The Apache News Round-up: week ending 24 June 2022
Happy Friday, everyone --let's review the Apache community's activities from over the past week: ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998. - FINAL CALL: Travel Assistance available for ApacheCon North America. Application deadline 1 July https://apache.org/travel/ ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Next Board Meeting: 20 July 2022. Running Board calendar and minutes are available. https://apache.org/foundation/board/calendar.html ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock. http://www.apache.org/uptime/ - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages. Apache Code Snapshot – Over the past week, 306 Apache Committers and 829 contributors changed 2,186,931 lines of code over 3,155 commits. Top five contributors, in order, are: Sebastian Rühl, Mark Thomas, Ivan Zhakov, Gary Gregory, and Andriy Redko. Apache Project Announcements – the latest updates by category. Big Data -- - Apache Druid 0.23.0 released https://druid.apache.org/ - Apache Kyuubi (Incubating) 1.5.2-incubating released https://kyuubi.apache.org/ - Apache ShardingSphere 5.1.2 released https://shardingsphere.apache.org/ Databases -- - Apache Geode 1.15.0 released https://geode.apache.org/ Middleware -- - Apache Karaf runtime 4.2.16 released https://karaf.apache.org/ Observability -- - Apache SkyWalking Java Agent 8.11.0 released https://skywalking.apache.org/ Search -- - Apache Lucene 8.11.2 released https://lucene.apache.org/core/ - Apache Solr 8.11.2 released https://solr.apache.org/ Servers -- - Apache Tomcat CVE-2022-34305 - XSS in examples web application https://lists.apache.org/thread/bncqklppl3j2djw70vw47pjmpbgp20jp Web Frameworks -- - Apache Portals Jetspeed-2, Bridges and Applications are now retired as dormant http://portals.apache.org/ Workflow - - New Apache Airflow Providers released https://airflow.apache.org/ Did You Know? - Did you know that Lyft uses Apache Beam to enable real-time ML streaming feature generation and model execution, optimize Marketplace ML predictions, and process ~4 million events/minute? https://beam.apache.org/ - Did you know that eCommerce platform Fordeal's Big Data platform scheduler is powered by Apache DolphinScheduler? https://dolphinscheduler.apache.org/ - Did you know that Apache Druid's extremely efficient data representation as rollup makes it the database of choice for AdTech data? https://druid.apache.org/ Apache Community Notices - Apache in 2021 - By The Digits https://s.apache.org/Apache2021Digits - Watch "Trillions and Trillions Served", the documentary on the ASF https://www.youtube.com/watch?v=JUt2nb0mgwg 1) full feature [49 min] https://www.youtube.com/watch?v=JUt2nb0mgwg 2) "Apache Everywhere" [6 min] https://www.youtube.com/watch?v=nXtIti9jMFI 3) "Why Apache" [2.5 min] https://www.youtube.com/watch?v=YM5dLvNatRs 4) "Apache Innovation" [40 min] https://www.youtube.com/watch?v=qkvqJaX4S50 - ASF Annual Report: FY2021 (PDF) https://www.apache.org/foundation/docs/FY2021AnnualReport.pdf - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI - Foundation Reports and Statements http://www.apache.org/foundation/reports.html - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel. https://www.youtube.com/c/TheApacheFoundation/ - "Success at Apache" focuses on the people and processes behind why the ASF "just works." https://blogs.apache.org/foundation/category/SuccessAtApache - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn. https://twitter.com/TheASF and https://www.linkedin.com/company/the-apache-software-foundation - Follow the Apache Community on Facebook and Twitter. https://www.facebook.com/ApacheSoftwareFoundation/ and https://twitter.com/ApacheCommunity - Are your software solutions Powered by Apache? Download & use our "Powered By" logos. http://www.apache.org/foundation/press/kit/#poweredby Stay updated about The ASF For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers. https://twitter.com/PlanetApache === NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the
The Apache Software Foundation Announces Apache® Doris™ as a Top-Level Project
[this announcement is available online at https://s.apache.org/7l5y1 ] Open Source Big Data MPP analytical database engine in use at Baidu, JD, Meituan, Sina, Tencent, and Xiaomi, among others. Wilmington, DE —16 June 2022— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® Doris™ as a Top-Level Project (TLP). Apache Doris is a modern, easy-to-use MPP (massively parallel processing) analytical database system that provides sub-second queries and efficient real-time data analysis. The project was originally developed at Baidu as "Palo", was open-sourced in 2017, and entered the Apache Incubator in July 2018. "We are very proud that Doris graduated from the Apache Incubator —it is an important milestone," said Mingyu Chen, Vice President of Apache Doris. "Under the guidance of our incubator mentors, we learned how to successfully develop our project and community the Apache Way. We have achieved great growth during the incubation process." Apache Doris is a database system for OLAP (online analytical processing) scenarios. It integrates Apache Impala, Google Mesa, and state-of-art vectorization technologies to provide sub-second queries and efficient real-time data analysis. Apache Doris meets rigorous data analysis demands in many business fields that include multi-dimensional reporting, user portrait, ad-hoc query, and real-time dashboards. Features include: - High performance: Use column storage, index, parallel execution, vectorization technology, query optimizer and many other technologies to achieve fast query response. - Easy-to-use: ANSI SQL syntax support. It can be easily scaled horizontally, and the data replica is automatically repaired and balanced. Does not rely on third-party services. - Pre-aggregation: Provides multiple pre-aggregation data models and ensures data consistency and automatic query routing. - Big Data ecosystem integration: Supports the connection with Apache Flink, Apache Hive, Apache Hudi, Apache Iceberg, Apache Spark, and ElasticSearch, among other systems. Developers using Apache Doris enjoy its simplicity in deploying to hundreds of terabytes, and the ability to meet a variety of data-serving requirements in a single system. Doris is in use at more than 500 enterprises globally, across a variety of industries such as finance, energy, manufacturing, and telecommunications, among other fields. Many of China’s top 50 Internet companies use Apache Doris, including 360, Baidu, ByteDance, JD, Kwai, Meituan, Netease, Sina, Tencent, and Xiaomi, among others. The project recently celebrated the release of Apache Doris 1.0, its eighth release whilst undergoing development in the Apache Incubator (along with six Connector releases), and also welcomed its 300th contributor. "Graduation is the starting point of a new journey," added Chen. "Our many plans for the future include continuing to develop Apache Doris, with new contributors and open source technology enthusiasts joining us to help grow our project and community together in the Apache Way." Catch Apache Doris in action at ApacheCon Asia 2022, taking place 29-31 July https://www.apachecon.com/acasia2022/. Availability and Oversight Apache Doris software is released under the Apache License v2.0 and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. For downloads, documentation, and ways to become involved with Apache Doris, visit https://doris.apache.org/ . About the Apache Incubator The Apache Incubator is the primary entry path for projects and codebases wishing to become part of the efforts at The Apache Software Foundation. All code donations from external organizations and existing external projects enter the ASF through the Incubator to: 1) ensure all donations are in accordance with the ASF legal standards; and 2) develop new communities that adhere to our guiding principles. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF. For more information, visit http://incubator.apache.org/ . About The Apache Software Foundation (ASF) Established in 1999, The Apache Software Foundation is the world's largest Open Source foundation, stewarding 227M+ lines of code and providing more than $22B+ worth of software to the public at 100% no cost. The ASF’s all-volunteer community grew from 21 original founders overseeing the Apache HTTP
The Apache Software Foundation Announces Apache® AGE™ as a Top-Level Project
[this announcement is available online at https://s.apache.org/nycu1 ]
Open Source PostgreSQL extension for graph database functionality in use in
government agencies, research and education institutions, utility providers,
and more.
Wilmington, DE —8 June 2022— The Apache Software Foundation (ASF), the
all-volunteer developers, stewards, and incubators of more than 350 Open Source
projects and initiatives, announced today Apache® AGE™ as a Top-Level Project
(TLP).
Apache AGE ("A Graph Extension") is a PostgreSQL extension that provides graph
database functionality. The project was originally developed in 2019 as an
extension to AgensGraph (Bitnine Global's multi-model database fork of
PostgreSQL), and entered the Apache Incubator in April 2020.
"It is incredible to see how far the AGE project has come to its maturity by
graduating as a Top-Level Project from the Apache Incubator, which demonstrates
the project's ability to self-govern, and furthermore to be a part of the
broader ASF community," said Eya Badal Abdisho, Vice President of Apache AGE.
"With AGE, our goal is to provide a multi-model database that is designed to be
simple and user-friendly, which simultaneously supports the relational and
graph data model. AGE enables users to integrate the legacy relational data
model and the flexible graph data model in one database."
AGE is a PostgreSQL extension that adds graph query functionality to
Postgresql. Through using the Cypher query language in accordance with the
openCypher specification, users can access, store and query graph data using
PostgreSQL. Users may read and write nodes and edges stored in Postgres, as
well as use various algorithms such as variable length edge traversal to
analyze data in AGE. Other features include:
- Support for openCypher query language
- Hybrid querying using SQL and Cypher
- Querying multiple graphs
- Property indexes on both vertices and edges
- Integration with Postgres' existing features
Hybrid queries are queries using both openCypher and SQL together. These
queries allow data to move between the regular relational database and the
graph representation that AGE provides.
AGE is in use across a variety of user organizations, including government
agencies, research and education institutions, and utility providers, among
others.
"We are very pleased that Apache AGE is the first formal graph database project
of the Apache Software Foundation to achieve top-level graduation. We believe
that it is a result that proves the development of the only graph database
extension based on RDB," said Cheolsun Kang, CEO of Bitnine Global. "In the
future, Bitnine Global will continue to support the development of Apache AGE.
We are advancing our product by developing a service subscription model based
on Apache AGE product support."
"I have been advising my clients to watch this space. The potential of Apache
AGE, as a multi-model database, to fill an unmet ‘best of both worlds’ niche
was evident," said Jasper Blues, CEO of Liberation Data. "With the community
behind it, I’m not at all surprised in the way that AGE has blazed ahead
towards that prospective future.
Congratulations to the Apache AGE community on the successes to date! With this
graduation milestone, I’m proud to recommend AGE to a number of clients in the
SE Asia/Oceania region. For them, a CYPHER-compatible ACID graphDB built on a
rock solid foundation is perfect for their business cases."
"Postgres’s fundamental architecture has created a rich ecosystem of extensions
and made Postgres the de-facto choice for developers and enterprises looking
for a next-generation flagship data platform. AGE continues to build on that
tradition and adds powerful graph analytics functionality to the traditional
relational data platforms," said Mahboob Alam, Postgres community advocate.
"Melding traditional analytics and real-time graph intelligence is going to be
a game-changer and AGE will be instrumental in this exciting future."
The project recently released Apache AGE v1.0.0-incubating, the sixth release
whilst undergoing development in the Apache Incubator. Future releases of
Apache AGE will support PostgreSQL 12 and higher, more key features from
AgensGraph, and will be further improved to be a compatibility extension for
all relational DB, starting with integration into MySQL and MariaDB.
"Graduating as an Apache Top-Level Project is only the beginning, our journey
continues through the excellent efforts of the greater Apache AGE community,"
added Badal Abdisho. "Join our community. We always welcome new additions and
contributions to the Apache AGE project to help data communities explore and
utilize the benefits of graph technologies, under the Apache Way."
