ApacheCon™ – the ASF's official global conference series, bringing 
Tomorrow's Technology Today since 1998.
  -- ApacheCon @Home 2020: all 2020 events have been combined and held online 
(free of charge!) 29 September - 1 October 2020 https://apachecon.com/acah2020
   -- The Apache® Software Foundation Welcomes its Global Community Online at 
ApacheCon@Home https://s.apache.org/74zbx 
   -- ApacheCon 2020 features Natural Language Processing for Electronic 
Medical Records in dedicated track on Apache cTAKES https://s.apache.org/x1051

 - "Inside Infra" – a new interview series with members of the ASF 
Infrastructure team
   -- Meet Daniel Gruno --Part I https://s.apache.org/InsideInfra-Daniel1

 - Apache Month in Review: August 2020 https://s.apache.org/Aug2020


Important Dates --

 - Next Board Meeting: 21 October 2020. Board calendar and minutes 
http://apache.org/foundation/board/calendar.html

 - ApacheCon @Home 29 September - 1 October 2020 https://apachecon.com/acah2020


Infrastructure --

Our seven-member Infrastructure team on three continents oversees our 
highly-reliable, distributed network under the leadership of VP Infrastructure 
David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure 
supports 300+ Apache projects and their communities across ~200 individual 
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per 
month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly 
checks to ensure services are available around the clock. The average uptime in 
September was 100%. http://www.apache.org/uptime/

Committer Activity --
In September, 808 Apache Committers changed 10,547,457 lines of code over 
15,444 commits. The Committers with the top 5 highest contributions, in order, 
were: Andrea Cosentino, Mark Miller, Mark Thomas, Claus Ibsen, and 
Jean-Baptiste Onofré.


Project Releases and Updates --

New releases from Apache Accumulo (Big Data); Beam (Big Data); Commons Codec 
(Libraries); Commons Daemon (Libraries); Commons IO (Libraries); CouchDB (Big 
Data); Fineract (FinTech); Flink (Big Data);  Geode (Database); HttpComponents 
Core (Servers); IoTDB (IoT); Jackrabbit (Content); Kudu (Big Data); Kylin (Big 
Data); Libcloud (Cloud Computing); Lucene (Search); MyFaces (Web Frameworks); 
NetBeans (Integrated Development Environment); Oak (Content); OpenMeetings (Web 
Conferencing); OpenJPA (Libraries); OpenWebBeans (Libraries);Proton 
(Messaging); Ranger (Big Data); Qpid Dispatch (Messaging); Qpid Broker 
(Messaging); Solr (Search); Syncope (Identity Management); Tomcat (Servers); 
ZooKeeper (Databases).
The Apache Incubator is the primary entry path for projects we invite you to 
review the many projects currently in development in the Apache Incubator 
http://incubator.apache.org/ . New releases from incubating podlings include: 
Apache MXNet (Incubating; Libraries). Congratulations to Apache IoTDB™, which 
graduated as a Top-Level Project this month https://s.apache.org/3xv3c

# # #

To see our Weekly News Round-ups, visit https://blogs.apache.org/foundation/ 
and click on the calendar in the upper-right side (published every Friday) or 
hop directly to https://blogs.apache.org/foundation/category/Newsletter . For 
real-time updates, sign up for Apache-related news by sending mail to 
announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your 
support!

= = =

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


The Apache Software Foundation Announces Apache® IoTDB™ as a Top-Level Project

2020-09-23 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/3xv3c ]

Open Source Internet of Things-native database integrates with the Apache Big 
Data ecosystem for high-speed data ingestion, massive data storage, and complex 
data analysis in the cloud, in the field, and on the edge.

Wakefield, MA —23 September 2020— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® IoTDB™ as a Top-Level Project 
(TLP).

Apache IoTDB is an Open Source IoT database designed to meet the rigorous data, 
storage, and analytics requirements of large-scale Internet of Things (IoT) and 
Industrial Internet of Things (IIoT) applications. The project was first 
developed as a research project at Tsinghua University and entered the Apache 
Incubator in November 2018.

"The Internet of Things, especially Industrial IoT, has swept the globe with 
unimaginable volumes of data,” said Xiangdong Huang, Vice President of Apache 
IoTDB. "To date, both Relational and Key Value-based database solutions 
struggle to meet the demands of IoT data management. Apache IoTDB is the 
missing link between current IoT data and IoT applications, and is redefining 
how IoT data is managed, both in the cloud and on the edge. We are proud to 
graduate as an Apache Top-Level Project, which is an important milestone in our 
project’s maturity."

Apache IoTDB provides a compact and time series optimized columnar data file, 
which is able to efficiently store and access time series data. The database 
engine is specially optimized for time series-oriented operations, such as 
aggregations query, down-sampling, and time alignment query. Due to its 
lightweight structure, high performance, and deep integration with Apache Big 
Data ecosystem projects (such as Flink, Hadoop, and Spark), Apache IoTDB easily 
meets the requirements of storing massive data sets, ingesting high-speed data, 
and analyzing complex data, both on the edge and the cloud. Features include:

 - High-throughput read and write: supports high-speed write access for 
millions of low-power and intelligently networked devices, and provides 
lightning-quick read access for retrieving data on billions of data points.

 - Efficient directory structure: organizes complex metadata structure from IoT 
devices and large scale time series data, with fuzzy searching strategy for 
complex directory of time series data.

 - Rich query semantics: supports time alignment for time series data across 
devices and sensors, computation in time series field, and abundant aggregation 
functions in time dimension.

 - Flexible deployment: supports running on the edge (e.g., running on a 
Raspberry Pi), as well as forming a cluster in the cloud. It also provides a 
bridge tool between cloud platforms and data synchronization on premise 
machines.

 - Deep integration with Open Source Big Data projects: supports analysis 
ecosystems, including Apache Flink, Hadoop, PLC4X and Spark, as well as other 
Open Source applications.

 - Low hardware cost: reaches a high compression ratio of disk storage.

Apache IoTDB is in use at dozens of organizations that include ArcelorMittal 
AMERICA, BONC Ltd., the China Meteorological  Administration, Datang Xianyi, 
Goldwind, Haier, Lenovo, NAVINFO, pragmatic industries GMBH, Shanghai Metro, 
Tsinghua University, Yangtze Optical Fiber and Cable Company, and more.

"IoTDB has attained Apache Top Level project status at a time of confluence of 
database, IoT and AI technologies in conjunction with a wider adoption of 
Industry 4.0 and automation approaches to further enable remote work and 
increased efficiencies," said Prof. C. Mohan, recently retired IBM Fellow, 
Former Chief Scientist of IBM India, and a member of the US National Academy of 
Engineering. "I am excited since this is the first Chinese University 
originated open-source project to reach this status. While I have been 
associated with the researchers behind IoTDB as a Distinguished Visiting 
Professor of the School of Software at China's prestigious Tsinghua University, 
I have seen this project reach maturity and build up a vibrant OSS community 
around it. It has a bright future ahead of it and I plan to collaborate on it."

"Apache IoTDB is a perfect fit for edge computing," said Dr. Julian Feinauer, 
CEO at pragmatic industries GmbH. "The high compression helps to use the 
(limited) amount of memory we have very efficiently. IoTDB is a perfect fit, 
especially in IIoT use cases, where network and compute capabilities are 
limited on the edge."

"Apache IoTDB was initially launched by a Chinese University and then incubated 
successfully in the Apache Community," said Prof. Hong Mei, an academician of 
the Chinese Academy of Sciences. "Following the Apache Way, it has created a 
healthy and active international open source community. It is a successful 
practice of open source education 

ApacheCon 2020 features Natural Language Processing for Electronic Medical Records in dedicated track on Apache cTAKES

2020-09-21 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/x1051 ]

New track on Apache’s only project focused on biomedical informatics features 
sessions presented by Apache cTAKES community representatives from the 
Barcelona Supercomputing Center, Boston Children’s Hospital’s Computational 
Health Informatics Program (CHIP), Children's Hospital of Philadelphia, Dell 
EMC, Geisinger Health, Loyola University Chicago, and University of California 
San Francisco.

Wakefield, MA —21 September 2020— ApacheCon, the official conference series of 
The Apache Software Foundation (ASF), the world’s largest Open Source 
foundation, announced today its first dedicated track on Apache cTAKES. The 
track will be held on all three days of the ApacheCon@Home virtual conference, 
taking place online 29 September - 1 October 2020. Registration is free of 
charge for all participants and is required in advance to participate.

Now in its 22nd year, ApacheCon is the primary gathering of the collective 
Apache community worldwide, drawing attendees from more than 130 countries. 
ApacheCon showcases the latest breakthroughs from dozens of Apache projects, 
upcoming innovations in the Apache Incubator, and sessions on developing 
community-led Open Source projects "The Apache Way".

Apache cTAKES (clinical Text Analysis Knowledge Extraction System) is the Open 
Source natural language processing (NLP) system for information extraction from 
electronic medical records (EMR) and health-related free-text. cTAKES 
originated in 2006 by a team of physicians, computer scientists, and software 
engineers at Mayo Clinic, was submitted to the Apache Incubator in June 2012, 
led by the Computational Health Informatics Program (CHIP) at Boston Children’s 
Hospital, and graduated as an Apache Top-Level Project in April 2013. cTAKES is 
the only Apache project focused on biomedical informatics software, and, during 
the ASF’s 20th Anniversary celebrations in 2019, was named one of the 20 most 
influential Apache projects.

cTAKES was built using the Apache UIMA (Unstructured Information Management 
Architecture) framework and Apache OpenNLP machine-learning based toolkit. 
cTAKES identifies signals important for the biomedical domain, including types 
of clinical named entities mapped to various biomedical 
terminologies/ontologies such as the Unified Medical Language System (UMLS) 
—drugs, diseases/disorders, signs/symptoms, anatomical sites and procedures 
along with their associated attributes such as negation, uncertainty, and more. 
Apache cTAKES components create rich linguistic and semantic annotations that 
can be utilized by clinical decision support systems and clinical research.

The cTAKES track is organized and presented by members of the Apache cTAKES 
project and its community. The track introduces new users to its standard 
features for biomedical text processing software, including the ability to 
extract concepts such as symptoms, procedures, diagnoses, medications and 
anatomy with attributes and standard codes. Several advanced presentations will 
exemplify its modular engineering and its leading-edge machine learning 
methods. Components implementing these research-driven methods can, for 
instance, identify complex relations between entities (e.g. anatomical site of 
a disease) and relations between temporal elements – resulting in the placement 
of events in a patient timeline. Session presenters include:

 - Peter Abramowitsch, University of California San Francisco
 - Siamak Barzegar, Barcelona Supercomputing Center, Spain
 - Dmitriy Dligach, Loyola University Chicago 
 - Sean Finan, Computational Health Informatics Program (CHIP) at Boston 
Children's Hospital
 - Chen Lin, Computational Health Informatics Program (CHIP) at Boston 
Children’s Hospital
 - Jeff Miller, Children's Hospital of Philadelphia
 - Debdipto Misra, Geisinger Health
 - Gandhirajan N, Dell EMC

Apache cTAKES can impact patient health at many levels, and presentations at 
ApacheCon range from “Automated Adverse Drug Event Surveillance in Pediatric 
Pulmonary Hypertension” to “Extraction of Information on Diagnosis of Stroke” 
in Spanish to “High Throughput Orchestration” on notes involving COVID-19, 
amongst others. Track details can are available at 
https://www.apachecon.com/acah2020/tracks/ctakes.html 

In addition to cTAKES, ApacheCon@Home features an array of presentations on 
Apache projects across categories that include Big Data, Community, Content 
Delivery, Databases, Fintech, Geospatial, Innovation/Incubator, Integration, 
IoT, Machine Learning, Search, Servers, Software Development, Streaming, and 
more. A special track in the Mandarin language, as well as select sessions in 
German, Hindi, and Spanish will be held as well.

ApacheCon keynotes will be delivered by high profile speakers from 
organizations such as DataStax, IBM, Imply, Instaclustr, NASA Jet Propulsion 
Laboratory, Oak Ridge National Labs, Red Hat, Tetrate, Two 

Inside Infra: Daniel Gruno --Part I

2020-09-07 Thread Sally Khudairi
[this post is available online at https://s.apache.org/InsideInfra-Daniel1 ]

The fourth interview in the "Inside Infra" series with members of the ASF 
Infrastructure team. Meet Daniel Gruno, who shares his experience with Sally 
Khudairi, ASF VP Marketing & Publicity.

- - -
"...companies are not the same as ASF. They don't have 300 different 
departments that all have their own little tools that they want working in 
their specific way. And they want this to connect to that, and that's connected 
to some other thing. We are not afraid to create custom solutions, we're not 
afraid to get our hands dirty and we're not afraid to make mistakes."
- - -

 - What is your name and how is it pronounced?

I have my official name and I have my user name and people usually ask about 
both of them. My name is "Dan-yell Gkhroo-no" or I will accept "Dan-yell 
Groo-no" which is as you read it in English. It's actually a Dutch name. So you 
would pronounce it "Hrooy-no" in Dutch, which I'm not even going to try to 
phoneticize that because, that's, well, Dutch. And my username is "Humbedooh" 
which is an onomatopoeia that I randomly made up in 2004 for a game called 
World of Warcraft, where you need a username for this character that you 
create. And I think I had just listened to "New York, New York", where Frank 
Sinatra sings "scooby doo bee doo", and I was like, "hum-be-doo-de-doo" and the 
name just came to me and it stuck ever since. And so for the past 15 years or 
16 years, I've been primarily "Hum-beh-doo" online.

 - By the way, Frank Sinatra sings "zoo-bee-doo-bee-doo", not 
"scooby-doo-bee-doo" in "Strangers in the Night", but I like your version 
better.

Okay. Well today I learned that.

 - When and how did you get involved with the ASF?

That goes back to 2010, 2011? Again, this beautifully tied us into World of 
Warcraft because in that game you can make modules, add ons for the game that 
will do nifty things, like add ons for a Web browser. And this is written in a 
programming language called Lua, L-U-A, which is Portuguese for "moon". And so 
I started writing some programs for this game and I had great fun with it, and 
programing is not my official trade. I was educated in, or studied, human 
resource management at university actually. But it was my hobby and I had great 
fun doing it. And this Lua thing just got stuck in me. And then five years 
later or so I started writing a program for the Apache Web server called 
mod_pLua, the best way to describe it as if PHP and Lua had a baby. So it would 
be the same for people that know PHP. It would be the same structure with the 
less than equal sign and a question mark, and then the same thing to end it on 
the other end, but with the Lua language instead of the PHP language. So I 
wrote this program or interpreter for the Apache Web server. And I didn't 
really think much of it. Obviously it was mostly for my own edification if you 
will, and for my own use. But I had put this on a site called SourceForge, 
which at that time had a community manager named Rich Bowen (also Apache HTTP 
Server PMC Member) who took a liking to this program or this module for the Web 
server because the Apache Web server community, which he was a part of at that 
point, have been doing something similar called mod_lua or at that time 
mod_wombat.

And that had stalled. People have interests and then the interests wane and 
people would move on to new jobs and the person in charge of this mod _lua had 
found other interests in life. And so this module was just sitting there and 
not really being worked on. And Rich said, "Why don't you come take a look at 
this program and maybe this is a place where we can collaborate." And he also 
got (ASF co-founder and Apache HTTP Server PMC Member) Jim Jagielski very 
interested in the work I was doing. And so I slowly started on my path to 
becoming an ASF Committer initially by fixing what's called 404s, which is 
basically a reference in a Webpage to a link or another page that doesn't 
exist. Either it never existed or it doesn't exist anymore. So I started fixing 
a bunch of those just to get on their good side and hopefully they would take 
me seriously. And I didn't have high hopes, but I think I was probably the 
fastest person to get committership at the Apache Web Server Project...perhaps 
the fastest in the 10 years preceding when I got it probably within a week. 
They had a vote going and I was voted in and…

 - Within a week?

Within a week.

 - Unheard of.

I was pretty much on the path to becoming a Committer. I couldn't believe it. 
Part of me wanted to believe it, because it was a very big validation for me. 
Because I had been using the Apache Web Server since 1998 and it always been a 
project that I looked up to and it had been this mythical "Father of 

The Apache News Round-up: week ending 14 August 2020

2020-08-14 Thread Sally Khudairi
[this newsletter is available online at https://s.apache.org/le00k ]

Hooray for Friday! The Apache community has been busy over the past week; let's 
review what happened:

ASF Board – management and oversight of the business affairs of the corporation 
in accordance with the Foundation's bylaws.
 - Next Board Meeting: 19 August 2020. Board calendar and minutes 
https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's 
Technology Today since 1998.
 - Registration is open (and free) for ApacheCon@Home 29 September - 1 October 
https://www.apachecon.com/acna2020/ 
 - Sponsorships available for ApacheCon@Home 
https://www.apachecon.com/acna2020/sponsors.html 

ASF Infrastructure – our distributed team on three continents keeps the ASF's 
infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.76%. Performance checks across 50 
different service components spread over more than 250 machines in data centers 
around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 151 Apache Committers changed 
4,892,020 lines of code over 678 commits. Top 5 contributors, in order, are: 
Sebastian Bazley, Gary Gregory, Nick Vatamaniuc, Liang Zhang, and Kaxil Naik.   
 

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache Kafka 2.5.1 and 2.6.0 released https://kafka.apache.org/
 - Apache ShardingSphere ElasticJob-3.0.0-alpha released 
https://shardingsphere.apache.org/elasticjob/
 - Apache Parquet 1.11.1 released https://parquet.apache.org/
Libraries --
 - Apache Commons Imaging 1.0-alpha2 released 
https://commons.apache.org/imaging/
 - Apache Commons NET 3.7 released https://commons.apache.org/net/
 - Apache Commons Validator 1.7 released https://commons.apache.org/validator/

Servers --
 - Apache HTTP Server 2.4.46 released https://httpd.apache.org/
Web Frameworks --
 - Apache Struts CVE-2019-0230 (Possible RCE) and CVE-2019-0233 (DoS) security 
issues 
https://lists.apache.org/thread.html/r42ff5f78b46f751c48eee1fe4201a49ab48524f33ac8f8975f2029b8%40%3Cannounce.apache.org%3E
 


Did You Know?

 - Did you know that tracks for ApacheCon@Home include Big Data, Community, 
Content Delivery, Fintech, Integration, IoT, Machine Learning, Messaging, 
Mobile, Natural Language Programming, Observability, Programming Languages, 
Search, Servers, Streaming, and Usability, as well as emerging innovations from 
the Apache Incubator? Learn more, including featured projects, at 
https://www.apachecon.com/acah2020/tracks/  

 - Did you know that mobile transportation platform Didi Chuxing uses Apache 
Kylin to return exact distinct count on billions of rows of data with 
sub-second latency to generate the most accurate picture of its business? 
http://kylin.apache.org/ 

 - Did you know that the "Trillions and Trillions Served" documentary on The 
Apache Software Foundation comprised 65 hours of filming over 8 terrabytes of 
footage? https://s.apache.org/Trillions-Feature

Apache Community Notices

- Apache Month In Review: July 2020 https://s.apache.org/July2020 

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport 

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature 
https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" 
https://s.apache.org/ApacheEverywhere 3) "Why Apache" 
https://s.apache.org/ASF-Trillions 4) “Apache Innovation” 
https://s.apache.org/ApacheInnovation 

 - The Apache Software Foundation Statement on the COVID-19 Coronavirus 
Outbreak https://s.apache.org/COVID-19  

 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership 
https://s.apache.org/21stAnniversary

 - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements 
http://www.apache.org/foundation/reports.html

 - "Success at Apache" focuses on the people and processes behind why the ASF 
"just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF 
infrastructure team --meet Christ Thistlethwaite 
https://s.apache.org/InsideInfra-Chris | Drew Foulks 
https://s.apache.org/InsideInfra-Drew | Greg Stein Part I 
https://s.apache.org/InsideInfra-Greg , Part II 
https://s.apache.org/InsideInfra-Greg2 and Part III 
https://s.apache.org/InsideInfra-Greg3

 - Did you know that Beam Summit 2020 will be held 24-28 August online and free 
of charge? https://beamsummit.org/

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter 
(https://twitter.com/TheASF) and on LinkedIn at 
https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page 
https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account 
https://twitter.com/ApacheCommunity

 - Are 

Success at Apache: I Became an Apache Solr Committer in 4,662 Days. Here’s how you can do it faster!

2020-08-03 Thread Sally Khudairi
[this post (with links) is available online at https://s.apache.org/hney3 ]

by Eric Pugh

On April 6th, 2020 I was invited to become a committer on the Apache Solr 
project.  My journey to becoming a committer started in earnest 4662 days 
before that!  On July 2nd, 2007, I opened SOLR-284, a ticket for adding content 
extraction to Solr. 

A committer on an open source project under the Apache Foundation umbrella is 
someone who is trusted to contribute code to the project and to help manage and 
drive its ongoing development. It’s an honour to have been asked and I was very 
proud to accept the invitation!

So, you did the math, and you realized that it took me 153 months, or 13 years 
(rounding up), to become a committer, and you’re wondering “What if I don’t 
want to wait that long?” So here’s my quick cheat sheet on ways to become a 
committer on an open source project, illustrated by my own journey:

1. Start by learning the culture of the project. How are decisions made? What 
tools do people use? What do the various acronyms mean? Join the mailing lists 
and read every commit.

2. Start small and work your way in.  Some great ways to do this are to:

 - Take existing patches and test them.  Update them to the latest code base.  
Document what you’ve learned.

 - Take advantage of being new to a project to bring fresh eyes to the 
documentation.  Every time you find yourself scratching your head on how 
something works, contribute a fix to the docs.   It’s a powerful way to 
immediately contribute.  This is the fastest way to get involved and involves 
the least cognitive load!  See SOLR-2232 or this email thread.

 - Answer questions on the mailing list! Being able to articulate reasonable 
responses to questions demonstrates how much you have learned.

 - Bug fix, bug fix, bug fix! Pick bugs that have an obvious answer so that the 
“correct” solution is easy to figure out. If the right approach to solving it 
is very ambiguous, you probably won’t get much traction. Remember to remind 
committers to apply your fixes when they have the time! See SOLR-13965 and 
SOLR-11480 and SOLR-2611 and SOLR-2263.

3. Ready to start slinging some code?   Don’t go and refactor the core 
foundations of the project (at least not yet).   Instead, be like a pilot fish 
and latch onto one of the core committers who is being very active in the 
project.