Catch Apache AGE in action at ApacheCon Asia 2022 (29-31 July;
https://apachecon.com/acasia2022/), and PostgreSQL Conference Europe (25-28
October; https://2022.pgconf.eu/)
Availability and
The Apache Software Foundation Announces Apache® YuniKorn™ as a Top-Level Project
[this announcement is available online at https://s.apache.org/p0lt5 ] Open Source universal Big Data and Machine Learning resource scheduler in use at Alibaba, Apple, Cloudera, Lyft, Visa, and Zillow, among others. Wilmington, DE —16 May 2022— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® YuniKorn™ as a Top-Level Project (TLP). Apache YuniKorn is a cloud-native, standalone Big Data and Machine Learning resource scheduler for batch jobs and long-running services on large scale distributed systems. The project was originally developed at Cloudera in March 2019, entered the Apache Incubator in January 2020, and graduated as a Top-Level Project in March 2022. "The Apache YuniKorn community is striving together to solve the resource scheduling problems on the cloud," said Weiwei Yang, Vice President of Apache YuniKorn. "It's really great to see the Apache Way shine in the incubating process of YuniKorn. We are lucky to have such an open, collaborative, and diverse community, which is sympathetic and cares about everyone's success. This motivates us to keep evolving and gets better every day." Apache YuniKorn natively supports Big Data application workloads and mixed workloads, and provides a unified, cross-platform scheduling experience. Features include: - Cloud native —runs on-premise and in a variety of public cloud environments; maximizes resource elasticity with better throughput. - Hierarchical resource queues —efficiently manages cluster resources; provides the ability to control the resource consumption for each tenant. - Application-aware scheduling —recognizes users, applications, and queues; schedules according to submission order, priority, resource usage, and more. - Job ordering —built-in robust scheduling capabilities; supports fairness-based cross-queue preemption, hierarchies, pluggable node sorting policies, preemption, and more. - Central management console —monitors performance across different tenants; one-stop-dashboard tracks resource utilization for managed nodes, clusters, applications and queues. - Efficiency —reduces resource fragmentation and proactively triggers up-scaling; cloud elasticity lowers overall operational costs. In addition, the Project has announced the release of Apache YuniKorn v1.0, the fifth update since entering the Apache Incubator. Improvements include: - Decreased memory and cpu usage - Extended metrics and diagnostics information - New deployment model supporting future upgrades - Technical preview of the plugin deployment mode Optimized to run Apache Spark on Kubernetes (open source software container orchestration system), Apache YuniKorn’s performance makes it an optional replacement to the Kubernetes default scheduler. Apache YuniKorn excelled in benchmark tests with other schedulers in resource sharing, resource fairness, preemption, gang scheduling, and bin packing categories, with throughput exceeding 610 allocations per second across 2,000 nodes. YuniKorn is in use at Alibaba, Apple, Cloudera, Lyft, Visa, and Zillow, among others. "We're thrilled to see this offering come to fruition. Apache YuniKorn powers Apache Spark workloads for Cloudera Data Engineering (CDE), a key Kubernetes-based service supporting the Cloudera Data Platform," said Vinod Kumar Vavilapalli, Senior Director, Engineering at Cloudera and former PMC chair of Apache Hadoop. "As part of Cloudera’s Public and Private Cloud offerings, Apache YuniKorn adds tremendous flexibility and control when running large-scale analytics, enabling customers to better optimize the performance and value of their deployments." "Apache YuniKorn is an essential infra service for bringing Big Data/ML workloads onto the cloud," said Chunde Ren, Engineering Manager at Alibaba Big Data Open-source team. "YuniKorn brings better scheduling capabilities, performance, elasticity, and usability for running workloads on Kubernetes, especially for Big Data and Machine Learning workloads, which benefits many users on the cloud. It's a great pleasure for us to have participated in the YuniKorn community since its inception and to see it grow up to be a Top-Level Project." "Apache YuniKorn is becoming a popular choice for those who want to run Big Data workloads on Kubernetes, with more use cases developing," added Yang. "We welcome all who are interested to join the YuniKorn community and work with us on solving these challenging problems." Catch Apache YuniKorn in action at Kubernetes Batch + HPC Day Europe (17 May 2022 in Valencia, Spain https://sched.co/10F0t ) and Spark AI Summit 2022 (27-30 June in San Francisco and online https://databricks.com/dataaisummit/north-america-2022/agenda/?sessionid=1388 ). Availability and Oversight Apache YuniKorn software is released under the Apache License v2.0 and is
The Apache Weekly News Round-up: week ending 15 April 2022
Happy Friday, everyone --here's what the Apache community has been up to over the past week: ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998. - CFP for ApacheCon North America 2022 (taking place 3-6 October in New Orleans) is now open https://blogs.apache.org/conferences/entry/call-for-presentations-apachecon-north - Travel Assistance applications for ApacheCon are open until 1 July https://apache.org/travel/ ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Next Board Meeting: 20 April 2022. Running Board calendar and minutes are available. https://apache.org/foundation/board/calendar.html ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at 99.99%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages. http://www.apache.org/uptime/ Apache Code Snapshot – Over the past week, 402 Apache Committers and 1,048 contributors changed 17,760,803 lines of code over 5,646 commits. Top 5 contributors, in order, are: Otavio Rodolfo Piske, Andi Huber, Jinrui.Zhang, Liang Zhang, and Dillon Walls. Apache Project Announcements – the latest updates by category. Incubator --where new Apache projects (aka "podlings") are mentored in the Apache Way of community-led development. - Apache brpc (incubating) 1.1.0 released http://brpc.apache.org/ Attic --provides process and solutions when an Apache project has reached its end of life. - Apache River is now retired https://lists.apache.org/thread/xc7v5rd2g3b57yhz54hpx73jn5b5tttx Big Data -- - Apache Bigtop 3.0.1 released https://bigtop.apache.org/ - Apache ShardingSphere 5.1.1 released https://shardingsphere.apache.org/ Business Intelligence/Data Visualization -- - Apache Superset CVE-2022-27479: SQL injection vulnerability in chart data API Messaging -- - Apache Qpid ProtonJ2 1.0.0-M5 released http://qpid.apache.org/ Observability -- - Apache SkyWalking 9.0.0, Client JS version 0.8.0, and Java Agent 8.10.0 released https://skywalking.apache.org/ Web Frameworks -- - Apache Struts 2.5.30 released https://struts.apache.org/ - Apache Struts CVE-2021-31805: Forced OGNL evaluation ... https://lists.apache.org/thread/xwfch60nxnkkhl38f5lc52n0qq27g7cr - Apache Wicket 9.9.1 released https://wicket.apache.org/ Workflow -- - New Apache Airflow Providers released https://airflow.apache.org/ Did You Know? - Did you know that Apache APISIX Summit Asia will be held online 20-21 May? https://s.apache.org/rhzue - Did you know that the next Apache Airflow Community Meetup is taking place on 20 April 2022? https://www.crowdcast.io/e/airflow-meetup-april/register - Did you know that demand for Apache Syncope identity management artifacts were downloaded 22.5K times over the last month? https://syncope.apache.org/ Apache Community Notices - Apache in 2021 - By The Digits https://s.apache.org/Apache2021Digits + Video highlights https://youtu.be/GU0SV_2tWkU - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature https://www.youtube.com/watch?v=JUt2nb0mgwg [49 min] 2) "Apache Everywhere" https://www.youtube.com/watch?v=nXtIti9jMFI [6 min] 3) "Why Apache" https://www.youtube.com/watch?v=YM5dLvNatRs [2.5 min] 4) "Apache Innovation" https://www.youtube.com/watch?v=qkvqJaX4S50 [40 min] - ASF Annual Report: FY2021 (PDF) https://www.apache.org/foundation/docs/FY2021AnnualReport.pdf - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI - Foundation Reports and Statements http://www.apache.org/foundation/reports.html - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel https://www.youtube.com/c/TheApacheFoundation/ . - "Success at Apache" https://blogs.apache.org/foundation/category/SuccessAtApache focuses on the people and processes behind why the ASF "just works." - Follow the ASF on social media: @TheASF on Twitter https://twitter.com/TheASF and The ASF page LinkedIn https://www.linkedin.com/company/the-apache-software-foundation . - Follow the Apache Community on Facebook https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter https://twitter.com/ApacheCommunity . - Are your software solutions Powered by Apache? Download & use our "Powered By" logos. http://www.apache.org/foundation/press/kit/#poweredby Stay updated about The ASF For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select
The Apache Software Foundation Welcomes 52 New Members
[this announcement is available online at https://s.apache.org/ys8sk ] The Apache Software Foundation (ASF) welcomes the following new Members who were elected during the annual ASF Members' Meeting on 1 and 3 March 2022: Akira Ajisaka, Ahmet Altay, Mike Beckerle, Ash Berlin-Taylor, László Bodor, Michael Bolz, Javier Borkenztain, Robert Bradshaw, Etienne Chauchot, Zili Chen, Marcus Christie, Ed Coleman, Lidong Dai, Heng Du, Eric Friedrich, Sunil Govindan, Anshum Gupta, Xiaoqiao He, Alex Herbert, Jim Hughes, Zhiyuan Ju, Zhenxu Ke, Calvin Kirs, Carter Kozak, Benjamin Lerer, Yizhi Liu, Alfonso Nishikawa Muñumer, Lukas Ott, Eric Payne, Brian Proffitt, Lee Rhodes, Kevin Risden, Alexey Romanenko, Ryan Skraba, Mechtilde Stehmann, Michael Stehmann, Kouhei Sutou, Jerry Tan, Zhankun Tang, Chia-Ping Tsai, Isuru Udana, Dimuthu Upeksha, Talat Uyarer, Roger Whitcomb, Liu Xun, Weiwei Yang, Volkan Yazici, Tilmann Zäschke, Stamatis Zampetakis, Wenli Zhang, Yanhui Zhao, Xinyu “Yukon” Zhou. In addition, ASF Members Eric Pugh and Jason van Zyl have been reinstated from emeritus status. The ASF incorporated in 1999 with a core membership of 21 individuals who oversaw the progress of the Apache HTTP Server. This group grew with Committers —developers who contributed code, patches, documentation, and other contributions, and were subsequently granted access by the Membership: - to "commit" or "write" directly to Apache code repositories as well as make non-code contributions; - the right to vote on community-related decisions; and - the ability to propose an active contributor for Committership. Those Committers who demonstrate merit in the Foundation's growth, evolution, and progress are nominated for ASF Membership by existing Members. This election brings the total number of active ASF Members to 918 today. Individuals elected as ASF Members legally serve as the "shareholders" of the Foundation https://www.apache.org/foundation/governance/members.html For more information, visit - How the ASF works http://www.apache.org/foundation/how-it-works.html - Apache Is Open https://blogs.apache.org/foundation/entry/apache-is-open - Briefing: The Apache Way http://apache.org/theapacheway/ # # # NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
Success at Apache: "My experience with the Apache Way —a perfect society?"