Embrace their vision, and start picking up tasks related to whatever major 
chunk of work they are doing. Write some unit tests. See about opportunities 
for refactoring. Do some manual testing over multiple platforms. Once they see 
that you’re contributing (and accelerating what they are pushing), then work to 
get some of your own tickets assigned to you under that vision. I’ve seen this 
lead directly to committership many times, and if I had followed this route, I 
might have joined sooner!

Here’s to the next 4,662 days of being active in the Apache Solr project!

Eric Pugh is a member of the ASF and a committer Apache Solr. He co-authored 
the book Apache Solr Enterprise Search Server. Eric is co-founder and CEO of 
OpenSource Connections, where he helps OSC clients, especially those in the 
ecommerce space, build their own search teams by leading projects and by acting 
as a trusted advisor. He also stewards Quepid, a platform for assessing and 
improving your search relevance.

[this post first appeared at 
https://opensourceconnections.com/blog/2020/07/10/i-became-a-solr-committer-in-4662-days-heres-how-you-can-do-it-faster/
 ]

= = =

"Success at Apache" is a monthly blog series that focuses on the processes 
behind why the ASF "just works" 
https://blogs.apache.org/foundation/category/SuccessAtApache 

= = =

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


The Apache® Software Foundation Announces Annual Report for 2020 Fiscal Year

2020-07-29 Thread Sally Khudairi
[this announcement is available online at 
https://s.apache.org/FY2020AnnualReport-PR ]

World's largest Open Source foundation provides 227M+ lines of code, valued at 
more than $20B, to the public-at-large at 100% no cost.

Wakefield, MA —29 July 2020— The Apache® Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today the availability of the annual report 
for its 2020 fiscal year (1 May 2019 - 30 April 2020).

Now in its 21st year, the world's largest Open Source foundation’s "Apache Way" 
of community-driven development is the proven process behind thousands of 
developers successfully collaborating on hundreds of Apache projects. The 
Apache Way has directly influenced the InnerSource methodology of applying Open 
Source and open development principles to an organization. The Apache Way has 
been adopted by countless organizations, including Capital One, Comcast, 
Ericsson, HP, IBM, Google, Microsoft, PayPal, SAP, T-Mobile, Walmart, and 
countless others.

Valued at more than $20B —and provided to the public-at-large at 100% no cost— 
Apache software is used in every Internet-connected country on the planet.

Apache software comprises 227M+ lines of code, is integral to nearly every end 
user computing device, manages exabytes of data, executes teraflops of 
operations, and stores billions of objects in virtually every industry. 
Countless mission-critical projects in Artificial Intelligence, Big Data, build 
management, Cloud Computing, content management, DevOps, Deep Learning, IoT and 
Edge computing, mobile, servers, Web frameworks, and many other categories are 
powered by Apache. [Learn more about the ASF’s reach and influence at 
https://s.apache.org/ApacheEverywhere ]

Every Apache Top-Level Project (and its sub-projects, if applicable) is 
overseen by a Project Management Committee (PMC) that guides its day-to-day 
operations, including community development and product releases.

At the close of FY2020, 201 PMCs managed 339 Top-Level Projects and dozens of 
sub-projects; 9 projects were newly-graduated Top-Level Projects from the 
Apache Incubator, and 8 projects retired to the Apache Attic. Apache Incubator 
PMCs mentored 45 projects under development in the Apache Incubator; 6 projects 
were new entrants to the Incubator, and 3 were retired.

FY2020 highlights include:

 - ~8M lines of Apache code added, valued at approximately $600M worth of work; 
total code value exceeding $20B (CoCoMo model)
 - Stewardship of 227M+ lines of code in the Apache repositories;
 - Foundation operations supported by contributions from 10 Platinum Sponsors, 
9 Gold Sponsors, 11 Silver Sponsors, 25 Bronze Sponsors, 6 Platinum Targeted 
Sponsors, 5 Gold Targeted Sponsors, 3 Silver Targeted Sponsors, 10 Bronze 
Targeted Sponsors, and more than 500 individual donors;
 - 34 new individual ASF Members elected, totalling 813;
 - Exceeded 7,700 code Committers;
 - 206 Top-Level communities overseeing 339+ Apache projects, plus dozens of 
sub-projects and initiatives;
 - 9 newly-graduated Top-Level Projects from the Apache Incubator;
 - 45 projects currently undergoing development in the Apache Incubator;
 - Web requests received from every Internet-connected country on the planet;
 - 35M+ page views per week across apache.org;
 - ~2 Petabytes source code downloads from Apache mirrors;
 - Top 5 most active/visited Apache projects: Kafka, Hadoop, Lucene, POI, 
ZooKeeper; 
 - Top 5 Apache repositories by number of commits: Camel, Flink, Beam, HBase, 
Lucene Solr;
 - Top 5 Apache repositories by lines of code: NetBeans, OpenOffice, Flex 
(combined), Mynewt (combined), Trafodion;
 - 2,892 Committers changed 60,132,710 lines of code over 174,889 commits;
 - 12,413 people created 63,172 new issues; 2,868 people closed 54,633 issues
 - 19,396 authors sent 2,137,560 emails on 907,870 topics across 1,417 mailing 
lists;
 - Top 5 most active mailing lists (user@ + dev@): Flink, Tomcat, Royale, Beam, 
Lucene Solr;
 - Top Senders: (Apache Projects + Committers): GitBox, AsterixDB, Whimsy, 
Andrea Cosentino, Mark Thomas
 - 2,045 git repositories, containing ~250GB of code and repository history;
 - GitHub traffic: Top 5 most active Apache sources --clones: Thrift, Beam, 
Cordova, Arrow, Geode;
 - GitHub traffic: Top 5 most active Apache sources --visits: Spark, Flink, 
Camel, Kafka, Beam;
 - 25th anniversary of the Apache HTTP Server (21 years under the ASF umbrella);
 - 748 Individual Contributor License Agreements (ICLAs) signed;
 - 33 Corporate Contributor License Agreements signed;
 - 40 Software Grant Agreements signed; and
 - ASF was a mentoring organization in Google Summer of Code for the 15th 
consecutive year.

The full report is available online at https://s.apache.org/FY2020AnnualReport

About The Apache Software Foundation (ASF)
Established in 1999, The Apache Software Foundation (ASF) is the world’s 
largest Open 

Inside Infra: Greg Stein --Part III

2020-07-17 Thread Sally Khudairi
[this interview is available online at https://s.apache.org/InsideInfra-Greg3 ]

The close of the "Inside Infra" interview with ASF Infrastructure Administrator 
Greg Stein, who shares his experience with Sally Khudairi, ASF VP Marketing & 
Publicity. 

["Apache is growing: we're just seeing the demand explode and it's a hard 
problem for us to solve."]

PART THREE.

- We were talking about ensuring that the team is up to speed with everything 
required of them...

So there certainly are skill gaps; this is one of the things I want to help 
motivate the team with, where if somebody says, "Hey, I want to go and 
investigate Ansible as a potential Puppet replacement," I say, "Go forward." 

This would be similar to Google having their 20% projects. I'm sure you've 
heard of that.

- Oh, yeah.

It's almost the same where it's not 20%, maybe 5%, but it's the same as Google, 
no matter what they want to tell you, because everybody's got their job and you 
have to be really rigorous to carve out 20% of your time. And strictly 
speaking, it does actually make your Google manager a little upset if you carve 
out the entire 20%. But anyways, the concept is similar.

So for us it's like, "Well, go in and investigate Ansible, see if it'll work 
for us and put your notes into the Wiki." That's how we make forward progress, 
up our game, and learn new skills. If someone says, "I want to go and figure 
this out," the response is almost always, "Okay. You go do it." There's 
certainly an allowance for people to learn new skills. But most of the time we 
simply rely on, say, Gavin (ASF Infrastructure team member Gavin McDonald), 
knowing more about JIRA configuration than the other guys.

- That added component of sharing what you know, and adding it to the JIRA or 
to the Wiki actually is great because then everyone's learning. This is like 
the rising tide: everybody's learning about this, whether they're doing it 
perfectly or not. I think this is a very interesting process.

Yes, and that's also where Andrew (technical writer Andrew Wetmore) is helping 
us out. He’s organizing that information that we have learned, that we have 
documented, that we memorialized into the Wiki.

- Because our (ASF's) legacy is quite Medusa-like over all these years, it's 
interesting to see how everyone can get caught up and also contribute...you 
have to go back and deal with the legacy, but you also have to be able to move 
forward. To be able to bring others with you is brilliant. That's really cool.

The infrastructure has grown organically over 25 years from when Brian 
Behlendorf first said, "Hey, I have this server called hyperreal.org: you can 
run a CVS repository on it for the Web server."

- That computer was under his desk at the Wired offices way back when, wasn’t 
it...

Yes it was. And it's just grown organically over those 25 years. Then we had 
Minotaur and it did six different things ... now it only does half of one and 
we've moved the stuff out onto newer machines and newer processes and this and 
that. But the organic growth means that we've got some really hairy stuff. Our 
move to Puppet --first Puppet 3, and now to Puppet 6-- at each step we're 
improving it and making it less hairy and more manageable and something that 
somebody can come along, look at, pick up and run with it from there. That 
makes it a lot easier, so that we don't have to spend 100% of our time cross 
training.

- What are your thoughts on products, the hype cycle, where everyone's 
demanding Kubernetes, to use that as an example. Do you decide which products 
to provide support for, or is that up to Apache projects in the communities? 
You mentioned Ansible, just not too long ago, that was your internal decision 
to move. But I remember not long ago, GitHub entered into the landscape. How 
did that happen? How did you decide to make a move like that? That's a 
significant thing. Can you tell me a little bit about that?

It's a lot based on community input. So if we see a lot of people asking for a 
particular tool, we'll like, "Oh, hey, David, can you go and take a look at 
that and see if that's something…” Not David (ASF VP Infrastructure David 
Nalley), but Chris (Infrastructure team member Chris Lambertus) or somebody 
else. "Can you go take a look. Is that something that we can support? Because 
we're getting some queries about it."

And there's a little chicken and egg problem there that if the communities 
don't know to ask for the egg, we don't know whether to prep the chicken. It's 
like, “okay, wait, they don't even know to ask for a tool because we haven't 
said we will make this tool available, because we're not going to make the tool 
available until somebody asks”. But sometimes people file tickets like, "Can I 
get this set up?" and we'll go, "No."

Then six months later, somebody else will file a ticket

The Apache Software Foundation Announces Apache® APISIX™ as a Top-Level Project

2020-07-15 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/29wd9 ]

Open Source, Cloud-native microservices API gateway handles interface traffic 
for Websites, mobile and IoT applications in Cloud Computing, FinTech, 
Insurance, Marketplaces, Real Estate, Security, Speech Recognition, and Travel, 
among other industries.

Wakefield, MA —15 July 2020— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® APISIX™ as a Top-Level 
Project (TLP).

Apache APISIX is a Cloud-native API gateway used to handle interface traffic 
for Websites, mobile and IoT applications. The project was first developed at 
ZhiLiu Technology, was open-sourced in June 2019, and entered the Apache 
Incubator in October 2019.

"Thanks to the help of our mentors, contributors and the Apache Incubator, 
Apache APISIX has now graduated as a Top-Level Project," said Ming Wen, Vice 
President of Apache APISIX. "After entering the Apache incubator, APISIX 
evolved from being an Open Source project led by a commercial company to a 
community-led project guided by the Apache Way."