[this post is available online at https://blogs.apache.org/foundation/entry/success-at-apache-my-experience ] by Etienne Chauchot I have been working in software engineering for more than 15 years. I've always contributed to Open Source software as a user or a developer. But I've been contributing to Apache Software Foundation (ASF) https://www.apache.org/ projects such as Apache Flink https://flink.apache.org/ , Apache Beam https://beam.apache.org/ or Apache Spark https://spark.apache.org/ for nearly 6 years. It is long enough for me to say that I find the Apache Way is almost the best way to collaborate on software engineering. I will not describe the Apache way here as there is a lot of good information about that already. I would rather link to the official Apache documentation http://www.apache.org/theapacheway/ . I humbly suggest that you read what it is if you don't know it already. My point here is to talk about the Apache Way in practice as I’ve experienced it. Of course, every Apache community is different, but what I wanted to emphasize is that applying the Apache Way by the book could lead to what I'd call a "perfect society" even if this word seems a bit naive and over optimistic, or even utopian. A perfect society Actually, working with the Apache way was a revelation to me! ASF projects are governed by merit: what you do inside the community is noted, you get credit and it can lead to you obtaining more rights (direct access to the project repositories, election of committers https://community.apache.org/contributors/ etc.). Merit also drives decisions, discussing solutions and building consensus or voting for the best one helps lead to the best possible state of the project in the end. The best idea always wins in the long term. The software is not driven by companies: no vendor concerns should take precedence over community. Consider how the ASF creates new top-level projects (TLP): a project starts in the Apache Incubator and is mentored by people who have already participated in successful Apache projects. When the mentors agree a project is ready, healthy and following The Apache Way, the ASF Board can approve its graduation from the Incubator to become a self-governing TLP. So the project is managed by the community itself and not by a single company and its private financial considerations. This helps drive the best decisions for the software itself and ensures long term maintenance of the software. It is inclusive: the key aspect is that every voice matters, and that everyone is considered equal no matter their personal background, education, ethnicity or nationality, every contribution is good to take. Community members recognize that people skills may be different and complementary to theirs. So contributions might come from anyone, from anywhere and in any form (blog post, documentation, talk, code, website...) ASF communities are welcoming: they are in constant search for new talents to join their forces. Being welcoming is very important to build and grow a community. The Open source community is also a great place for people to grow. The way people collaborate is generally by mentoring. Experienced contributors help newcomers or experts share their thoughts with others. It is really also a good way for mentors to share their passion and inspire mentees. Mentoring is in the DNA of the ASF starting with the Incubator https://incubator.apache.org/ when the podling community profits from the experience and advice of a mentor to grow in the Apache Way and become a top level project https://www.apache.org/dev/project-requirements . Communities are self-organized: there is no manager but only technical leaders and mentors. Each community has a PMC that guides its governance, but its responsibilities don’t include assigning work and expecting it to be done. People are self-motivated and I must say that it is the best form of motivation ever! I’ve found the decision-making simple and efficient: there is no solely decision, feedback is always very important. People are willing to share their thoughts and solve problems together. Community members have a collaborative mindset: they are positive, act constructively and their comments are in the best interest of the project and the community. They are willing to share their thoughts, review PRs, share advice, accept change requests or bug tickets. People are willing to accept criticism without being defensive. The master word is transparency. Last but not least, I’ve seen most people behave gently: the fact that every communication is public guides people to communicate in a positive way. Indeed one of the ASF guiding concepts is "what did not happen publicly didn’t happen" – often said as “what didn’t happen on the mailing list, didn’t happen” but of course this concept can be generalized to any communication tool we use. Examples of good communication I’ve seen in
The Apache Weekly News Round-up: week ending 4 March 2022
We're opening March with a cracking week. Here's what the Apache community has been up to: Sponsor Apache – a number of tax-deductible sponsorships help offset the ASF's day-to-day operating expenses that include infrastructure support, bandwidth, connectivity, servers, hardware, development environments, legal counsel, accounting services, trademark protection, marketing and publicity, educational events, and more. - The Apache Software Foundation Welcomes VMware as its Newest Platinum Sponsor https://blogs.apache.org/foundation/entry/the-apache-software-foundation-welcomes11 ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Announcing New ASF Board of Directors, elected during this week's Members' Meeting. https://blogs.apache.org/foundation/entry/announcing-new-asf-board-of4 - Next Board Meeting: 16 March 2022. Running Board calendar and minutes are available. https://apache.org/foundation/board/calendar.html ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages. http://www.apache.org/uptime/ Apache Code Snapshot – Over the past week, 332 Apache Committers changed 880,561 lines of code over 3,128 commits. Top 5 contributors, in order, are: Olivier Lamy, Andrea Cosentino, Claus Ibsen, Sebastian Rühl, and Eric Milles. Apache Project Announcements – the latest updates by category. Application Servers/Middleware -- - Apache Karaf Decanter 2.9.0 released https://karaf.apache.org/ Content -- - Apache Jackrabbit Oak 1.22.11 released http://jackrabbit.apache.org/ - Apache POI 5.2.1 released https://poi.apache.org/ - CVE-2022-26336: poi-scratchpad: A carefully crafted TNEF file can cause an out of memory exception https://lists.apache.org/thread/hqc0ohg0z1j0p4ysm3y4ct6g2d8sjc2b FinTech -- - Apache Fineract 1.6.0 released http://fineract.apache.org/ Libraries -- - Apache PDFBox JBIG2 ImageIO plugin 3.0.4 released https://pdfbox.apache.org/ Logging Services -- - Apache Log4j 2.17.2 released https://logging.apache.org/log4j/2.x/index.html Network Application Framework -- - Apache MINA FtpServer 1.1.3 released https://mina.apache.org/ Servers -- - Apache Tomcat 9.0.59, 10.0.17 and 10.1.0-M11 (alpha) released http://tomcat.apache.org/ Workflow -- - CVE-2021-45229: Apache Airflow: Reflected XSS via Origin Query Argument in URL https://lists.apache.org/thread/o80q468nzrds1on5lll54s1s24l5q0w2 Did You Know? - Did you know that the Apache Ignite community's CFP for IgniteSummit (taking place online 14 June) closes on 29 April? https://ignite.apache.org/events.html - Did you know that HugeGraph (incubating), a large-scale and easy-to-use graph database that stores and queries billions of vertices and edges, is the newest podling undergoing development in the Apache Incubator? https://incubator.apache.org/ - Did you know that the ASF manages 2,180 mailing lists, 486 of which are private? Over the past year, 19,053 authors sent 1,946,990 emails on 869,461 topics! https://apache.org/foundation/mailinglists.html Apache Community Notices - Apache in 2021 - By The Digits https://apache.org/foundation/mailinglists.html + Video highlights https://youtu.be/GU0SV_2tWkU - The Apache Month in Review: January 2022 https://s.apache.org/January2022 and video highlights https://youtu.be/goxIRFMIi-w - Watch "Trillions and Trillions Served" https://www.youtube.com/watch?v=JUt2nb0mgwg , the documentary on the ASF 1) full feature [49 min] https://www.youtube.com/watch?v=JUt2nb0mgwg 2) "Apache Everywhere" [6 min] https://www.youtube.com/watch?v=nXtIti9jMFI 3) "Why Apache" [2.5 min] https://www.youtube.com/watch?v=YM5dLvNatRs 4) “Apache Innovation” [40 min] https://www.youtube.com/watch?v=qkvqJaX4S50 - ASF Annual Report: FY2021 -- Press release https://blogs.apache.org/foundation/entry/the-apache-software-foundation-announces78 and Report (PDF) https://www.apache.org/foundation/docs/FY2021AnnualReport.pdf - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI - Foundation Reports and Statements http://www.apache.org/foundation/reports.html - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel. https://www.youtube.com/c/TheApacheFoundation/ - "Success at Apache" focuses on the people and processes behind why the ASF "just works." https://blogs.apache.org/foundation/category/SuccessAtApache - Follow the ASF on social media: @TheASF on Twitter https://twitter.com/TheASF and The ASF page LinkedIn. https://www.linkedin.com/company/the-apache-software-foundation - Follow the Apache Community on Facebook
Announcing New ASF Board of Directors
[this announcement is available online at https://s.apache.org/djzeh ] At The Apache Software Foundation (ASF) Annual Members' Meeting held this week, the following individuals were elected to the ASF Board of Directors: - Rich Bowen (former Director) - Bertrand Delacretaz (current Director) - Christofer Dutz (new Director) - Roy T. Fielding (current Director) - Sharan Foga (current Director) - Willem Jiang (new Director) - Sam Ruby (current Director) - Roman Shaposhnik (current Director) - Sander Striker (current Director) The ASF thanks Justin Mclean, Craig Russell, and Sheng Wu for their service, and welcomes our new and returning directors. An overview of the ASF's governance, along with the complete list of ASF Board of Directors, Executive Officers, and Project/Committee Vice Presidents, can be found at http://apache.org/foundation/ For more information on the Foundation's operations and structure, see http://apache.org/foundation/how-it-works.html#structure # # # NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
The Apache Software Foundation Welcomes VMware as its Newest Platinum Sponsor
[this announcement is available online at https://s.apache.org/4kupl ] Wilmington, DE —3 March 2022— The Apache Software Foundation (ASF) today welcomed VMware as its latest sponsor at the Platinum level. "We are happy to welcome VMware as a Platinum Sponsor," said Bob Paulin, ASF Vice President Fundraising. "Sponsoring the ASF provides essential funds and services that enable us to support more than 300 Apache Projects and their communities on a day-to-day basis. We are grateful for VMware's generosity as it helps us further our mission of providing software for the public good." "Some of the most important open source projects are ASF projects. VMware customers build and deploy a wide range of products built using the Apache HTTP Server, Tomcat, and Geode, among others," said Dawn Foster, Director of Open Source Community Strategy at VMware. "We are delighted to support the ASF with our sponsorship in addition to the contributions our team members have been making to projects like Apache Geode. It is important to support neutral foundations, like the ASF, that create a level playing field for open source projects where we can all collaborate together as equals." VMware joins the following organizations: ASF Sponsors - Platinum level --Amazon Web Services, Facebook, Google, Huawei, Microsoft, Namebase, Pineapple Fund, Tencent Cloud, and Yahoo!; - Gold level --Anonymous, Baidu, Bloomberg, Cloudera, Confluent, IBM, Indeed, Union Investment, and Workday; - Silver level --Aetna, Alibaba Cloud Computing, Capital One, Comcast, Didi Chuxing, LINE Corporation, Red Hat, Replicated, Talend, and Target; - Bronze level --Bestecasinobonussen.nl, Cafe24, Cerner, Crafter CMS, Curity, Goread.io Followers, GridGain, HotWax Systems, LeoVegas Indian Online Casino, Miro-Kredit AG, Paf, PureVPN, RX-M, RenaissanceRe, Sentry, Software Guru DevRel, Technology Innovation Institute, The Blog Starter, Twitter, and Writers Per Hour. Targeted Sponsors - Platinum level --Amazon Web Services, CloudBees, DLA Piper, Fastly, GitHub, JetBrains, JFrog, Leaseweb, Microsoft, OSU Open Source Labs, Sonatype, and Yahoo!; - Gold level --Atlassian, Datadog, DinoSource, Docker, and PhoenixNAP; - Silver level --Hotwax Systems, Instaclustr, Rackspace, Xiaomi; - Bronze level --Education Networks of America, Friend of Apache Cordova, Google, Hopsie, No-IP, PagerDuty, Peregrine Computer Consultants Corporation, Sonic.net, SURFnet, and Virtru. For more information on becoming a Sponsor of the ASF, please see http://apache.org/foundation/sponsorship.html About The Apache Software Foundation (ASF) Established in 1999, The Apache Software Foundation is the world’s largest Open Source foundation, stewarding 227M+ lines of code and providing more than $22B+ worth of software to the public at 100% no cost. The ASF’s all-volunteer community grew from 21 original founders overseeing the Apache HTTP Server to 820+ individual Members and 200 Project Management Committees who successfully lead 350+ Apache projects and initiatives in collaboration with 8,400+ Committers through the ASF’s meritocratic process known as "The Apache Way". Apache software is integral to nearly every end user computing device, from laptops to tablets to mobile devices across enterprises and mission-critical applications. Apache projects power most of the Internet, manage exabytes of data, execute teraflops of operations, and store billions of objects in virtually every industry. The commercially-friendly and permissive Apache License v2 is an Open Source industry standard, helping launch billion dollar corporations and benefiting countless users worldwide. The ASF is a US 501(c)(3) not-for-profit charitable organization funded by individual donations and corporate sponsors that include Aetna, Alibaba Cloud Computing, Amazon Web Services, Anonymous, Baidu, Bloomberg, Capital One, Cloudera, Comcast, Confluent, Didi Chuxing, Facebook, Google, Huawei, IBM, Indeed, LINE Corporation, Microsoft, Namebase, Pineapple Fund, Red Hat, Replicated, Talend, Target, Tencent, Union Investment, VMware, Workday, and Yahoo!. For more information, visit http://apache.org/ and https://twitter.com/TheASF © The Apache Software Foundation. "Apache" and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners. # # # NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
Foundation Statement at 8 February 2022 Senate Committee hearing on Homeland Security and Government Affairs