Apache APISIX consists of the following three parts:

 - Data Plane, to dynamically control the request traffic, and implement 
traffic processing and distribution;

 - Control Plane, to store and synchronize gateway data configuration; and

 - AI Plane(TODO), to orchestrate plugins, as well as real-time analysis and 
processing of request traffic.

With more than 30 functions, Apache APISIX includes traffic control, analytics, 
observability, monitoring, and logging plugins. Features include:

 - Dynamic routing and plug-in hot loading --particularly suitable for API 
management under micro-service systems;

 - Built-in high availability, multiple security plugins --puts stability and 
security at the forefront with identity authentication and interface 
verification;

 - Simple, powerful development interface --easy-to-use, built-in dashboard and 
a powerful and flexible interface for faster development;

 - Designed and implemented to meet the highest performance requirements 
--including routing, IP matcher, JSON schema, built-in plugins, and more; and

 - Multi-protocol and multi-platform support --HTTP(s), TCP, UDP,  HTTP to gRPC 
transcoding, Websocket, gRPC, Apache Dubbo, and MQTT proxy, as well as ARM64 
and others.

Apache APISIX is in use at dozens of organizations that include Airwallex, 
AISpeech, api7.ai, ke.com, Qihoo 360, taikang Cloud, Tencent Cloud, TravelSky, 
and more.

"Congratulations to Apache APISIX!" said Ryan Cao, Principal Architect at 
Airwallex. "As a global fintech that is transforming the way businesses move 
and manage money for collections, FX and digital payments, and our financial 
infrastructure provides a modern tech stack for businesses of all sizes to 
operate internationally. We have implemented our API gateway based on APISIX, 
and smoothly evolved our system to a multi-cloud distributed, microservices 
architecture, with thanks to APISIX's highly optimised, scalable and extensible 
platform and support from its developer community!"

"Our cloud AI technology is open to the world through its API gateway," said 
Shun Zhang, Senior R Director at AISpeech. "We developed Kubernetes Ingress 
controllers based on Apache APISIX to replace the Kubernetes native Ingress to 
handle all north-south container clusters and part of east-west traffic. 
APISIX's high-performance routing, flexible plugin mechanism, API management 
and design concepts are just the needs of Cloud-Native architecture. I wish 
APISIX continued success as the best and most easy-to-use API gateway with the 
support of the Apache Software Foundation."

"I am very happy to see Apache APISIX flourish," said Hui Wang, Senior Engineer 
at ke.com. "The fast and stable adoption of Apache APISIX within ke.com 
confirms that APISIX is an excellent project. Congratulations to Apache APISIX 
and the community for successfully graduating from the Apache Incubator."

"Congratulations to Apache APISIX for graduating as an Apache Top-Level 
Project," said Hui Li, Engineer at Tencent Cloud. "Recent growth in demand for 
interconnection between mobile applications, enterprise interoperability, and 
the Internet of Things have expanded backend service support objects from 
single Web applications to a variety of usage scenarios. This increases both 
the access pressure and the complexity of backend services. A suitable solution 
for this issue is an API Gateway: in addition to basic request forwarding, 
protocol conversion, routing and other functions such as high performance and 
high stability, it also has good scalability and can continuously enhance the 
capabilities of the gateway. We evaluated many API gateways, and finally chose 
Apache APISIX as the core component of our new generation API gateway because 
of its high performance, high scalability, and 

The Apache Software Foundation Announces Apache® Wicket™ v9

2020-07-15 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/lpsmm ]

Popular Open Source component-oriented server-side Java Web framework used to 
create robust Websites with faster and more maintainable code.

Wakefield, MA —15 July 2020— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, today announced Apache® WicketTM v9.0.0, the latest 
version of the Open Source Java framework for creating rich Websites and 
applications more quickly using less code.

Since 2006, Apache Wicket has been the go-to framework for elegant, responsive, 
and simple HTML pages that are well suited for Web Designers seeking to test 
the applications they are building. Apache Wicket was listed amongst the "10 
Best Java Web Frameworks to Use in 2019 (100% Future-Proof)" by JavaPipe.

"Java has deeply changed in the last few years," said Andrea Del Bene, Vice 
President of Apache Wicket and Apache Wicket v9.0 Release Manager. "In addition 
to the new release policy, starting with version 9 Java platform went through a 
massive refactoring aimed to modularize its code base and remove legacy classes 
and packages. With Wicket 9 we fully embraced this new Java course migrating 
our codebase to Java 11 LTS, offering a fundamental tool to keep your code up 
to date with Java evolution."

Reflecting the tagline, "Bring the Web into the modern Java world", Apache 
Wicket 9 features include:

 - Java 11 is required as a minimum version; CI machines are available to test 
the Wicket codebase with later versions. For more details see  
https://wiki.openjdk.java.net/display/quality/Quality+Outreach 

 - Added support for CSP (Content Security Policy) and activated by default. 
CSP allows Web developers to protect their apps against malicious scripts and 
unauthorized code execution. Wicket 9 exposes CSP with a flexible API to allow 
custom levels of CSP.

 - Wicket has been part of the OpenJDK Quality Outreach (that promotes the 
testing of open source projects with JDK Early Access builds and with the 
latest GA version, since January 2019). As of today, Apache Wicket is are one 
of few projects tested with OpenJDK 11, 14, and 15 (the latter in Early Access)

 - The internal page storing mechanism has been reworked to implement a better 
and simpler design. For more details see 
https://issues.apache.org/jira/browse/WICKET-6563

 - A new modern implementation of modal window component, called ModalDialog. 
The old ModalWindow component is still here but it is deprecated and will be 
removed in a future version of Wicket.

 - JUnit has been upgraded to version 5. WicketTester uses it internally. It 
still supports JUnit 4 via JUnit 5 Vintage Engine

 - Update CDI (Context and Dependency Injection) to version 2.0


Apache Wicket is widely deployed across numerous organizations worldwide, such 
as Access Canberra, Apress, Brazilian 4th Regional Labor Court, Burger King, 
DHL, Facturación Electrónica, Lindenbaum, OneDev, SAP, TVH Group, UK Sciences, 
and countless others. For a comprehensive list of Apache Wicket 
implementations, see https://builtwithwicket.tumblr.com/

"Apache Wicket is the most suitable framework for OneDev," said Robin Shen, 
owner of the OneDev project, "With Wicket I can work with the same set of code 
from front-end to back-end, with Java's mature libraries and toolings. I must 
say I gained great productivity with Wicket."

"At ParnasSys we work with very private data of millions of students in our 
student information system," said Robert Kromkamp, manager of software 
development at ParnasSys. "Since we are very keen about the security and 
privacy of our customers, we immediately adopted the new content security 
policy (CSP) feature of Wicket 9, so we can deploy an improved, more secure 
ParnasSys when the final release hits. Wicket has proven to be resilient and 
secure through the years, and we are very happy that Wicket continues to adopt 
new security standards in a developer friendly way."

"At ValueCare we use Apache Wicket to build our main interactive 
web-application, which offers our users insight into their business-data 
easily," said Rob Audenaerde, Technical Lead at ValueCare. "Apache Wicket is a 
well structured, object-oriented Java framework that allows for quick extension 
and customization. This reduces our time to market for new features, because we 
can rapidly prototype and develop new components as needed."

"With Wicket 9 we want to bring Web development into the post-Java 8 world," 
added Del Bene. "We rewrote our code base to comply with the new Java 
architecture, taking advantage of all the improvements and new features 
introduced from Java 8 to 11. Developers can now leave with no worry the safe 
harbor that Java 8 has been for all these years, and plunge into the modern 
Java world."

Availability and Oversight
Apache Wicket software is released under the Apache License v2.0 and 

Trillions: It’s a Wrap!

2020-07-10 Thread Sally Khudairi
[this post is available online at https://s.apache.org/jigil ]

Our fourth, and final, part of the “Trillions and Trillions Served” documentary 
on the ASF is now live!

Watch “Apache Innovation”, our latest segment 
https://s.apache.org/ApacheInnovation

...and catch up on the other parts

 - “Apache Everywhere” short https://s.apache.org/ApacheEverywhere  

 - “Trillions and Trillions Served” full feature documentary 
https://s.apache.org/Trillions-Feature  

 - “Why Apache” Documentary Teaser https://s.apache.org/ASF-Trillions  


Heartfelt thanks to:

... our filmmakers, (ASF Member) Michael Wechner, Dominik Gehring, and Tobias 
Kaufmann of Wyona Pictures;

...our film and production assistants Myk Fox, (Apache Committer) Kenneth 
Paskett, and Katerina Oliveros;

...and all the participants from the Apache community (in alphabetical order):

Danny Angus, Mike Bates, Brian Behlendorf, Zaheda Bhorat, Rich Bowen, Danese 
Cooper, Mark Cox, Adina Crainiceanu, Shane Curcuru, Bertrand Delacretaz, Isabel 
Drost, Ted Dunning, Christofer Dutz, Lars Eilebrecht, Justin Erenkrantz, Julian 
Feinauer, Sharan Foga, Lars Francke, Pier Fumagalli, Ruth Holloway, Serge 
Huber, Julian Hyde, Claus Ibsen, Jim Jagielski, Alex Karasulu, Paul King, 
Kenneth Knowles, Myrle Krantz, Ted Liu, Samaira Mehta, Ismaël Mejía, Owen 
O’Malley, Jean-Baptiste Onofré, David Nalley, Jeffery Painter, Stan Paulauskas, 
Bob Paulin, Daniel Ruggeri, Craig Russell, Patricia Shanahan, Roman Shaposhnik, 
Andy Shi, Greg Stein, Sander Striker, Mark Thomas, Dirk-Willem van Gulik, and 
Rohit Yadav.

What an opportunity --we appreciate your support, help in spreading the word, 
and sharing Apache goodness with the world!

- - - 

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


Inside Infra: Greg Stein --Part II

2020-06-29 Thread Sally Khudairi
[this interview is available online at https://s.apache.org/InsideInfra-Greg2 ]

The "Inside Infra" interview continues with ASF Infrastructure Administrator 
Greg Stein, who shares his experience with Sally Khudairi, ASF VP Marketing & 
Publicity.

- - -
"Who are these crazy guys spread around the world that are keeping 200 machines 
up and running for all these different projects and committers and 
contributors?"
- - -

PART TWO.

- How or what would you describe the Infra "brand" to be?

I don't really know. I've never really thought about branding or marketing 
ourselves, so ...

- Well, you guys have a certain persona, you have those funky t-shirts you wear 
at ApacheCon ...there's definitely some kind of street cred that's different 
from everybody else. I was curious to see if that's part of your natural sense 
of hip, or is that something that you guys deliberately planned for.

The t-shirts and other things go back to the team bonding kind of thing. We'll 
give ourselves an identity, but haven't tried to create or market ourselves. I 
think it is something that we do need to take some control over. We hired a 
part-time writer in December and he's been organizing our content to provide a 
better and more useful front to Infrastructure.

There were a lot of pages on www.apache.org that have now moved over to 
infra.apache.org. That creates a more coherent Web space, if you will. We can 
really talk about those different channels. "How do you reach Infrastructure? 
Do I go to the Slack channel or do I file a JIRA ticket: how do I decide?" So 
he's helping to, while I wouldn't say "market a new face", he's certainly 
helping people figure out who we are, what we do, what we can help with and 
getting that information organized.