[this statement is available online at https://s.apache.org/485lz ] “Responding to and Learning from the Log4Shell Vulnerability” Opening Statement by David Nalley President, Apache Software Foundation Senate Committee on Homeland Security and Government Affairs February 8, 2022 --- Chairman Peters, Ranking Member Portman, and distinguished members of the Committee: thank you for the invitation to appear this morning. My name is David Nalley, and I am the President of the Apache Software Foundation (ASF). The ASF is a non-profit public-benefit charity established in 1999 to facilitate the development of open source software. Thanks to the ingenuity and collaboration of our community of programmers, the ASF has grown into one of the largest open source organizations in the world. Today, more than 650,000 contributors around the world contribute to more than 350 ongoing projects, comprising more than 237 million lines of code. Open source is not simply a large component of the software industry -- it is one of the foundations of the modern global economy. Whether they realize it or not, most businesses, individuals, non-profits, or government agencies depend on open source; it is an indispensable part of America’s digital infrastructure. Projects developed from open source, like Log4j, tend to resolve problems that many people have, essentially serving as reusable building blocks for solving those problems. This enables faster innovation because it eliminates the need for every company or developer to reimplement software for already solved problems. This efficiency allows programmers to stand on the shoulders of giants. The ASF provides a vendor-neutral environment to enable interested programmers – oftentimes direct competitors of one another – to do this common work together in transparent, open-handed cooperation. This is the essence of open-source software: brilliant individuals contributing their time and expertise to do unglamorous work solving problems – many with the intent of incorporating the results into their employer’s products. And it’s why I’ve dedicated my professional life to it. Log4j – first released by Apache in 2001 – is the product of just this kind of collaboration. It performs a particular set of functions, like recording a computer’s operating events, so well that it has been used in products as diverse as storage management software, software development tools, virtualization software and (most famously) the Minecraft video game. As Log4j’s footprint grew over the years, so did its feature list. It was a 2013 addition to Log4j, along with a part of the Java programming environment, that combined in such a way that exposed this security flaw. The vulnerability was reported to Apache’s Log4j team late November 2021, after having been latent for many years. The Apache Logging project, and Apache’s Security team immediately got to work addressing the vulnerability in the code. The full solution was released approximately two weeks later. Given the near ubiquity of Log4j’s use, it may be months or even years before all deployed instances of this vulnerability are eliminated. As a software professional myself, I am proud of how the Logging project and the ASF’s security team (and many others across the ASF’s projects) responded and remediated last fall. We acted quickly and in accordance with practices we have adopted over many years of supporting a diverse set of open source projects. We will continue to develop our projects in responding to and preventing security vulnerabilities. Moreover, every stakeholder in the software industry – including its largest customers, like the federal government – should be investing in software supply chain security. While ideas like the Software Bills of Materials won’t prevent vulnerabilities, they can mitigate the impact by accelerating the identification of potentially vulnerable software. However, the ability to quickly update to the most secure and up-to-date versions remains a significant hurdle for the software industry. The reality is that humans write software, and as a result there will continue to be bugs, and despite best efforts some of those will include security vulnerabilities. As we continue to become ever more connected and digital, the number of vulnerabilities and potential consequences are likely to grow. There is no easy software security solution - it requires defense in depth – incorporating upstream development in open source projects, vendors that incorporate these projects, developers that make use of the software in custom applications, and even down to the organizations that deploy these applications to provide services important to their users. Rather than shying away from this risk, I submit that software developers, open-source communities, and federal policymakers should face it head-on together – with the
Apache Month in Review: January 2022
[this announcement is available online at https://s.apache.org/January2022 ] Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in January [video highlights available at https://youtu.be/goxIRFMIi-w ] : New This Month -- - Apache in 2021 - By The Digits – a look at the achievements from the Apache Community over the past 12 months -- Summary and stats at https://s.apache.org/Apache2021Digits -- Video highlights https://youtu.be/GU0SV_2tWkU - Apache Software Foundation statement on White House Open Source Security Summit https://blogs.apache.org/foundation/entry/apache-software-foundation-statement-on - Apache Month in Review: December 2021 https://s.apache.org/December2021 - ASF Security Report 2021 – the annual state of security across all Apache projects https://s.apache.org/SecurityReport2021 - The Apache Software Foundation Announces Open Source data orchestration platform Apache® Hop™ as a Top-Level Project https://s.apache.org/4s3ci Important Dates -- - Next Board Meeting: 16 February 2022. Board calendar and minutes http://apache.org/foundation/board/calendar.html Infrastructure -- Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in January was 100%. http://www.apache.org/uptime/ Committer Activity -- In January, 672 Apache Committers changed 14,033,278 lines of code over 15,480 commits. The Committers with the top 5 highest contributions, in order, were: Gary Gregory, Claus Ibsen, Mark Thomas, Jarek Potiuk, and Sebastian Bazley. Project Releases and Updates -- New releases from Apache Airflow (Workflow); APISIX (API); Avro (Big Data); Camel (Integration); DolphinScheduler (Workflow); Flink (Big Data); Geode (Database); Guacamole (Network Client); Hop (Orchestration); Ignite (Big Data); Jackrabbit (Content); James (Mail); Kafka (Big Data); Karaf (Application Servers/Middleware); Knox (Big Data); Log4j (Libraries); MINA (Network Client/Server); NiFi (Big Data); OFBiz (Enterprise Processes Automation / ERP); POI (Content); Portals (Web Frameworks); ShardingSphere (Big Data); ShenYu (Incubating; API); Skywalking (Application Performance Management); Struts (Web Frameworks); Tomcat (Servers); Tuweni (Incubating; Blockchain); and TVM (Machine Learning). Apache Project Anniversaries in January: Apache Cocoon, James, and Web Services (18 years); Lucene (16 years); ActiveMQ (14 years); Hadoop (13 years); River (10 years); Empire-db and Gora (9 years); OpenMeetings (8 years); Samza (6 years); Arrow (5 years); Ranger (2 years); and Gobblin (1 year). Many happy returns! https://projects.apache.org/committees.html?date The Apache Incubator is the primary entry path for projects wishing to become an official part of the ASF. More than three dozen projects are currently undergoing development in the Apache Incubator. http://incubator.apache.org/ # # # To see our Weekly News Round-ups (published every Friday), visit https://blogs.apache.org/foundation/ and click on the calendar or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your support! = = = NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
The Apache Software Foundation Announces Open Source data orchestration platform Apache® Hop™ as a Top-Level Project
[this announcement is available online at https://s.apache.org/4s3ci ] Wilmington, DE —18 January 2022— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® Hop™ as a Top-Level Project (TLP). Apache Hop —the Hop Orchestration Platform— is a flexible, metadata-infused data orchestration, engineering, and integration platform. The project originated more than two decades ago as the Extract-Transform-Load (ETL) platform Kettle (Pentaho Data Integration), was refactored over several years, and entered the Apache Incubator in September 2020. "We are pleased to successfully adopt 'the Apache Way' and graduate from the Apache Incubator," said Bart Maertens, Vice President of Apache Hop. "Apache Hop enables people of all skill levels to build powerful and scalable data solutions without the need to write code. As an Apache Top-Level Project, Hop is developed and used by people across the globe. Hop's full project life cycle support helps these data teams to successfully build, test and run their projects in ways that would otherwise be hard or impossible to do." Using Apache Hop, data professionals can rapidly and affordably facilitate all aspects of data and metadata orchestration whilst supporting DevOps best practices, such as testing. Apache Hop’s Java-based visual designer, server, and configuration tools are easy to set up, deploy, and maintain across numerous platforms. Features include: Lightweight “design once, run anywhere” architecture —workflows and pipelines can be designed in the Hop GUI and executed locally or remotely on the Hop native engine, on Apache Flink, Apache Kafka, Apache Spark, Google Dataflow, or AWS EMR through Apache Beam runtimes; Metadata-driven —every object type in Hop describes how data is read, manipulated or written, or how workflows and pipelines need to be orchestrated. In addition, Hop itself is internally metadata-driven, using a kernel architecture with a robust engine; Visual development environment —intuitive drag-and-drop graphical user interface (GUI) enables developers to enjoy the ease and productivity of visual development rather than code. Using Hop, data engineers can focus on business logic and requirements rather than how it needs to be done; Plug-in integration —more than 250 plugins make it easy to manage ecosystem complexity, and add new functionality; and Built-in lifecycle management —enables developers, engineers, and administrators to manage, test, deploy, and switch between projects, workflows, pipelines, environments, purposes, Git versions and more —all from the Hop GUI. Apache Hop has been designed to work in any scenario: on-premises, on a cloud, on a bare OS, in containers, IoT environments, large datasets, and more, on Windows, Linux, and OSX. Many of the thousands of organizations in finance, retail, supply chain, and other sectors that use Kettle (Pentaho Data Integration; the precursor to Apache Hop) have started to look into Hop or already are in the process of upgrading to Hop. "I'm very happy that we can now safely collaborate with any company or person across the global community under the umbrella of the Apache Software Foundation on something as cool as Apache Hop," said Matt Casters, Chief Solution Architect at Neo4j and member of the Apache Hop Project Management Committee. "We started adopting Apache Hop in our data integration projects in early 2021 because of its flexibility, scalability and ease of use, in various scenarios ranging from classical DWH ETL processes to highly critical, real time processes," said Sergio Ramazzina, CEO and Chief Architect at Serasoft S.r.l., and member of the Apache Hop Project Management Committee. "We are impressed by how responsive the community is in solving issues and helping users approaching the platform --an important point to increase users adoption and trust. We welcome everyone joining our Hop community and contributing to the project." "This graduation is just the beginning for Hop, and is proof that great communities build great software. The entire Hop community would like to thank the Apache Software Foundation for making this possible, especially our mentors who guided us through the Incubator," added Maertens. "We invite everyone to download and try Hop, join our chat and become part of the Hop community." Catch Apache Hop in action at a future Hop community event. For more information and to register, visit https://hop.apache.org/community/events/ Availability and Oversight Apache Hop software is released under the Apache License v2.0 and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. For downloads, documentation, and ways to become
The Apache Software Foundation Security Report: 2021
[complete report, with image and links, is available online at https://s.apache.org/SecurityReport2021 ] Apache Software Foundation Security Report: 2021 Synopsis: This report explores the state of security across all of The Apache Software Foundation projects for the calendar year 2021. We review key metrics, specific vulnerabilities, and the most common ways users of ASF projects were affected by security issues. Released: January 2022 Author: Mark Cox, Vice President Security, The Apache Software Foundation Background The security committee of The Apache Software Foundation (ASF) oversees and coordinates the handling of vulnerabilities across all of the 350+ Apache projects. Established in 2002 and composed of all volunteers, we have a consistent process for how issues are handled, and this process includes how our projects must disclose security issues. Anyone finding security issues in any Apache project can report them to secur...@apache.org where they are recorded and passed on to the relevant dedicated security teams or private project management committees (PMC) to handle. The security committee monitors all the issues reported across all the projects and keeps track of the issues throughout the vulnerability lifecycle. The security committee is responsible for ensuring that issues are dealt with properly and actively reminds projects of their outstanding issues and responsibilities. As a board committee, we have the ability to take action including blocking their future releases or, worst case, archiving a project if such projects are unresponsive to handling their security issues. This, along with the Apache License v2,0, are key parts of the ASF’s general oversight function around official releases, allowing the ASF to protect individual developers and giving users confidence to deploy and rely on ASF software. The oversight into all security reports, along with tools we have developed, gives us the ability to easily create metrics on the issues. Our last report covered the metrics for 2020. Statistics for 2021 In 2021 our security email addresses received in total ~18,500 emails. After spam filtering and thread grouping there were 1272 (2020: 946, 2019: 620) non-spam threads. Unfortunately security reports do sometimes look like spam, especially if they include lots of attachments or large videos, and so the security team are careful to review all messages to ensure real reports are not missed for too long. [please refer to the image at https://s.apache.org/SecurityReport2021 ] Diagram 1: Breakdown of ASF security email threads for calendar year 2021 Diagram 1 gives the breakdown of those 1272 threads. 359 threads (28%) were people confused by the Apache License. As many projects use the Apache License, not just those under the ASF umbrella, people can get confused when they see the Apache License and they don't understand what it is. This is most common for example on mobile phones where the licenses are displayed in the settings menu, usually due to the inclusion of software by Google released under the Apache License. We no longer reply to these emails. This is up from the 257 received in 2020. The next 337 of the 1272 (26%) are email threads with people asking non-security (usually support-type) questions. The next 135 of those reports were researchers reporting issues in an Apache web site. These are almost always false negatives; where a researcher reports us having directory listings enabled, source code visible, public “.git” directories, and so on. These reports are generally the unfiltered output of some publicly available scanning tool, and often where the reporter asks us for some sort of monetary reward (bounty) for their report. That left 441 (2020: 376, 2019: 320) reports of new vulnerabilities in 2021, which spanned 99 of the top level projects. These 441 reports are a mix of external reporters and internal. For example, where a project has found an issue themselves and followed the ASF process to assign it a CVE (Common Vulnerabilities and Exposures) name and address it, we’d still count it here. We don’t keep metrics that would give the breakdown of internal vs external reports. The next step is that the appropriate project triages the report to see if it's really an issue or not. Invalid reports and reports of things that are not actually vulnerabilities get rejected back to the reporter. Of the remaining issues that are accepted they are assigned appropriate CVE names and eventually fixes are released. As of January 1st 2022, 50 of those 441 reports were still under triage and investigation. This is where a project was working on an issue and had not rejected the issue or assigned it a CVE as of the snapshot taken on January 1st 2022. This number was higher than what we’d normally expect and was due to the large influx of reports that came at the end of December 2021. The remaining
Apache in 2021 - By The Digits
[this report, charts, and graphics are available online at https://s.apache.org/Apache2021Digits ] During 2021 the all-volunteer Apache community has demonstrated unwavering commitment to our tenet of "Community Over Code." Highlights over the past year include — Community/People The Apache Software Foundation’s (ASF) merit-driven "Contributor-Committer-Member" progression is the central governing process across the Apache ecosystem. Following the ASF’s incorporation in 1999, the core Apache Group of 21 individual Members grew with developers who contributed code, patches, or documentation. Some of these contributors were subsequently granted Committer status by the Membership, and provided access to: 1) commit code directly to Apache repositories; 2) vote on community-related decisions; and 3) propose an active user for Committership. Today, ASF Committers contribute not just code and documentation, but also an array of initiatives that provide value across the greater Apache ecosystem, including Project promotion and community development through mentoring, events, and diversity and inclusion programs. Those Committers who demonstrate merit in the Foundation's growth, evolution, and progress are nominated for ASF Membership by existing members. More than 630,000 individuals have contributed to the ASF to date. During 2021, 724 individuals new to the ASF contributed to Apache projects and initiatives. In 2021 the ASF welcomed 441 new Committers, totaling 8,484. 40 new Foundation Members were elected in 2021, totaling 816 active Members. [please refer to image at https://s.apache.org/Apache2021Digits ] Contributor Growth Each year, new members contribute to the ASF's efforts. These charts demonstrate how long committers/authors have been contributing to Apache projects. Approximately 20% of first-time contributors continue to participate for a longer period of time. [please refer to image at https://s.apache.org/Apache2021Digits ] Contributor Experience with the ASF [please refer to image at https://s.apache.org/Apache2021Digits ] Project Activity - Total number of Apache projects + sub-projects - 351 - Top-Level Projects - 200 - Top-Level Projects and sub-projects retired to the Apache Attic - 23 - Podlings undergoing development in the Apache Incubator - 37 - New projects that entered the Apache Incubator - 5 - New Top-Level Projects that graduated from the Incubator - 6 - Podlings that retired from the Incubator - 2 Top-Level Projects (committees) evolution [please refer to image at https://s.apache.org/Apache2021Digits ] Incubating projects (podlings) evolution [please refer to image at https://s.apache.org/Apache2021Digits ] Code and Commits The ASF shepherds 283,069,836 lines of code across 2,308 repositories (excluding Website repositories). Apache Projects, sub-projects, incubating podlings, and their communities produced hundreds of releases across dozens of categories that include: Application Programming Interfaces, Application Performance Management, Big Data, Cloud Computing, Content, Databases, email, Enterprise Processes Automation, FinTech, Identity Management, Integrated Development Environments, Integration, Internet of Things (Io), Libraries, Logging, Machine Learning, Messaging, Natural Language Processing, Operating Systems, Remote Desktop Gateways, Search, Security Frameworks, Servers, Templating, Testing, Version Control, Web Crawlers, Web Conferencing, Web Frameworks, and more. During 2021, 2,493 Code Committers and 9,604 Code Authors changed 514,891,631 lines of code over 217,479 commits. Top 5 Code Authors in 2021 1. Andrea Cosentino: 4,447 commits (352,346 insertions, 399,815 deletions) 2. Claus Ibsen: 2,974 commits (555,245 insertions, 567,896 deletions) 3. Mark Thomas: 2,509 commits (186,889 insertions, 117,182 deletions) 4. Jean-Baptiste Onofré: 2,470 commits (18,899 insertions, 33,835 deletions) 5. Gary Gregory: 2,240 commits (170,799 insertions, 181,214 deletions) Commits per Month in 2021 [please refer to image at https://s.apache.org/Apache2021Digits ] Top Apache Project Repositories by Size (Lines of Code) [please refer to image at https://s.apache.org/Apache2021Digits ] Top Apache Project Repositories by Commits made in 2021 [please refer to image at https://s.apache.org/Apache2021Digits ] Code Language Breakdown [please refer to image at https://s.apache.org/Apache2021Digits ] Issues and Pull Requests (ASF Infrastructure + GitHub) - Total Issues Opened - 197,242 - Contributors Opening Issues - 31,769 - Contributors Resolving Issues - 20,867 - Total Issues Resolved - 173,178 [please refer to image at https://s.apache.org/Apache2021Digits ] Issues and Pull Request Community Growth [please refer to image at https://s.apache.org/Apache2021Digits ] Email and Mailing Lists The ASF adage "If it didn't happen on-list, it didn't happen" ensures that our distributed community on 7 continents are able to
Apache Month in Review: December 2021
[this post is available online at https://s.apache.org/December2021 ] Apache Month in Review: December 2021 Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in December [video highlights available at https://youtu.be/2xNsILebwHI ] : New This Month -- - Apache Month in Review: November 2021 https://s.apache.org/November2021 Important Dates -- - Next Board Meeting: 19 January 2022. Board calendar and minutes http://apache.org/foundation/board/calendar.html Infrastructure -- Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in December was 99.94%. http://www.apache.org/uptime/ Committer Activity -- In December, 600 Apache Committers changed 23,123,232 lines of code over 13,572 commits. The Committers with the top 5 highest contributions, in order, were: Gary Gregory, Claus Ibsen, Jean-Baptiste Onofré, Harikrishna Patnala, and Andi Huber. Project Releases and Updates -- New releases from Apache Airflow (Workflow); APISIX (API); Archiva (Build Management); Calcite (Big Data); Camel (Integration); Daffodil (Libraries); DolphinScheduler (Workflow); Druid (Big Data); Flink (Big Data); Fortress (Identity Management); Geode (Database); Groovy (Programming Languages); HBase (Big Data); HttpComponents (Servers); HTTP Server (Servers); Ignite (Big Data); IoTDB (IoT); Jackrabbit (Content); James (Mail); JMeter (Testing); JSPWiki (Content); Karaf (Application Servers/Middleware); Kyuubi (Incubating; Big Data); Log4j (Libraries); Lucene (Search); MXNet (Incubating; Libraries); NetBeans (Integrated Development Environment); NiFi (Big Data); OFBiz (Enterprise Processes Automation / ERP); Parquet (Big Data); PDFBox (Content); PLC4X (IoT); Pulsar (Messaging); Qpid (Messaging); Skywalking (Application Performance Management); Solr (Search); Struts (Web Frameworks); Tika (Big Data); Tomcat (Servers); Traffic Control (Servers); Wicket (Web Frameworks); and XMLBeans (Library). Apache Project Anniversaries in December: Apache Portable Runtime (APR; 21 years); Logging Services (18 years); Cayenne and OFBiz (15 years); Synapse (14 years); Camel (13 years); Axis, OpenWebBeans, Pivot (12 years); Aries (11 years); Flex (9 years); Helix (8 years); Flink (7 years); Beam (5 years); Airflow (3 years); Druid (2 years); DataSketches (1 year); ECharts (1 year); and Mnemonic (1 year). Many happy returns! https://projects.apache.org/committees.html?date The Apache Incubator is the primary entry path for projects wishing to become an official part of the ASF. More than three dozen projects are currently undergoing development in the Apache Incubator. http://incubator.apache.org/ # # # To see our Weekly News Round-ups (published every Friday), visit https://blogs.apache.org/foundation/ and click on the calendar or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your support! = = = NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
The Apache Weekly News Round-up: week ending 12 November
Happy Friday, everyone --let's review the Apache community's activities from over the past week: Sponsor Success at Apache – the blog series that focuses on the people and processes behind why the ASF "just works", featuring insights and experiences from the perspective of select ASF Sponsors - "Exploration and Practice of the Apache Way in Tencent" by Mark Shan https://s.apache.org/258az ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Next Board Meeting: 17 November 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at 99.94%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages. http://www.apache.org/uptime/ Apache Code Snapshot – Over the past week, 352 Apache Committers changed 11,730,654 lines of code over 3,823 commits. Top 5 contributors, in order, are: Krzysztof Kopyściński, Mark Thomas, Andrea Cosentino, Adam Kocoloski, and Tomaž Muraus. Apache Project Announcements – the latest updates by category. Big Data -- - Apache NiFi 1.15.0 released https://nifi.apache.org/ - Apache ShardingSphere 5.0.0 released https://shardingsphere.apache.org/ Business Intelligence -- - Apache Superset CVE-2021-41972: Credentials leak https://lists.apache.org/thread/01o21s5z16791ywrfds91l4x9vdgsn1r Content -- - Apache Jackrabbit 2.20.4 and Jackrabbit Oak 1.8.25 released http://jackrabbit.apache.org/ - Apache Traffic Control 6.0.1 released https://trafficcontrol.apache.org/ and CVE-2021-43350: LDAP filter injection vulnerability in Traffic Ops https://lists.apache.org/thread/01o21s5z16791ywrfds91l4x9vdgsn1r Messaging -- - Apache Qpid Proton 0.36.0 released Did You Know? - Did you know that the Apache Unomi community will be holding their first Unomi developer MeetUp online and free of charge on 18 November? http://unomi.apache.org/events/meetups/2021-11-18.html - Did you know that the Apache Ignite community are preparing for the vote on v2.12, are redesigning their project Website, and will be kicking off Ignite Summit Cloud Edition 16 November? Catch up on a busy week ahead! http://ignite.apache.org/ - Did you know that Uber Eats' new real-time exactly-once ad event processing is powered by Apache Flink http://flink.apache.org/ , Apache Kafka http://kafka.apache.org/ , and Apache Pinot http://pinot.apache.org/ ? Apache Community Notices - The Apache Month in Review: October 2021 https://s.apache.org/October2021 and video highlights https://youtu.be/3rPR6tNt-dg - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature https://www.youtube.com/watch?v=JUt2nb0mgwg [49 min] 2) "Apache Everywhere" https://www.youtube.com/watch?v=nXtIti9jMFI [6 min] 3) "Why Apache" https://www.youtube.com/watch?v=YM5dLvNatRs [2.5 min] 4) “Apache Innovation” https://www.youtube.com/watch?v=qkvqJaX4S50 [40 min] - ASF Annual Report: FY2021 -- Press release https://blogs.apache.org/foundation/entry/the-apache-software-foundation-announces78 and Report https://www.apache.org/foundation/docs/FY2021AnnualReport.pdf (PDF) - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI - Foundation Reports and Statements http://www.apache.org/foundation/reports.html - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel. https://www.youtube.com/c/TheApacheFoundation/ - "Success at Apache" focuses on the people and processes behind why the ASF "just works." https://blogs.apache.org/foundation/category/SuccessAtApache - Inside Infra: the new interview series with members of the ASF infrastructure team --meet Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris Drew Foulks https://s.apache.org/InsideInfra-Drew Greg Stein Part I https://s.apache.org/InsideInfra-Greg ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3 Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2 Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2 Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2 Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn. - Follow the Apache Community on Facebook and Twitter. - Are your software solutions Powered by Apache? Download & use our "Powered By"
Sponsor Success at Apache: Exploration and Practice of the Apache Way in Tencent
[this post is available online at https://s.apache.org/258az ] by Mark Shan, Chairman of Tencent Open Source Alliance and Tencent Cloud Open Source Ecosystem General Manager The Apache Software Foundation (ASF) manages more than 227 million lines of code, has 206 project management committees, leads more than 350 Apache projects and operates through a merit system, with more than 850 members, 8,100+ committers, and tens of thousands of contributors. Previously the Apache Group, the ASF has grown to one of the largest open source foundations in the world today. It has built the well-known "Apache Way" through its leadership, sound community, and merit thinking, resulting in a set of schemes that promote the sustainable development of open source communities and guide the practice of open source projects.projects. Since Tencent Open Source was created 11 years ago, a large number of Tencent engineers have formed a deep connection with the Apache community by participating and contributing to Apache projects. Furthermore, by learning from the Apache Way, Tencent is going through its open source journey. At ApacheCon@Home 2021, I shared how Tencent thinks, explores, and practices open source according to the Apache Way. Below is a synopsis of this presentation: The Apache Way's Importance in Community Building The Apache Way is difficult to define. Although the Apache Way has evolved somewhat over the years, the original intention of "high transparency" has remained unchanged. In Mark Shan’s view, Tencent's learning experience from the Apache Way can be summarized into five main points: 1. Everyone has the opportunity to participate and can become a contributor. Contributors can increase their impact and personal growth through their contributions to projects. 2. The ASF has a structure that encourages contributions from everyone, regardless of employer. This means that, for example, committer and PMC roles are open to anyone who earns the title. Tencent encourages its engineers to participate in the Apache community actively. 3. Understanding and practicing open communication is extremely important. Because open source is the collaboration of a global community, Tencent engineers are able to participate in the Apache open source project through asynchronous collaboration using the mailing list. Code and decision-related communication are open and transparent. 4. Reaching consensus when making decisions is strongly encouraged. Consensus can maintain project momentum and productivity. But when a complete consensus is impossible, voting or other coordination is available to arrive at binding decisions. 5. The most important point is that the Apache community's motto, "community over code", is often emphasized. Because a healthy community is more important than simply good code. A strong and healthy community can always correct code problems, while an unhealthy community may struggle to maintain the code repository in a sustainable manner. In addition, flexibility is also an integral part of ASF's sustainable open source success. [see image of Tencent-Apache Projects Ecosystem Landscape https://s.apache.org/258az ] Tencent's Open Source Way —Inspired by the Apache Way Apache projects and their communities are unique and diverse. In the community-led development process, Apache members formed the Apache Way based on their experience. Many of Tencent's open source practices and results are executed following the model of the Apache Way. After many years of incorporating open source into its culture, Tencent has formed an approach, "open collaboration, open source for good," which reflects Tencent's value and vision, and is honed based on open source best practices. Practicing the Apache Way: Contributing and Donating to open source projects Tencent engineers have been contributing to and helping to lead many ASF projects, including: 1) Big Data Over the past four years, several Tencent engineers helped lead releases for Apache Hadoop 2.8.4 and 2.8.5, Apache Ozone 1.0.0 (Ozone was a sub-project of Apache Hadoop, and became a Top-Level Project in 2020), and Apache Spark 2.3.2. Tencent engineers contributed more than 20 features and optimizations to several versions of Hadoop, and are core contributors in multiple Apache computing and AI frameworks that include Flink, HBase, Hive, MXNet, and Parquet. 2) Middleware In 2019, Tencent donated TubeMQ, its self-developed trillion-level big data component, to the ASF through the Apache Incubator. In 2021 the project officially changed its name to Apache InLong, as part of its incubation process. Tencent Applications based on Apache Projects In addition to self-developed tools, Tencent widely uses ASF open source projects in its various business systems, with particular focus in big data, API gateways, and observability. As one of the largest daily real-time computing companies, Tencent's overall big data
Apache Month in Review: October 2021
[this post is available online at https://s.apache.org/October2021 ]
Welcome to the latest monthly overview of events from the Apache community.