- Which is good. That's new. Even to have you guys featured in a project like 
this, it's unusual and it's refreshing. I'm personally curious, and I'm sure 
other people are also curious about what's behind Infra.

Right, right. Who are these crazy guys spread around the world that are keeping 
200 machines up and running for all these different projects and committers and 
contributors?

So Andrew (technical writer Andrew Wetmore) is primarily going to work on the 
infrastructure docs until those are whipped into shape because a lot of the 
material that we have, a lot of the Webpages, is really infrastructure related. 
He has been working with the team on those pages. What's going to be harder 
though is when he's kind of at a stopping point for that, what to turn his 
focus to, and that would be www.apache. But then it gets a lot more difficult 
because when he wants to update the How It Works page, who does he talk to? 
Who's authoritative? He can do some edits for flow and word consistency, 
punctuation, clarity, right, but he can't really update the process.

- Right. Right. That's the Foundation thing.

Yeah. But the problem is we don't really even have a concept of who's in charge 
of that How It Works page, who is, you know, it's just there's nobody that the 
foundation is willing to say, "That person controls that process." You know 
what I mean?

- I totally do --I come across the same pages and people go, "Are they yours?" 
It's hard to determine not only evolving processes, but who signs off on this 
or who gets it. I hear you.

I've recommended for the past year, or three, that Marketing is the owner of 
DubDubDub (www.), but you know, that's the "face" of Apache. You know? But the 
raw content, as you point out, who approves the raw content.

- One thing that I asked Drew and Chris, and I'm always curious with people who 
are super busy and juggling 50 things, is to describe a typical workday for you.

I wake up, I look for email first, generally, sometimes I'll hop onto Slack 
because sometimes people ask me directly for something. Then I go look at email 
and sort through a number of different categories between direct team stuff, 
operations, the Apache Board, and then Apache in general. And then of course, 
if there's any vendor email to deal with. So there's a bunch of different 
categories in priority order. After I get through that initial work, then it's 
go and read all the back scroll in the team channel, which is anywhere from 200 
to 400 lines of back scroll ...

- Can you get any work done? Beyond just catching up on the communications?

Yes. But it does take like 30 minutes to read that back scroll. For me there's 
a lot in there about what the guys are doing and what they're working on, how 
to solve a particular problem when they're asking somebody else, "Hey, can you 
look at this? Can you help me with this?" But I don't, for the most part, 
"serve", you know ...they are the technical staff... I can do it: I have 
technical chops, but I let them do their jobs as they know best. I do like 
reading the back scroll because I'm also looking a

Re: The Apache News Round-up: week ending 12 June 2020

2020-06-12 Thread Sally Khudairi
Code Snapshot Update: this week, 350 committers changed 922,742 lines of code 
over 2,850 commits. Top 5 committers, in order of commits, are: Andrea 
Cosentino, Guillaume Nodet, Jark Wu, Raphaël Ouazana, and Michael Vorburger. 

Have a great weekend!

- - - 
Vice President Marketing & Publicity
Vice President Sponsor Relations
The Apache Software Foundation

Tel +1 617 921 8656 | s...@apache.org

On Fri, Jun 12, 2020, at 09:17, Sally Khudairi wrote:
> [this newsletter is available online at https://s.apache.org/v5axk ]
> 
> Hurrah for Friday! We've had a great week within the Apache community. 
> Here's what happened:
> 
> "Trillions and Trillions Served" – the feature documentary on the ASF 
> filmed onsite at ApacheCon Las Vegas and Berlin in 2019 
> https://s.apache.org/Trillions-Feature 
> 
> Inside Infra – the third interview in the series with members of the 
> ASF Infrastructure team.
>  - Meet Greg Stein --Part I https://s.apache.org/InsideInfra-Greg
> 
> ASF Board – management and oversight of the business affairs of the 
> corporation in accordance with the Foundation's bylaws.
>  - Next Board Meeting: 17 June 2020. Board calendar and minutes 
> https://apache.org/foundation/board/calendar.html
> ApacheCon™ – the ASF's official global conference series, bringing 
> Tomorrow's Technology Today since 1998.
>  - Notice on Apache 2020 Conferences https://s.apache.org/zgm8m
> 
> ASF Infrastructure – our distributed team on three continents keeps the 
> ASF's infrastructure running around the clock.
>  - 7M+ weekly checks yield uptime at 99.98%. Performance checks across 
> 50 different service components spread over more than 250 machines in 
> data centers around the world. http://www.apache.org/uptime/
> 
> Apache Code Snapshot – TODO  
> 
> Apache Project Announcements – the latest updates by category.
> 
> Big Data --
>  - Apache ShardingSphere 4.1.1 released https://shardingsphere.apache.org/
>  - Apache Beam 2.22.0 released https://beam.apache.org/
>  - Apache Flink Stateful Functions 2.1.0 released https://flink.apache.org/
> 
> Content --
>  - Apache Jackrabbit 2.20.1 released https://jackrabbit.apache.org/
>  - Apache PDFBox 2.0.20 released https://pdfbox.apache.org/
> 
> Integrated Development Environment --
>  - Apache NetBeans 12.0 released https://netbeans.apache.org/
>  - Newly Identified Inactive Malware Campaign: Impact on Apache 
> NetBeans 
> https://blogs.apache.org/netbeans/entry/newly-identified-inactive-malware-campaign
>  
> 
> Libraries --
>  - Apache Commons IO 2.7 released 
> https://commons.apache.org/proper/commons-io/
>  - Apache Commons BCEL 6.5.0 released 
> https://commons.apache.org/proper/commons-bcel/
> Messaging --
>  - Apache Qpid JMS 0.52.0 released https://qpid.apache.org/
> 
> Servers --
>  - Apache Tomcat 8.5.56, 9.0.36, and 10.0.0-M6 released 
> https://tomcat.apache.org/
>  - Apache HttpComponents Core 5.0.1 GA released https://hc.apache.org/
> 
> 
> Did You Know?
> 
>  - Did you know that you could help with the next version of Apache 
> OpenOffice? 
> https://blogs.apache.org/OOo/entry/apache-openoffice-needs-your-help 
> 
>  - Did you know that Airflow Summit 2020 will be held 6-17 July online? 
> https://airflowsummit.org/  
> 
>  - Did you know that Beam Summit 2020 will be held 24-28 August online 
> and free of charge? https://beamsummit.org/
>  
> 
> Apache Community Notices
> 
>  - The Apache Software Foundation Statement on the COVID-19 Coronavirus 
> Outbreak https://s.apache.org/COVID-19  
> 
>  - The Apache Software Foundation Celebrates 21 Years of Open Source 
> Leadership https://s.apache.org/21stAnniversary
> 
>  - Apache Month In Review: May 2020 – overview of events that have 
> taken place within the Apache community https://s.apache.org/May2020
> 
>  - The Apache Software Foundation Operations Summary: Q3 FY2020 
> (November 2019 - January 2020) https://s.apache.org/r6s5u  
> 
>  - "Trillions and Trillions Served", the documentary on the ASF, is in 
> post-production. Catch the teaser at https://s.apache.org/ASF-Trillions 
> and "Apache Everywhere", the first "Trillions" "short" filmed onsite at 
> ApacheCon Las Vegas and Berlin this past year 
> https://youtu.be/nXtIti9jMFI
> 
>  - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits
> 
>  - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI
> 
>  - ASF Operations Summary: Q2 FY2020 (August - October 2019) 
> https://s.apache.org/2kv2n
> 
>  - ASF Founders look back on 20 Years of the ASF 
> https://blogs.apache.org/foundation/entry/our-founders-look-back-on
> 
>  - Foundati

The Apache News Round-up: week ending 12 June 2020

2020-06-12 Thread Sally Khudairi
[this newsletter is available online at https://s.apache.org/v5axk ]

Hurrah for Friday! We've had a great week within the Apache community. Here's 
what happened:

"Trillions and Trillions Served" – the feature documentary on the ASF filmed 
onsite at ApacheCon Las Vegas and Berlin in 2019 
https://s.apache.org/Trillions-Feature 

Inside Infra – the third interview in the series with members of the ASF 
Infrastructure team.
 - Meet Greg Stein --Part I https://s.apache.org/InsideInfra-Greg

ASF Board – management and oversight of the business affairs of the corporation 
in accordance with the Foundation's bylaws.
 - Next Board Meeting: 17 June 2020. Board calendar and minutes 
https://apache.org/foundation/board/calendar.html
ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's 
Technology Today since 1998.
 - Notice on Apache 2020 Conferences https://s.apache.org/zgm8m

ASF Infrastructure – our distributed team on three continents keeps the ASF's 
infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.98%. Performance checks across 50 
different service components spread over more than 250 machines in data centers 
around the world. http://www.apache.org/uptime/

Apache Code Snapshot – TODO  

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache ShardingSphere 4.1.1 released https://shardingsphere.apache.org/
 - Apache Beam 2.22.0 released https://beam.apache.org/
 - Apache Flink Stateful Functions 2.1.0 released https://flink.apache.org/

Content --
 - Apache Jackrabbit 2.20.1 released https://jackrabbit.apache.org/
 - Apache PDFBox 2.0.20 released https://pdfbox.apache.org/

Integrated Development Environment --
 - Apache NetBeans 12.0 released https://netbeans.apache.org/
 - Newly Identified Inactive Malware Campaign: Impact on Apache NetBeans 
https://blogs.apache.org/netbeans/entry/newly-identified-inactive-malware-campaign
 

Libraries --
 - Apache Commons IO 2.7 released https://commons.apache.org/proper/commons-io/
 - Apache Commons BCEL 6.5.0 released 
https://commons.apache.org/proper/commons-bcel/
Messaging --
 - Apache Qpid JMS 0.52.0 released https://qpid.apache.org/

Servers --
 - Apache Tomcat 8.5.56, 9.0.36, and 10.0.0-M6 released 
https://tomcat.apache.org/
 - Apache HttpComponents Core 5.0.1 GA released https://hc.apache.org/


Did You Know?

 - Did you know that you could help with the next version of Apache OpenOffice? 
https://blogs.apache.org/OOo/entry/apache-openoffice-needs-your-help 

 - Did you know that Airflow Summit 2020 will be held 6-17 July online? 
https://airflowsummit.org/  

 - Did you know that Beam Summit 2020 will be held 24-28 August online and free 
of charge? https://beamsummit.org/
 

Apache Community Notices

 - The Apache Software Foundation Statement on the COVID-19 Coronavirus 
Outbreak https://s.apache.org/COVID-19  

 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership 
https://s.apache.org/21stAnniversary

 - Apache Month In Review: May 2020 – overview of events that have taken place 
within the Apache community https://s.apache.org/May2020

 - The Apache Software Foundation Operations Summary: Q3 FY2020 (November 2019 
- January 2020) https://s.apache.org/r6s5u  

 - "Trillions and Trillions Served", the documentary on the ASF, is in 
post-production. Catch the teaser at https://s.apache.org/ASF-Trillions and 
"Apache Everywhere", the first "Trillions" "short" filmed onsite at ApacheCon 
Las Vegas and Berlin this past year https://youtu.be/nXtIti9jMFI

 - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - ASF Operations Summary: Q2 FY2020 (August - October 2019) 
https://s.apache.org/2kv2n

 - ASF Founders look back on 20 Years of the ASF 
https://blogs.apache.org/foundation/entry/our-founders-look-back-on

 - Foundation Reports and Statements 
http://www.apache.org/foundation/reports.html

 - ApacheCon: Tomorrow's Technology Today since 1998 
http://s.apache.org/ApacheCon

 - "Success at Apache" focuses on the people and processes behind why the ASF 
"just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF 
infrastructure team --meet Drew Foulks https://s.apache.org/InsideInfra-Drew

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter 
(https://twitter.com/TheASF) and on LinkedIn at 
https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page 
https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account 
https://twitter.com/ApacheCommunity

 - Find out how you can participate with Apache community/projects/activities 
--opportunities open with Apache Camel, Apache HTTP Server, and more! 
https://helpwanted.apache.org/

 - Are your software solutions 

Announcing the release of "Trillions and Trillions Served"

2020-06-10 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/lq3ub ]

We are pleased to announce the release of "Trillions and Trillions Served", the 
documentary feature on The Apache Software Foundation (ASF), the world’s 
largest Open Source foundation.