Here's a summary of what happened in October [video highlights available
https://youtu.be/3rPR6tNt-dg ] :
New This Month --
- Apache Software Foundation moves to CDN distribution for software.
https://s.apache.org/newuq
- The Apache Software Foundation Announces Apache® OpenOffice® 4.1.11
https://s.apache.org/3x8kz
- Presentations from ApacheCon 2021 events are available on the ASF's YouTube
channel. https://s.apache.org/ASF-YouTube
- Apache Month in Review: September 2021 https://s.apache.org/September2021
Important Dates --
- Next Board Meeting: 17 November 2021. Board calendar and minutes
http://apache.org/foundation/board/calendar.html
- Apache CloudStack Collaboration Conference 2021 - 8-12 November 2021
https://blogs.apache.org/foundation/entry/cloudstack-collaboration-conference-2021-november
Infrastructure --
Our seven-member Infrastructure team on three continents oversees our
highly-reliable, distributed network under the leadership of VP Infrastructure
David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure
supports 300+ Apache projects and their communities across ~200 individual
machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per
month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly
checks to ensure services are available around the clock. The average uptime in
October was 100.00%. http://www.apache.org/uptime/
Committer Activity --
In October, 643 Apache Committers changed 47,071,028 lines of code over 11,309
commits. The Committers with the top 5 highest contributions, in order, were:
Claus Ibsen, Andi Huber, Gary Gregory, Andrea Cosentino, and Alex Herbert.
Project Releases and Updates --
New releases from Apache Airflow (Big Data); Ant (Build Management); APISIX
(API); Bigtop (Big Data); Calcite (Big Data); Camel (Integration); CouchDB (Big
Data); DB (Database); Flink (Big Data); Geode (Database); HBase (Big Data); Hop
(Orchestration); HttpComponents (Servers); HTTP Server (Servers); Jackrabbit
(Content); James (Mail); Kyuubi (Incubating; Big Data); Log4cxx (Libraries);
Lucene (Search); OpenMeetings (Web Conferencing); OpenOffice (Content); PLC4X
(IoT); Qpid (Messaging); ShardingSphere (Big Data); ShenYu (Incubating; API);
SIS (Geospatial); Skywalking (Application Performance Management); Solr
(Search); Storm (Big Data); Syncope (Identity Management);Tomcat (Servers);
Traffic Control (Servers); XMLBeans (Library).
Apache Project Anniversaries in October: Apache Ant (19 years); HttpComponents
(14 years); Attic, Buildr, CouchDB, and Qpid (13 years); Community Development
("ComDev", 12 years); OODT and ZooKeeper (11 years); Kafka and Syncope (9
years); Ambari (8 years); BookKeeper, Drill, and MetaModel (7 years); Brooklyn,
Groovy, Kylin, and REEF (6 years); Geode (5 years); Guacamole, Impala, and
Mnemonic (4 years); Griffin (3 years); Petri (2 years); and Superset and TVM (1
year). Many happy returns! https://projects.apache.org/committees.html?date
The Apache Incubator is the primary entry path for projects wishing to become
an official part of the ASF. More than three dozen projects are currently
undergoing development in the Apache Incubator. http://incubator.apache.org/
# # #
To see our Weekly News Round-ups (published every Friday), visit
https://blogs.apache.org/foundation/ and click on the calendar or hop directly
to https://blogs.apache.org/foundation/category/Newsletter . For real-time
updates, sign up for Apache-related news by sending mail to
announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your
support!
= = =
NOTE: you are receiving this message because you are subscribed to the
announce@apache.org distribution list. To unsubscribe, send email from the
recipient account to announce-unsubscr...@apache.org with the word
"Unsubscribe" in the subject line.
The Apache Software Foundation Announces Apache® OpenOffice® 4.1.11
[this announcement is available online at https://s.apache.org/3x8kz ] Updates to security and availability of leading Open Source office document productivity suite Wilmington, DE —7 October 2021— The Apache® Software Foundation (ASF), the world’s largest Open Source foundation, announced today Apache OpenOffice® 4.1.11, the popular Open Source office-document productivity suite. Used by millions of organizations, institutions, and individuals around the world, Apache OpenOffice delivered 317M+ downloads* and provides more than $25M in value to users per day. Apache OpenOffice supports more than 40 languages, offers hundreds of ready-to-use extensions, and is the productivity suite of choice for governments seeking to meet mandates for using ISO/IEC standard Open Document Format (ODF) files. "Users worldwide depend on OpenOffice to meet their office productivity needs," said Carl Marcum, Vice President of Apache OpenOffice. "We are proud to offer improved security and availability with our latest release. Businesses of all sizes across numerous industries, educational institutions, non-profits, digitally-inclusive communities, application developers, and countless others rely on Apache OpenOffice to efficiently create, manage, and deliver high-impact, integrated content." Apache OpenOffice comprises six productivity applications: Writer (word processor), Calc (spreadsheet tool), Impress (presentation editor), Draw (vector graphics drawing editor), Math (mathematical formula editor), and Base (database management program). The OpenOffice suite ships for Windows, macOS, and Linux. Apache OpenOffice v4.1.11 The 14th release under the auspices of the ASF, OpenOffice v4.1.11 reflects dozens of improvements, features, and bug fixes that include: - New Writer Fontworks gallery - Updated document types where hyperlink is allowed - Updated Windows Installer - Increased font size in Help In addition, the project is mitigating 5 CVE (Common Vulnerabilities and Exposures) reports, three of which will be disclosed on 11 October, in coordination with The Document Foundation. Apache OpenOffice delivers up to 2.4M downloads per month and is available as a free download to all users at 100% no cost, charge, or fees of any kind. Apache OpenOffice is available on the Windows 11 Store as of 5 October 2021. OpenOffice source code is available for anyone who wishes to enhance the applications. The Project welcomes contributions back to the project as well as its code community. Those interested in participating with Apache OpenOffice can learn more at https://openoffice.apache.org/get-involved.html . * partial count: the number above reflects full-install downloads of Apache OpenOffice via SourceForge as of September 2021. Tribute Of special note, Apache OpenOffice 4.1.11 is dedicated to the memory of Dr. Patricia Shanahan, late member of the Apache OpenOffice Project Management Committee, former member of the ASF Board of Directors, former Vice President Apache River, and contributor to Apache Community Development. More information on Patricia can be found at the ASF’s memorial page http://apache.org/memorials/patricia_shanahan.html . Availability and Oversight Apache OpenOffice software is released under the Apache License v2.0 and is overseen by a volunteer, self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. The project strongly recommends that users download OpenOffice only from the official site https://www.openoffice.org/download/ to ensure that they receive the original software in the correct and most recent version. About Apache OpenOffice Apache OpenOffice is a leading Open Source office-document productivity suite comprising six productivity applications: Writer, Calc, Impress, Draw, Math, and Base. OpenOffice is based around the OpenDocument Format (ODF), supports 40+ languages, and ships for Windows, macOS, and Linux. OpenOffice originated as "StarOffice" in 1985 by StarDivision, who was acquired by Sun Microsystems in 1999. The project was open-sourced under the name "OpenOffice.org", and continued development after Oracle Corporation acquired Sun Microsystems in 2010. OpenOffice entered the Apache Incubator in 2011 and graduated as an Apache Top-level Project in October 2012. Apache OpenOffice delivers up to 2.4 Million downloads each month is the productivity suite of choice for hundreds of educational institutions and government organizations seeking to meet mandates for using ISO/IEC standard Open Document Format (ODF) files. For more information, including documentation and ways to become involved with Apache OpenOffice, visit https://openoffice.apache.org/ and https://twitter.com/ApacheOO . About The Apache Software Foundation (ASF) Established in 1999, The Apache Software Foundation (ASF) is
Apache Month in Review: September 2021
[this post is available online at https://s.apache.org/September2021 ] Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in September [video highlights available https://youtu.be/v3GdwUmevog ] : New this month -- - Success at Apache - This series focuses on the people and processes behind why the ASF "just works." The most recent entry is "From Mentee to PMC" by Ephraim Anierobi. https://s.apache.org/13mcu - The Apache Drill Project Announces Apache® Drill(TM) v1.19 Milestone Release https://s.apache.org/bfhy6 - Apache Ranger response to incorrect analyst report on Cloud data security https://blogs.apache.org/foundation/entry/apache-ranger-response-to-incorrect - Apache Month in Review: August 2021 https://s.apache.org/August2021 Important Dates -- - Next Board Meeting: 20 October 2021. Board calendar and minutes http://apache.org/foundation/board/calendar.html Infrastructure -- Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in September was 99.87%. http://www.apache.org/uptime/ Committer Activity -- In September, 692 Apache Committers changed 31,529,765 lines of code over 13,104 commits. The Committers with the top 5 highest contributions, in order, were: Mark Thomas, Andrea Cosentino, Andi Huber, Harikrishna Patnala, and Daniel Gruno. Project Releases and Updates -- New releases from Apache Airflow (Big Data); Any23 (Content); APISIX (API); Camel (Integration); Commons DBCP (Libraries); Commons RNG (Libraries); DolphinScheduler (Workflow); Drill (Big Data); Druid (Big Data); Geode (Database); Geronimo (Application Servers); Groovy (Programming Languages); HttpComponents (Servers); Hudi (Big Data); Ignite (Big Data); IoTDB (IoT); Jackrabbit (Content); jclouds (Cloud); Jena (Libraries); Kafka (Big Data); Karaf (Application Servers/Middleware); Log4j (Libraries); NetBeans (Integrated Development Environment); PDFBox (Content); Pulsar (Messaging); Qpid (Messaging); Shiro (Security Framework); Skywalking (Application Performance Management); Solr (Search); Tika (Big Data); Tomcat (Servers); Wicket (Web Frameworks); Zeppelin (Big Data). Apache Project Anniversaries in September: ServiceMix (14 years); Hive, Pig, and Shiro (11 years); Airavata, Bigtop, and SIS (9 years); Curator (8 years); Storm (7 years); Yetus (6 years); RocketMQ and Royale (4 years); Pulsar (3 years); Rya (2 years); IoTDB (1 year). Many happy returns! https://projects.apache.org/committees.html?date The Apache Incubator is the primary entry path for projects wishing to become an official part of the ASF. More than three dozen projects are currently undergoing development in the Apache Incubator; new to the Incubator this month is Apache Linkis (computation middleware). http://incubator.apache.org/ # # # To see our Weekly News Round-ups (published every Friday), visit https://blogs.apache.org/foundation/ and click on the calendar or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your support! = = = NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
The Apache News Round-up: week ending 27 September 2021