"'Trillions and Trillions Served' celebrates the diverse experiences from 
members of the Apache community from around the world," said Sally Khudairi, 
ASF Vice President Marketing & Publicity and Producer of "Trillions and 
Trillions Served". "The project is tribute to the innovation and passion that 
celebrates the ASF's incredible rise over the past 20 years. Watching our 
projects and their communities expand and thrive over the years has been 
exhilarating —what a privilege to share our story with the world!"

Advancing its mission of providing software for the public good, the ASF's 
all-volunteer community grew from 21 original Members overseeing the 
development of the Apache HTTP Server to 813 individual Members, 206 Apache 
Project Management Committees, and 7,800+ Committers shepherding 300 projects 
and 200M+ lines of Apache code valued at more than $20B. Apache's breakthrough 
technology touches every aspect of modern computing, powering most of the 
Internet, managing exabytes of data, executing teraflops of operations, and 
storing trillions of objects in virtually every industry. Apache projects are 
all freely-available, at 100% no cost, and with no licensing fees. 

The documentary was shot by Wyona Pictures on location in September and October 
2019 at ApacheCon North America in Las Vegas and ApacheCon Europe in Berlin.

The "Trillions and Trillions Served" feature can be viewed at 
https://s.apache.org/Trillions-Feature   

"Why Apache?", the teaser for the documentary, is available at 
https://s.apache.org/WhyApache  

"Apache Everywhere", a “Trillions” documentary short, is available at 
https://s.apache.org/ApacheEverywhere   

"Apache Innovation", the fourth and final segment from the "Trillions" series, 
will be released in Summer 2020.

The film was directed by ASF Member Michael Wechner, founder of Wyona Pictures, 
with cinematography by Dominik Gehring and Tobias Kaufmann.

To learn more about the ASF, visit http://apache.org/ . To support the ASF 
through this project, visit https://s.apache.org/trillions 

# # #

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


Inside Infra: Greg Stein --Part I

2020-06-09 Thread Sally Khudairi
[this interview is available online at https://s.apache.org/InsideInfra-Greg ]

The third "Inside Infra" interview is with ASF Infrastructure Administrator 
Greg Stein, who shares his experience with Sally Khudairi, ASF VP Marketing & 
Publicity.

---
"We've got about 200 different machines and each one runs something different"
---

- What is your name --how is it pronounced?

Greg Stein. "Gregg St-eye-n"


- When people need to find you, are you at gstein@? Has that always been your 
handle for everything?

Ever since high school, actually. I was gjs@ for a bit in college, but went 
back to gstein@. I started at Google early April 2004, and Gmail launched on 
April 1, so I was able to get my work email ID, gstein@gmail. So it’s great, 
but also rather annoying, because there are a lot of Gary Steins and Gertrude 
Steins and George Steins, and I get all of their email ... I get plane tickets, 
hotel reservations ... I got a proposal from the Gates Foundation once. I had 
some crazy bitter angry lady yelling at her husband as they were getting 
divorced, and she could rant. I mean, wow: that lady had a pirate's mouth.


- But she didn't have his email address.

Apparently not.


- When and how did you get involved with the ASF?

I left Microsoft in 1998, and the product group I was working in was building 
WebDAV into various Microsoft products. I thought the concept of WebDAV was 
very cool, and wanted the Open Source world to have it. That meant writing a 
module for the Apache Web Server. I think it was September 1998 when I started 
posting to the Apache mailing list and looking at how to plug in a WebDAV 
module. That was Apache 1.3 at the time. I developed a module called mod_dav 
for Apache 1.3, And when we started Apache 2.0 in 2000, I donated the module to 
Apache, and it became a standard module in Apache 2.0.


- I remember that: I did the press release for that way back when. I knew you 
were connected with mod_dav, but didn't realize the path as to how you got 
there. It's very interesting.

That's what brought me to Apache, when they started putting together the 
foundation: it was in the Spring of '99. I remember asking Roy if I could be 
one of the first members of the foundation, and Roy's answer was basically 
like, "We already had the set of people locked in. You'll probably get 
nominated and voted in at our first member meeting," which occurred in 
September 1999. So yes, I was in that first batch of new members rather than 
the original membership.


- You've been a member of the ASF much longer than you've been involved with 
ASF Infra. What were the previous hats you were wearing at the ASF? You've been 
here for a while, and have had a lot of different configurations.

This is true. So I'm a committer on HTTPd (Apache HTTP Server) and then a PMC 
Member, an ASF Member. I helped start the APR (Apache Portable Runtime) project 
with some of the other Web server committers, we pulled that out of HTTPd and 
created APR, and we used that for 2.0. We used APR, whereas Apache 1.3 was 
essentially the combination of the two, one big code base. Then Justin 
Erenkrantz and I started Apache Serf, and that was a high performance C-based 
client library for HTTP. But we didn't have three people in the community, so 
it couldn't really be an Apache project. So we took it out of Apache and 
started working on it on our own, and then eventually Subversion started to use 
Serf, and so we got more committers on Serf, and the community kind of built up 
around it because of Subversion. So we ran Serf externally, but just like it 
was an Apache community, it was Apache licensed and so on. Eventually we wanted 
to move it back into Apache, and I don't recall off hand, but we went straight 
to a TLP from our external project back to Apache Serf.

Early 2000, it was January or February, (ASF co-Founder) Brian Behlendorf 
approached me about helping with the network protocol for this new version 
control system they were starting at CollabNet, because he knew my background 
in HTTP and WebDAV. That “V” stands for versioning. I got involved with the 
Subversion project that Spring. That was also run as a very egalitarian Open 
Source project, very similar to how we run stuff at Apache. I was really the 
only Apache person, but Karl Fogel just knows how to run a great community, and 
so all those values that we cherish in communities at Apache were part of 
Subversion from day one, but was run by CollabNet. I was hired in 2001 to 
manage their development team. Eventually, CollabNet wanted to turn it into a 
vendor-neutral thing that wasn't only CollabNet, so they started a small LLC 
called the Subversion Corporation. Once the IP was transferred to the 
Subversion Corporation, people said, "Okay, let's move to Apache," because 
nobody wanted to deal with the overhead of the Subversion Corporation. We 
approached Apache at the end of 2009, and Su

The Apache Software Foundation Announces Apache® Hudi™ as a Top-Level Project

2020-06-04 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/odtwv ]

Open Source data lake technology for stream processing on top of Apache Hadoop 
in use at Alibaba, Tencent, Uber, and more.

Wakefield, MA --4 June 2020-- The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® Hudi™ as a Top-Level Project 
(TLP).

Apache Hudi (Hadoop Upserts Deletes and Incrementals) data lake technology 
enables stream processing on top of Apache Hadoop compatible cloud stores & 
distributed file systems. The project was originally developed at Uber in 2016 
(code-named and pronounced "Hoodie"), open-sourced in 2017, and submitted to 
the Apache Incubator in January 2019.

"Learning and growing the Apache way in the incubator was a rewarding 
experience," said Vinoth Chandar, Vice President of Apache Hudi. "As a 
community, we are humbled by how far we have advanced the project together, 
while at the same time, excited about the challenges ahead."

Apache Hudi is used to manage petabyte-scale data lakes using stream processing 
primitives like upserts and incremental change streams on Apache Hadoop 
Distributed File System (HDFS) or cloud stores. Hudi data lakes provide fresh 
data while being an order of magnitude efficient over traditional batch 
processing. Features include:

 - Upsert/Delete support with fast, pluggable indexing
 - Transactionally commit/rollback data
 - Change capture from Hudi tables for stream processing
 - Support for Apache Hive, Apache Spark, Apache Impala and Presto query engines
 - Built-in data ingestion tool supporting Apache Kafka, Apache Sqoop and other 
common data sources
 - Optimize query performance by managing file sizes, storage layout
 - Fast row based ingestion format with async compaction into columnar format
 - Timeline metadata for audit tracking

Apache Hudi is in use at organizations such as Alibaba Group, EMIS Health, 
Linknovate, Tathastu.AI, Tencent, and Uber, and is supported as part of Amazon 
EMR by Amazon Web Services. A partial list of those deploying Hudi is available 
at https://hudi.apache.org/docs/powered_by.html

"We are very pleased to see Apache Hudi graduate to an Apache Top-Level 
Project. Apache Hudi is supported in Amazon EMR release 5.28 and higher, and 
enables customers with data in Amazon S3 data lakes to perform record-level 
inserts, updates, and deletes for privacy regulations, change data capture 
(CDC), and simplified data pipeline development," said Rahul Pathak, General 
Manager, Analytics, AWS. “We look forward to working with our customers and the 
Apache Hudi community to help advance the project."

"At Uber, Hudi powers one of the largest transactional data lakes on the planet 
in near real time to provide meaningful experiences to users worldwide," said 
Nishith Agarwal, member of the Apache Hudi Project Management Committee. "With 
over 150 petabytes of data and more than 500 billion records ingested per day, 
Uber’s use cases range from business critical workflows to analytics and 
machine learning."

"Using Apache Hudi, end-users can handle either read-heavy or write-heavy use 
cases, and Hudi will manage the underlying data stored on HDFS/COS/CHDFS using 
Apache Parquet and Apache Avro," said Felix Zheng, Lead of Cloud Real-Time 
Computing Service Technology at Tencent.

"As cloud infrastructure becomes more sophisticated, data analysis and 
computing solutions gradually begin to build data lake platforms based on cloud 
object storage and computing resources," said Li Wei, Technical Lead on Data 
Lake Analytics, at Alibaba Cloud. "Apache Hudi is a very good incremental 
storage engine that helps users manage the data in the data lake in an open way 
and accelerate users' computing and analysis."

"Apache Hudi is a key building block for the Hopsworks Feature Store, providing 
versioned features, incremental and atomic updates to features, and indexed 
time-travel queries for features," said Jim Dowling, CEO/Co-Founder at Logical 
Clocks. "The graduation of Hudi to a top-level Apache project is also the 
graduation of the open-source data lake from its earlier data swamp incarnation 
to a modern ACID-enabled, enterprise-ready data platform."

"Hudi's graduation to a top-level Apache project is a result of the efforts of 
many dedicated contributors in the Hudi community," said Jennifer Anderson, 
Senior Director of Platform Engineering at Uber. "Hudi is critical to the 
performance and scalability of Uber's big data infrastructure. We're excited to 
see it gain traction and achieve this major milestone."