[this newsletter is available online at https://s.apache.org/p74bn ] We're closing September with another great week. Here are the latest updates on the Apache community's activities: ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Next Board Meeting: 20 October 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998. - Our 2021 events are complete: thanks to all speakers, sponsors, participants, and planners for their great turnout! - Presentations for ApacheCon Asia are available on the ASF YouTube channel. ApacheCon@Home presentations will be posted shortly https://www.youtube.com/c/TheApacheFoundation/ ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the Apache Infrastructure Uptime site to see the most recent averages. http://www.apache.org/uptime/ Apache Code Snapshot – Over the past week, 328 Apache Committers changed 7,398,124 lines of code over 2,924 commits. Top 5 contributors, in order, are: Harikrishna Patnala, Gary Gregory, Andy Seaborne, Daniel Gruno, and Mark Thomas. Apache Project Announcements – the latest updates by category. Big Data -- - Apache Druid 0.22.0 released https://druid.apache.org/ -- CVE-2021-36749: The HTTP inputSource allows authenticated users to read data from other sources than intended https://s.apache.org/kcci1 Cloud Computing -- - Apache Kafka 3.0.0 released https://kafka.apache.org/ -- CVE-2021-38153: Timing Attack Vulnerability for Apache Kafka Connect and Clients https://s.apache.org/19mol Data Management Platform -- - Apache Ignite 2.11.0 released http://ignite.apache.org/ IDE -- - Apache NetBeans 12.5 released http://netbeans.apache.org/ Messaging -- - Apache Pulsar 2.8.1 released https://pulsar.apache.org/ Did You Know? - Did you know that LinkedIn's 10,000-node cluster for Big Data analytics and machine learning workloads is considered the world's largest Apache Hadoop implementation? http://hadoop.apache.org/ - Did you know that Yelp's new search engine, Nrtsearch, is powered by Apache Lucene? http://lucene.apache.org/ - Did you know that the Ignite Summit Cloud Edition CFP closes on 15 October? http://ignite.apache.org/ Apache Community Notices - Watch "Trillions and Trillions Served" https://www.youtube.com/watch?v=JUt2nb0mgwg, the documentary on the ASF 1) full feature [49 min] https://www.youtube.com/watch?v=JUt2nb0mgwg 2) "Apache Everywhere" [6 min] https://www.youtube.com/watch?v=nXtIti9jMFI 3) "Why Apache" [2.5 min] https://www.youtube.com/watch?v=YM5dLvNatRs 4) “Apache Innovation” [40 min] https://www.youtube.com/watch?v=qkvqJaX4S50 - ASF Annual Report: FY2021 -- Press release https://blogs.apache.org/foundation/entry/the-apache-software-foundation-announces78 -- Report (PDF) https://www.apache.org/foundation/docs/FY2021AnnualReport.pdf - The Apache Month in Review: August 2021 https://blogs.apache.org/foundation/entry/apache-month-in-review-august1 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI - Foundation Reports and Statements http://www.apache.org/foundation/reports.html - Presentations from ApacheCon Asia are available on YouTube https://www.youtube.com/c/TheApacheFoundation/playlists?app=desktop=50=dd_id=2 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." - Inside Infra: the new interview series with members of the ASF infrastructure team --meet Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris Drew Foulks https://s.apache.org/InsideInfra-Drew Greg Stein Part I https://s.apache.org/InsideInfra-Greg ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3 Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2 Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2 Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2 Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2 - Follow the ASF on social media: @TheASF on Twitter and The ASF page on LinkedIn https://www.linkedin.com/company/the-apache-software-foundation - Follow the Apache Community on Facebook https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter https://twitter.com/ApacheCommunity . - Are your software solutions Powered by Apache? Download & use our "Powered By"
The Apache News Round-up: week ending 17 September 2021
[this newsletter is available online at https://s.apache.org/wkssk ] We're wrapping up another great week with the following activities from the Apache community: Success at Apache This series focuses on the people and processes behind why the ASF "just works." The most recent entry is "From Mentee to PMC" by Ephraim Anierobi. https://blogs.apache.org/foundation/entry/success-at-apache-from-mentee ASF Annual Report The ASF annual report is a look back at our many achievements during the 2021 Fiscal Year. - Press release: The Apache Software Foundation Announces Annual Report for 2021 Fiscal Year https://blogs.apache.org/foundation/entry/the-apache-software-foundation-announces78 - ASF FY2021 Annual Report (PDF) https://www.apache.org/foundation/docs/FY2021AnnualReport.pdf ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Next Board Meeting: 20 October 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998. ApacheCon Asia was held online 6-8 August; ApacheCon@Home is coming up next on 21-23 September: - The Apache® Software Foundation Announces Program for ApacheCon@Home 2021 https://blogs.apache.org/foundation/entry/the-apache-software-foundation-announces77 - Learn all about ApacheCon with Rich Bowen and Swapnil M Mane https://youtu.be/m_c7NJ5yMOg - Learn about the Community Track from Sharan Foga and Swapnil M Mane https://youtu.be/8cZF-gaE3a4 - Register for ApacheCon@Home https://www.apachecon.com/acah2021/ ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at 99.99%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the Apache Infrastructure Uptime site to see the most recent averages. http://www.apache.org/uptime/ Apache Code Snapshot – Over the past week, 356 Apache Committers changed 2,986,797 lines of code over 3,104 commits. Top 5 contributors, in order, are: Alex Heneveld, Andrea Cosentino, Stephen Mallette, Andi Huber, and Claus Ibsen. Apache Project Announcements – the latest updates by category. Application Servers/Middleware -- - Apache Karaf runtime 4.3.3 released https://karaf.apache.org/ Content -- - Apache PDFBox 3.0.0-alpha2 released https://pdfbox.apache.org/ - Apache Any23 2.5 released http://any23.apache.org/ -- CVE-2021-38555: An XML external entity (XXE) injection vulnerability exists in StreamUtils.java https://lists.apache.org/thread.html/r589d1a9f94dbeee7a0f5dbe8513a0e300dfe669bd964ba2fbfe28e07%40%3Cannounce.apache.org%3E -- CVE-2021-40146: A Remote Code Execution (RCE) vulnerability exists in YAMLExtractor.java https://lists.apache.org/thread.html/r7c521ed85c7ae1bad4fdf95b459f2aaa8a67eae338636b7b7ec35d86%40%3Cannounce.apache.org%3E Cloud Computing -- - Apache jclouds 2.4.0 released https://jclouds.apache.org/ Integration -- - Apache Camel 3.11.2 (LTS) released https://camel.apache.org/ IoT -- - Apache IoTDB 0.12.2 released https://iotdb.apache.org/ Libraries -- - Apache Log4j Kotlin API 1.1.0 released https://logging.apache.org/ - Apache Commons RNG 1.4 released https://commons.apache.org/ - Apache Jena CVE-2021-39239: XML External Entity (XXE) vulnerability https://lists.apache.org/thread.html/rf44d529c54ef1d0097e813f576a0823a727e1669a9f610d3221d493d%40%3Cannounce.apache.org%3E Observability -- - Apache SkyWalking Python Agent 0.7.0 and Satellite 0.2.0 released https://skywalking.apache.org/ Search -- - Apache Solr Operator v0.4.0 released http://solr.apache.org/ Security Framework -- - Apache Shiro CVE-2021-41303: Before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass https://lists.apache.org/thread.html/r85a80d9187a1ee920780f410e902aa340d679d15733c13730662fb22%40%3Cannounce.apache.org%3E Servers -- - Apache Tomcat 8.5.71, 9.0.53, 10.0.11, and 10.1.0-M5 (alpha) released https://tomcat.apache.org/ -- CVE-2021-41079: Denial of Service https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.apache.org%3E - Apache HttpComponents Core 5.2-alpha1 released https://hc.apache.org/ Web Frameworks - - Apache Wicket 9.5.0 released https://wicket.apache.org/ Did You Know? - Did you know that NASA JPL uses Apache Kafka to enable real-time data feeds from Mars? http://kafka.apache.org/ - Did you know that ASF Infrastructure's uptime during FY2021 was 99.75%? https://apache.org/uptime/ - Did you know that Shopify uses Apache Flink to analyze 10 TB+ of data? http://flink.apache.org/ Apache Community Notices - Watch "Trillions and Trillions Served"
Success at Apache: from Mentee to PMC
[this post is available online at https://s.apache.org/13mcu ] by Ephraim Anierobi This post is about how I became a committer and a Project Management Committee (PMC) member of Apache Airflow, and provides guidance to those new to programming, are new to contributing to open-source projects, and want to become committers and PMC members in their respective Apache projects. About a year and a half after changing my career from electrical engineering to software development, I became a committer and a Project Management Committee member of Apache Airflow. Becoming a committer and a PMC member is a reward and a kind of validation that you are on the right part of your journey. On February 16, 2021, I accepted an invitation to become a committer in Apache Airflow. It came as a surprise, as I was not expecting it. Six months down the line, I received another surprise invitation to become a PMC member in Apache Airflow. These are impressive feats for me because before contributing to Apache Airflow, I didn't have experience working with other programmers. I was making websites and taught a few friends of mine how to make their own. I didn't have a mentor, and no one has ever seen my code to advise whether to continue on my journey or drop the idea of becoming a programmer. While I desired to work with experienced programmers to improve my skills, I feared people seeing my code would talk me down. I almost gave up on my journey only to come across an Outreachy post on Twitter looking for interns for open source projects. Outreachy is a tech diversity program that provides three months of paid, remote internships to people underrepresented in tech. I was ready to change my career and was looking for mentorship, but couldn't find an internship that could help me get started in my journey. In Nigeria where I'm living, your location affects your chances of getting an entry-level job. I was not close to the major cities. So I applied for an internship through Outreachy. There are two application processes. The initial application involves explaining your background and why you should be accepted into the program. You must pass the initial application before you could proceed to the next. The second application process (called the contribution period) is where you choose an open source project that matches your skill sets and then contribute to it. You must have some minimum contributions before you could be accepted. That was how I found Apache Airflow. You could imagine the joy I had when I was accepted into the program. Here are things I did which I believe would help you in your journey to becoming an Apache committer and a PMC member. Asking Questions Asking questions is the fastest way to learn. Don't be afraid to ask questions if you do not understand something. I ask questions a lot and I always get answers, but I didn't start by asking questions: I made 40 commits to the repository without understanding what Airflow does. It was not until I joined my new employer Astronomer that I learned what DAG is and what a data pipeline is. Now I can easily reproduce issues following someone's descriptions. I wish I had asked questions earlier --I could have had more experience by now! Start small If you are like me, with little experience, start contributing from the minor issues. Find good first issues and work on them. You don't have to wait to contribute a large change before contributing. While working on the REST API project, which I got hired by Outreachy to do, I was looking at the codebase. I started with Airflow providers because it was easy for me to understand. There were so many requests about providers at the time and I started looking into it, reading the code base, and helping with the providers. I didn't go into the core straight up; I avoided it. My first PR was on simple database migration during the Outreachy contribution period. Refactor codes Airflow is complex. Till now, I'm still learning it. Just last week I learned about how the execution date works. I know there are a lot of other things I have not understood very well but refactoring helped me to understand a lot. When I was to work in the scheduler, I found the file was so large that I went back and forth without progress. I worked on separating the files and I'm glad I did because after that I could contribute. I recommend refactoring code but do not go into large refactoring. A little at a time, with the hope to understand the project. Avoid the core of the project if you are just starting. Issues One thing about issues is that most reporters would tell you how to reproduce them. Most times, you would find that the issue is quite easy to fix. I usually jump on those and fix them. Other times, I had to contact my superiors before I could fix it. Looking at reported issues gives an added advantage that you could learn how the software works in the real world. Try to
The Apache News Round-up: week ending 10 September 2021