"Thus far, Hudi has started a meaningful discussion in the industry about the 
wide gaps between data warehouses and data lakes. We have also taken strides to 
bridge some of them, with the help of the Apache community," added Chandar. 
"But, we are only getting started with our deeply technical roadmap. We 

The Apache Software Foundation Announces Apache® CloudStack® v 4.14

2020-05-28 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/l5ps8 ]

Mature Open Source Enterprise Cloud platform powers billions of dollars in 
transactions for the world's largest Cloud providers, Fortune 5 multinationals, 
educational institutions, and more.

Wakefield, MA —28 May 2020— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® CloudStack® 4.14, the latest 
version of the mature, turnkey enterprise Cloud orchestration platform.

Apache CloudStack is the proven, highly scalable IaaS platform of choice to 
rapidly and easily create private, public, and hybrid Cloud environments: it 
"just works". CloudStack originated at Cloud.com in 2010, which was acquired by 
Citrix in 2011. CloudStack was submitted to the Apache Incubator in 2012 and 
graduated as an Apache Top-Level Project (TLP) in March 2013.

Apache CloudStack includes the entire "stack" of features in an IaaS cloud: 
compute orchestration, Network-as-a-Service, user and account management, full 
and open native API, resource accounting, and a first-class user interface.

"v4.14 is an exciting release for Apache Cloudstack and is the result of many 
months of collaboration by our community," said Sven Vogel, Vice President of 
Apache CloudStack. "We are introducing a number of major new features that have 
been driven by demand by users and operators of CloudStack based IaaS 
environments. At the same time, we have kept to the project's ethos of having a 
tightly defined scope and being the platform of choice on which to layer other 
services."

Of particular note are:

Cloudstack Kubernetes Service gives operators the ability to deliver CaaS or 
K8aaS style services with no change to underlying  infrastructure or business 
process

VM Ingestion gives operators the ability to easily “import” existing VMware 
environments into Cloudstack

The new backup and recovery framework, allows operators to integrate with any 
backup platform, giving a seamless user experience from the Cloudstack UI/API

"Apache Cloudstack 4.14 ships with a Technical Preview of Cloudstack’s new User 
Interface," added Vogel. "This presents a new, ‘enterprise feel’ user 
experience and is earmarked to replace the current UI. We are encouraging all 
Cloudstack users to explore the Technical Preview and give feedback to the 
community. Thank you to all of the contributors across our community who have 
made this release possible."

More than 200 new features, enhancements, and fixes include:

New modern UI (Project Primate, Technical preview)
Backup and Recovery framework
Backup and Recovery provider for Veeam 
VM ingestion
CloudStack Kubernetes Service
L2 network PVLAN enhancements 
UEFI support
KVM rolling maintenance
Enable Direct Download for systemVM templates 
Template Direct Download support for Local and SharedMountPoint storages 
VR health checks
Download logs and diagnostics data from SSVM/CPVM/VRs
Enable additional configuration metadata to virtual machines

The full list of new features can be found in the project release notes at 
http://docs.cloudstack.apache.org/en/4.14.0.0/releasenotes/index.html .

Apache CloudStack powers thousands of clouds and billions of dollars in 
transactions across an array of organizations that include Apple, BT, INRIA, 
Royal Melbourne Institute of Technology (RMIT), SAP, Taiwan Mobile, Verizon, 
and WebMD, among others. A list of some of Apache CloudStack’s users are 
available at http://cloudstack.apache.org/users.html .

Highlighted in Forrester’s Enterprise Open Source Cloud Adoption report, Apache 
CloudStack "sits beneath hundreds of service provider Clouds", and is behind 
numerous elastic Cloud computing services, including those at Fortune 5 
multinationals as well as solutions ranked as Gartner Magic Quadrant leaders.

Availability and Oversight
Apache CloudStack software is released under the Apache License v2.0 and is 
overseen by a self-selected team of active contributors to the project. A 
Project Management Committee (PMC) guides the Project's day-to-day operations, 
including community development and product releases. For downloads, 
documentation, and ways to become involved with Apache CloudStack, visit 
http://cloudstack.apache.org/ and https://twitter.com/cloudstack .

About The Apache Software Foundation (ASF)
Established in 1999, the all-volunteer Foundation oversees more than 350 
leading Open Source projects, including Apache HTTP Server --the world's most 
popular Web server software. Through the ASF's meritocratic process known as 
"The Apache Way," more than 813 individual Members and 7,800 Committers across 
six continents successfully collaborate to develop freely available 
enterprise-grade software, benefiting millions of users worldwide: thousands of 
software solutions are distributed under the Apache License; and the community 
actively participates in ASF mailing 

The Apache Software Foundation Announces Apache® Subversion® 1.14.0-LTS

2020-05-28 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/osr65 ]

Community-led Version Control Software and Source Code Management Tool 
Available on Most Integration Servers, Integrated Development Environments, 
Issue Tracking Systems, and more.

Wakefield, MA —28 May 2020— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today Apache® Subversion® 1.14.0-LTS, the 
latest release of the popular centralized software version control system.

Apache Subversion ("SVN") provides a version controlled backing store for any 
kind of data. It records an accurate log of changes made to that data over 
time, and keeps track of who made them. Subversion allows users to commit files 
and directories, recover previous revisions, and even maintain multiple 
variations of their work in parallel. Able to service projects of any size, 
from individuals up to large scale collaborative efforts, Subversion is ideal 
for work in vast swaths of industries, from software development to 
semiconductor design, scientific research to medical technology. An Apache 
Top-Level Project for over a decade, Subversion celebrated its 20th Anniversary 
earlier this year.

"First and foremost, I'd like to thank all of our developers and community 
members who helped make this release possible," said Nathan Hartman, Vice 
President of Apache Subversion. "We are excited to publish our latest LTS 
release, and the first in the 1.14 line."

As an LTS release, the focus is on stability and availability. These are 
achieved through the project's policies. For any change in core code to be 
included in updates to 1.14.x, the change must first undergo a process of 
nomination and voting for backport. At least three Subversion developers must 
support the change, with none having concerns about it.

LTS (Long Term Support) is an industry designation that a particular release 
line is planned to be maintained for a longer period of time than regular, 
non-LTS releases. For the Subversion project, this means that later updates to 
the 1.14.x series may contain bug fixes and security updates only. Any bleeding 
edge new features, even if developed during the lifetime of 1.14.x, will have 
to be introduced in a separate release line. Server operators and system 
administrators usually prefer LTS releases for stability, while end users often 
choose the latest release (LTS or not) to get the newest features.

Numerous third parties provide Subversion install packages for Windows, macOS, 
Linux, OpenBSD, FreeBSD, and other operating systems. To maximize platform 
independence, Subversion is implemented with strict conformance to ISO C90, one 
of the most widely supported software coding standards worldwide. In addition, 
the Subversion developers provide bindings that enable integrations with 
software coded in popular web languages: Java, Ruby, Perl, and Python.

Particularly noteworthy for this release, Subversion's language bindings for 
Python received significant attention. Python 3 is supported, up from Python 2 
in prior Subversion releases, an oft requested improvement that keeps 
Subversion 1.14.0-LTS current with the changing Python landscape. While this 
was a major undertaking, the project also tackled the challenge of maintaining 
compatibility with the older Python 2. This legacy support is expected to phase 
out gradually, as Python 3 continues to gain mindshare across the computing 
industry, but the Subversion project has a long tradition of maintaining 
compatibility wherever practical, giving operators of legacy systems some 
much-needed breathing room as they make the transition.

Among Subversion's strengths are its extensive support for working with giant 
repositories. The bedrock of this support is its centralized model, which 
allows users to check out only the portions of a repository that they need. The 
ASF uses Subversion this way in its own infrastructure, housing more than 80 of 
its Apache Top-Level Projects and sub-projects comprising millions of lines of 
code, including Subversion itself, in a single Subversion repository that makes 
all 1.8 million revisions of that information available to collaborators 
worldwide.

When dealing with such vast amounts of data, including all of its revisions, 
one might wonder about storage costs. Subversion uses a variety of techniques 
to minimize storage, including temporal compression, spacial compression, and 
data deduplication.

Another improvement in Subversion 1.14.0-LTS is a new tool in support of 
deduplication that could help some administrators reduce future storage costs. 
The deduplication feature uses an internal database named rep-cache.db. If 
deduplication was previously disabled, the database may not contain all 
necessary entries. The new feature, known as the 'svnadmin build-repcache' 
command, allows re-adding such missing entries and provides a 

The Apache Software Foundation Announces the 10th Anniversary of Apache® HBase™

2020-05-13 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/m2pxf ]

Open Source distributed, scalable Big Data store celebrates a decade of 
processing zettabytes of data across highly scalable large tables for the 
Apache Hadoop ecosystem 

Wakefield, MA —13 May 2020— The Apache Software Foundation (ASF), the 
all-volunteer developers, stewards, and incubators of more than 350 Open Source 
projects and initiatives, announced today the tenth Anniversary of Apache® 
HBase™, the distributed, scalable data store for the Apache Hadoop Big Data 
ecosystem.

"The success of Apache HBase is the success of Open Source," said Duo Zhang, 
Vice President of Apache HBase. "Ten years after graduating as a TLP, HBase is 
still among the most active projects at the ASF. We have hundreds of 
contributors all around the world. We speak different languages, we have 
different skills, but we all work together to make HBase better and better. Ten 
year anniversary is not the end, but a new beginning, I believe our strong 
community will lead the project to a bright future."

HBase originated at Powerset in 2006 as an Open Source system to run on Apache 
Hadoop’s Distributed File System (HDFS), similar to how BigTable ran on top of 
the Google File System. In 2007, a significant code contribution was added to 
the Apache Hadoop codebase and was integrated into the Apache Hadoop 0.15.0 
release later that year. Development on HBase continued as a sub-project of 
Apache Hadoop, and graduated as an Apache Top-Level Project (TLP) in April 2010.

An Open Source, versioned, non-relational database, Apache HBase provides low 
latency random access to very large tables —billions of rows and millions of 
columns— atop clusters of non-specialized, commodity hardware. HBase reads, 
writes, and processes structured, semi-structured, and unstructured data in 
real-time environments.

Apache HBase is in use at thousands of organizations, including Adobe, Airbnb, 
Alibaba, Bloomberg, Flipkart, Huawei, HP, Hubspot, IBM, Microsoft, NetEase, 
Pinterest, Salesforce, Shopee, Tencent, Twitter, Xiaomi, and Yahoo! (now 
Verizon Media), among others.

Testimonials

"Congratulations on the 10th birthday of Apache HBase! Alibaba started to use 
HBase since January 2011 and has witnessed its growth and come along with the 
community through the years. The Apache HBase community has always been an open 
and powerful team that produced many stable, production-ready and widely used 
versions. Today at Alibaba, we have HBase clusters with more than 10k nodes 
serving hundreds of petabytes of data, as well as  more than 1,000 enterprise 
HBase users on Alibaba Cloud. We will continue collaborating with and 
contributing to the HBase community and wish us all ongoing success in future!"
—Chunhui Shen and Yu Li, members of the HBase team at Alibaba

"I have worked with Apache HBase for many years and I think it is a great 
product. it does what it says on the tin so to speak. Ironically if you look 
around the NoSQL competitors, most of them are supported by start-ups, whereas 
HBase is only supported as part of Apache suite of products by vendors like 
Cloudera, Hortonworks, MapR, etc. For those who would prefer to use SQL on top, 
there is Apache Phoenix around which makes life easier for the most SQL-savvy 
world to work on HBase: problem solved. For TCO, HBase is still value for money 
compared to others. You don't need expensive RAM or SSD with HBase. That makes 
it easy to onboard it in no time. Also HBase can be used in a variety of 
different business applications, whereas other commercial ones  are focused on 
narrower niche markets. Least but last happy 10th anniversary and hope HBase 
will go from strength to strength and we will keep using it for years to come!"
—Dr. Mich Talebzadeh, Chief Data Architect, Big Data

"Congratulations on the 10th anniversary of Apache HBase! Xiaomi started to use 
HBase in 2012, when our business started booming. Many key Xiaomi products and 
services, as well as Xiaomi's data analytics platform, require a new system to 
provide quick and random access to billions of rows of structured and 
semi-structured data. Traditional solutions are not able to handle the large 
volume of data brought by the quickly increasing Xiaomi user base. Among 
several available options, we choose HBase not only because it provides a rich 
set of features and excellent performance specs, but also because it has a very 
active, open and friendly community. Embracing open source has been part of 
Xiaomi's engineering culture, and our deep involvement in the development of 
Apache HBase demonstrates the best practices of Xiaomi's open source strategy. 
In the past several years, we have contributed tons of bug fixes and important 
features to HBase, and, in the meantime, we have contributed 9 committers and 3 
PMC members to the HBase community. Looking forward, we will continue to work 
closely with the Apache HBase community to help 

Success at Apache: Remote Collaboration in the Time of Coronavirus

2020-05-11 Thread Sally Khudairi
[this post is available online at https://s.apache.org/dkffj ]

by Marvin Humphrey

I "arrived" at the Apache Software Foundation in 2005, unreasonably angry about 
a bug in Apache Lucene.  By "arrived", I mean that I sent the first few emails 
among several thousand I would go on to send over the next 15 years — the ASF 
didn't have a physical office where I could show up to buttonhole and berate 
some unlucky customer service representative.  An unreasonably patient Lucene 
contributor named Doug Cutting talked me down.

Because the ASF has always been a virtual organization, the Coronavirus 
pandemic has had minimal impact on its day-to-day operations.  While individual 
contributors may be personally affected, at the collective level there's been 
no mad scramble to adapt.

Others have not been so fortunate.  All around the world organizations have 
been struggling to revamp their processes and infrastructure to comply with 
"social distancing" protocols.  Sadly, many have already laid off workers, or 
even closed their doors for good.

And yet, there is a huge pool of work which could conceivably be performed 
remotely but isn't yet — or which is suddenly being performed remotely but 
inefficiently.  If we can accelerate and streamline the transition to remote 
work, many jobs and businesses could be saved.  With some creativity, our 
interim "new normal" could be more propsperous, and perhaps sooner than we 
think!

Are you an Open Source contributor?  If so, you possess expertise in remote 
operations which is desperately needed in today's challenging economic 
environment.  Let's talk about what we know and how we can help.


The Internet Turns People Into Jerks

People type things at each other over the internet that they would never say to 
someone's face.  In person, we calibrate our language based on feedback we 
receive via facial expressions, tone of voice, and body language.  But when all 
communication is written, the feedback loop is broken — and all too easily, 
vicious words fall out of our fingertips.

Suddenly-remote workers may find themselves exposed to this phenomenon as 
conversations that once took place in the office migrate to Slack, email, and 
other text-centric communication channels.  But it can be tricky learning to 
recognize when a conversation being conducted via a text channel has gotten 
overheated — it takes an intuitive leap of empathy, possibly aided by dramatic 
reading of intemperate material a la Celebrities Read Mean Tweets 
https://www.youtube.com/playlist?list=PLs4hTtftqnlAkiQNdWn6bbKUr-P1wuSm0 on 
Jimmy Kimmel.

Open Source communities have grappled with incivility for as long as the 
movement has existed.  Over time, "ad hominem" personal attacks have gradually 
become taboo because of their insidious corrosive effect; there exists broad 
cultural consensus that you should attack the idea rather than person behind it.

Defenses have become increasingly formalized and sophisticated as more and more 
communities have adopted a "code of conduct".  While the primary purpose of 
such documents is guard gainst harassment and other serious misconduct, they 
often contain aspirational recommendations about how community members should 
treat each other — because serious misconduct is more likely to occur in an 
environment of constant low-grade incivility.

Regardless of whether your organization adopts a code of conduct, it won't hurt 
to raise awareness among remote team members of the suceptibility of text-based 
communications to incivility — so that they may identify and confront it in 
themselves and others and shunt everyone towards more constructive patterns of 
communication.


Keeping Everyone "In The Loop"

Coordination is a troublesome problem even when everyone works in the same 
office, but the difficulties are magnified in remote environments where it 
takes more effort to initiate and conduct conversations.  Teams can become 
fragmented and individuals can become isolated unless a culture is established 
of keeping everyone "in the loop".

At the ASF, the problem is especially acute because its virtual communities are 
spread out across the globe.  Due to time zone differences, it is typically 
infeasible to get all stakeholders together for a meeting — even a virtual 
meeting held via conference call or videochat.  Additionally, many stakeholders 
in ASF communities do not have the availability to participate in real-time 
conversations regularly because they are not employed to to work on projects 
full-time.

"Synchronous" communication channels like face-to-face, videochat, phone, text 
chat, and so on are good for rapid-fire iteration and refinement of ideas, but 
they effectively exclude anyone who isn't following along in real-time.  Even 
if conversations are captured, such as with AV-recorded live meetings or logged 
text chats, it is inefficient and often confusing to review how things went 
down after the fact.

The solution that the ASF 

Support Apache: #GivingTuesdayNow

2020-05-04 Thread Sally Khudairi
[this post is available online at https://s.apache.org/GivingTuesdayNow2020 ]

Support The Apache Software Foundation (ASF) and help the world's largest Open 
Source foundation continue to provide $20B+ worth of software for the public 
good at 100% no cost.

Apache projects are helping millions of individuals and businesses struggling 
with the COVID-19 pandemic in numerous ways, including:

1) Accessing one’s desktop remotely whilst working from home;

2) Ordering, warehousing, picking, shipping, dispatching, and tracking critical 
supplies worldwide;

3) Classifying and integrating 1.5B+ genetic data records;

4) Storing, extracting, linking, and processing terabytes of electronic medical 
records across thousands of servers;

5) Training large-scale, distributed deep learning libraries over clusters of 
hospital machines;

6) Developing machine learning cardiovascular disease prediction models; and

7) Supporting biobank research and real-time intensive care data analysis.


Your contribution helps ensure The Apache Software Foundation’s 350+ projects 
and initiatives remain accessible to all, absolutely free of charge. The 
not-for-profit ASF does not pay for development --all work on Apache projects 
is done by a volunteer community of more than 7,700+ Committers on six 
continents.

Donate today at https://donate.apache.org/ 

We thank you for your support during this unprecedented time.


#GivingTuesdayNow is a new global day of giving and unity taking place on 5 May 
2020 as an emergency response to the unprecedented need caused by the COVID-19 
pandemic. The annual GivingTuesday movement takes place  on the first Tuesday 
following Thanksgiving in the United States, and is the second largest giving 
day of the year. (1 December 2020).

# # #

NOTE: you are receiving this message because you are subscribed to the 
announce@apache.org distribution list. To unsubscribe, send email from the 
recipient account to announce-unsubscr...@apache.org with the word 
"Unsubscribe" in the subject line.


Success at Apache: bringing the Apache Beam firefly to life

2020-05-04 Thread Sally Khudairi
[this post (and accompanying images) are available online at 
https://s.apache.org/bmq4l ]

by Julián Bruno

Creating the Apache Beam firefly was the first opportunity I had to contribute 
my skills as a designer and illustration artist to an open source project. I 
didn’t know anybody working in open source until I moved to San Francisco from 
Buenos Aires, Argentina. I knew about open source software for video games, 
like Unity or Unreal Engine... This allowed gamers to make modifications, like 
adding new levels or creating new character models, and upload them to the same 
engine that hosted the original game for other gamers to use. This practice 
enabled a sense of community, where users can share ideas, passions, and 
express creativity. There are so many things you can do when you work in 
collaboration with others. This spirit of community is one of the things that 
made me excited about contributing to Apache Beam. 

Living in an area where technology is everywhere really piqued my interest and 
drove my curiosity to understand how technology evolves. When the opportunity 
came to contribute to Apache Beam, I was interested right away. I didn’t know 
about the project before I got involved, and I certainly didn’t know there was 
a community behind it, working together to build this amazing solution. 
Building a mascot for a group of people is different from working for a brand 
because this firefly represents a group of people and what they find valuable. 
There is an extra layer that makes it more human. For this type of work, 
designing a mascot is usually a decision reserved for a small group, and the 
larger community is not involved. It is refreshing and very meaningful that the 
community had a chance to step into the process. I saw it as an opportunity for 
self-expression,participation, and one more exercise in community building. 

In order for this process to be inclusive, I built a group-wide communication 
system for the community to input during the process. I think that having open 
and frequent communication was key because, ideally, I wanted everyone to feel 
that the mascot represents them. I created questions that would help Apache 
Beam contributors understand what I needed as an illustrator. The questions 
helped me understand what they liked. This ensured that the mascot was aligned 
with the community’s taste. Some questions were about colors and visual styles 
they preferred, if the eyes are too big or small, and preferred line art style. 
There were 4 rounds of feedback, plus a final vote, where 18 people 
participated. Engagement increased with every new round. The Apache Way for 
communities to operate reminded me of a lot of animation forums I participated 
in the early 2000s. I’m glad to see that some of these practices are still 
around, because they help make processes more inclusive and build a sense of 
community.

[see images at https://s.apache.org/bmq4l ]

This communication with the Apache Beam community helped me to create a mascot 
with features that are unique to the project. When I started, I was given a few 
concepts that I needed to work with, such as: cute, innovative, fast, data 
processing, and futuristic. The first few decisions, like making the mascot 
look as aerodynamic as possible were easy to make. Conveying "data processing" 
was a bit harder to figure out, butI eventually chose to communicate this 
concept by changing the mascot's color. What really gave the mascot its unique 
identity came from using Pokémon-like character style. I built the rhetoric for 
Apache Beam's logo by combining two concepts that have nothing to do with each 
other, Pokémon and data streaming, and created something new. 

[see images at https://s.apache.org/bmq4l ]

In the end, I created the Apache Beam mascot and its model sheet, so that 
anyone can reproduce it, a version of the mascot learning (a key focus for the 
project at the moment), and a version of the firefly doing what it does best… 
stream data! I really enjoyed working for Apache Beam and contributing my 
skills as an illustration artist to open source. I think the most interesting 
part is the community: creating something in collaboration with others adds a 
lot of value to what you are making for the world.

[see images at https://s.apache.org/bmq4l ]


Julián is a digital artist based in San Francisco, California. He has spent 
over 10 years in the animation industry and has developed his skills in art 
direction, 2D animation, illustration, and visual art development. My passions 
include art and cartoon animation, as well as connecting with people and 
creating new projects. He was born and raised in Buenos Aires, Argentina, where 
he studied Graphic Design at University of Buenos Aires (UBA). Find Julián's 
work on Artstation and Instagram.

= = =

"Success at Apache" is a monthly blog series that focuses on the processes 
behind why the ASF "just works" 

  1   2   3   4   5   6   >