[this newsletter is available online at https://s.apache.org/cgxvx ] We're wrapping up another great week with the following activities from the Apache community: ASF Annual Report – a look back at our many achievements during the 2021 Fiscal Year - Press release https://s.apache.org/FY2021AnnualReport-pressrelease - Full report https://s.apache.org/FY2021AnnualReport ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Next Board Meeting: 15 September 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998. ApacheCon Asia was held online 6-8 August; ApacheCon@Home is coming up next on 21-23 September: - The Apache® Software Foundation Announces Program for ApacheCon@Home 2021 https://s.apache.org/ACHome2021 - Learn all about ApacheCon with Rich Bowen and Swapnil M Mane https://youtu.be/m_c7NJ5yMOg - Learn about the Community Track from Sharan Foga and Swapnil M Mane https://youtu.be/8cZF-gaE3a4 - Register for ApacheCon@Home https://www.apachecon.com/acah2021/ ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/ Apache Code Snapshot – Over the past week, 326 Apache Committers changed 9,187,985 lines of code over 2,985 commits. Top 5 contributors, in order, are: Harikrishna Patnala, Andi Huber, Yann Ylavic, Andrea Cosentino, and Benoit Tellier. Apache Project Announcements – the latest updates by category. APIs -- - Apache APISIX Go Plugin Runner 0.2.0 released https://apisix.apache.org/ Application Servers -- - Apache Geronimo Arthur 1.0.3 released https://geronimo.apache.org/arthur Databases -- - Apache Geode 1.14.0 released http://geode.apache.org/ Content -- - Apache Jackrabbit 2.14.10 released http://jackrabbit.apache.org/ Programming Languages -- - Apache Groovy 2.5.15, 3.0.9, and 4.0.0-beta-1 released https://groovy.apache.org/ Workflow -- - Apache DolphinScheduler 1.3.8 released https://dolphinscheduler.apache.org/ - Apache Airflow CVE-2021-38540: Variable Import endpoint missed authentication check https://s.apache.org/88ww5 Did You Know? - Did you know that ByteDance uses Apache Hudi to build exabyte-scale data lakes for services such as TikTok? http://hudi.apache.org/ - Did you know that the Netherlands and Japan Pulsar MeetUp groups are having meetups in September? https://pulsar.apache.org/en/events/ - Did you know that Kafka Summit will be held online and free of charge 14-15 September? http://kafka.apache.org/events Apache Community Notices - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" [6 min] https://s.apache.org/ApacheEverywhere 3) "Why Apache" [2.5 min] https://s.apache.org/ASF-Trillions-WhyApache 4) “Apache Innovation” [40 min] https://s.apache.org/ApacheInnovation - The Apache Month in Review: August 2021 https://s.apache.org/August2021 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI - Foundation Reports and Statements http://www.apache.org/foundation/reports.html - Presentations from ApacheCon Asia are available at https://s.apache.org/ApacheConAsia2021-talks - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache - Inside Infra: the new interview series with members of the ASF infrastructure team --meet Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris Drew Foulks https://s.apache.org/InsideInfra-Drew Greg Stein Part I https://s.apache.org/InsideInfra-Greg ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3 Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2 Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2 Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2 Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2 - Follow the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation - Follow the Apache Community on Facebook https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter https://twitter.com/ApacheCommunity - Are your software solutions Powered by
Apache Month in Review: August 2021
[this announcement is available online at https://s.apache.org/August2021 ] Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in August: New this month -- - The Apache Software Foundation Announces Apache® Pinot™ as a Top-Level Project https://s.apache.org/ft8p6 - The Apache® Software Foundation Announces Program for ApacheCon@Home 2021 https://s.apache.org/ACHome2021 - The Apache Drill Project Announces Apache® Drill™ v1.19 Milestone Release https://s.apache.org/bfhy6 - The Apache® Software Foundation Announces Annual Report for 2021 Fiscal Year https://s.apache.org/FY2021AnnualReport-pressrelease - Apache Month in Review: July 2021 https://s.apache.org/July2021 + Video highlights https://youtu.be/KIYB1g6SKhg Important Dates -- - Next Board Meeting: 15 September 2021. Board calendar and minutes http://apache.org/foundation/board/calendar.html - ApacheCon™ --the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998-- is being held twice in 2021: - UPCOMING: Register for ApacheCon@Home - 21-23 September https://www.apachecon.com/acah2021/ -- Learn about the Community Track from Sharan Foga and Swapnil M Mane https://youtu.be/8cZF-gaE3a4 - Completed: ApacheCon Asia - 6-8 August --presentations available at https://s.apache.org/37n3z Infrastructure -- Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in August was 99.61%. http://www.apache.org/uptime/ Committer Activity -- In August, 764 Apache Committers changed 15,185,996 lines of code over 17,295 commits. The Committers with the top 5 highest contributions, in order, were: Claus Ibsen, Alex Herbert, Andrea Cosentino, Harikrishna Patnala, and Kaxil Naik. Project Releases and Updates -- New releases from Apache ActiveMQ (Messaging); Airflow (Workflow); APISIX (APIs); Camel (Integration); Commons (Libraries); EventMesh (incubating; Eventing); Flink (Big Data); Geode (Databases); Hop (incubating; Orchestration); Jackrabbit (Content); NiFi (Big Data); OFBiz (ERP/Enterprise Resource Planning); Portable Runtime (Libraries); Pulsar (Messaging); Qpid (Messaging); Roller (Content); ServiceComb (Libraries); Teaclave (incubating; Confidential Computing); Tika (Content); Tomcat (Servers); Traffic Server (Servers). Apache Project Anniversaries in August: jUDDI (11 years); Any23, Lucene.Net, and Oozie (9 years); Ignite, Serf, and Usergrid (6 years); HAWQ (3 years). Many happy returns! The Apache Incubator is the primary entry path for projects wishing to become an official part of the ASF. Linkis (Middleware) entered the Apache Incubator in August. More than three dozen projects are currently undergoing development in the Apache Incubator http://incubator.apache.org/ . # # # To see our Weekly News Round-ups (published every Friday), visit https://blogs.apache.org/foundation/ and click on the calendar or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your support! = = = NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
The Apache® Software Foundation Announces Annual Report for 2021 Fiscal Year
[this announcement is available online at https://s.apache.org/FY2021AnnualReport-pressrelease ] World's largest Open Source foundation's community rallies during pandemic; uptick in project activity, participation, and sponsor support advances Foundation to continue to provide $22B+ worth of software to the public-at-large at 100% no cost. Wilmington, DE —31 August 2021— The Apache® Software Foundation (ASF), the world's largest Open Source foundation, announced today the availability of the annual report for its 2021 fiscal year (1 May 2020 – 30 April 2021). The all-volunteer ASF stewards 227M+ lines of code —valued conservatively at more than $22B (constructive cost model - CoCoMo)— all available to the public at 100% no cost. Apache software is used in every Internet-connected country on the planet, and is integral to nearly every aspect of modern computing. FY2021 highlights include: 1. 40 new individual Members elected, totalling 853 2. Exceeded 8,200 individual Committers 3. 200 Project Management Committees overseeing 351 Apache Projects, plus dozens of sub-projects and initiatives 4. 14 Top-Level Projects graduated from the Apache Incubator 5. 35 projects (a.k.a. “podlings”) undergoing development in the Apache Incubator 6. Top 5 most active Apache Projects accessed: Kafka, Hadoop, ZooKeeper, POI, Logging 7. Top 5 Apache Project repositories by commits: Camel, Flink, Airflow, Lucene-Solr, NuttX (incubating) 8. Top 5 most visited Apache Projects on GitHub: Spark, Flink, Kafka, Arrow, Beam 9. 17,758 authors sent 2,184,671 emails on 780,274 topics 10. Top 5 Apache Project user and developer email lists by activity: Flink (user), Tomcat (developer), James (developer), Flink (developer), Kafka (developer) 11. 17,000+ emails sent to ASF Security team 12. 3,058 Committers changed 134,517,884 lines of code over 258,860 commits 13. 672 Individual Contributor License Agreements signed 14. 23 Corporate Contributor License Agreements signed 15. 32 Software Grant Agreements executed 16. ASF's seven-member Infrastructure team on three continents supports all Apache projects, initiatives, and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. Average uptime in FY2021 was 99.75% 17. New Infrastructure-developed tools and services enable Apache Projects and their communities to self-administer numerous features around their code repositories 18. Fundraising yielded a positive net income, exceeding FY2021 targets 19. Foundation operations supported by contributions from 9 Platinum Sponsors, 10 Gold Sponsors, 8 Silver Sponsors, 30 Bronze Sponsors, 10 Platinum Targeted Sponsors, 5 Gold Targeted Sponsors, 3 Silver Targeted Sponsors, 12 Bronze Targeted Sponsors, and more than 630 individual donors; 20. Less than 10% of income spent on overhead 21. Published new Website dedicated to data privacy https://privacy.apache.org 22. Produced and released "Trillions and Trillions Served" documentary series 23. Launched "Inside Infra" interview series with members of ASF Infrastructure team 24. Held first ApacheCon@Home event online to thousands of attendees from around the world 25. Advanced Diversity & Inclusion goals, including securing internships, conducting Community Survey and User Experience Research, and easing barriers to entry for contributors from underrepresented groups 26. ASF was a mentoring organization in Google Summer of Code for the 16th consecutive year The full report is available online at https://s.apache.org/FY2021AnnualReport About The Apache Software Foundation (ASF) Established in 1999, The Apache Software Foundation (ASF) is the world’s largest Open Source foundation, stewarding 227M+ lines of code and providing more than $22B+ worth of software to the public at 100% no cost. The ASF’s all-volunteer community grew from 21 original founders overseeing the Apache HTTP Server to 850+ individual Members and 206 Project Management Committees who successfully lead 350+ Apache projects and initiatives in collaboration with 8,200+ Committers through the ASF’s meritocratic process known as "The Apache Way". Apache software is integral to nearly every end user computing device, from laptops to tablets to mobile devices across enterprises and mission-critical applications. Apache projects power most of the Internet, manage exabytes of data, execute teraflops of operations, and store billions of objects in virtually every industry. The commercially-friendly and permissive Apache License v2 is an Open Source industry standard, helping launch billion dollar corporations and benefiting countless users worldwide. The ASF is a US 501(c)(3) not-for-profit charitable organization funded by individual donations and corporate sponsors including Aetna, Alibaba Cloud Computing, Amazon Web Services, Anonymous, ARM, Baidu, Bloomberg, Budget Direct, Capital
The Apache Drill Project Announces Apache® DrillTM v1.19 Milestone Release
[this announcement is available online at https://s.apache.org/bfhy6 ] Open Source, enterprise-grade, schema-free Big Data SQL query engine used by thousands of organizations, including Ant Group, Cisco, Ericsson, Intuit, MicroStrategy, Tableau, TIBCO, TransUnion, Twitter, and more. Wilmington, DE —30 August 2021— The Apache Drill Project announced the release of Apache® DrillTM v1.19, the schema-free Big Data SQL query engine for Apache Hadoop®, NoSQL, and Cloud storage. "Drill 1.19 is our biggest release ever," said Charles Givre, Vice President of Apache Drill. "With an already short learning curve, Drill 1.19 makes it even easier for users to quickly query, analyze, and visualize data from disparate sources and complex data sets.” An "SQL-on-Hadoop" engine, Apache Drill is easy to deploy, highly performant, able to quickly process trillions of records, and scalable from a single laptop to a 1000-node cluster. With its schema-free JSON model (the first distributed SQL query engine of its kind), Drill is able to query complex semi-structured data in situ without requiring users to define schemas or transform data. It provides plug-and-play integration with existing Hive and HBase deployments, and is extensible out-of-the-box to access multiple data sources, such as S3 and Apache HDFS, HBase, and Hive. Additionally, Drill can directly query data from REST APIs to include platforms like SalesForce and ServiceNow. Drill supports the ANSI SQL 2003 standard syntax ecosystem as well as dozens of NoSQL databases and file systems, including Apache HBase, MongoDB, Elasticsearch, Cassandra, REST APIs, , HDFS, MapR-FS, Amazon S3, Azure Blob Storage, Google Cloud Storage, NAS, local files, and more. Drill leverages familiar BI tools (such as Apache Superset, Tableau, MicroStrategy, QlikView and Excel) as well as data virtualization and visualization tools, and runs interactive queries on Hive tables with different Hive metastores. Apache Drill v1.19 Drill is designed from the ground up to support high-performance analysis on rapidly evolving data on modern Big Data applications. v1.19 reflects more than 100 changes, improvements, and new features that include: - New Connectors for Apache Cassandra, Elasticsearch, and Splunk - New Format Reader for XML without schemas - Added Avro support for Kafka plugin - Integrated password vault for secure credential storage - Support for Linux ARM64 systems - Added limit pushdowns for file systems, HTTP REST APIs and MongoDB - Added streaming for Drill's REST API - Integration with Apache Airflow Developers, analysts, business users, and data scientists use Apache Drill for data exploration and analysis for its enterprise-grade reliability, security, and performance. Drill's flexibility and ease-of-use have attracted thousands of users that include Ant Group, Cardlytics, Cisco, Ericsson, Intuit, MicroStrategy, Qlik, Tableau, TIBCO, TransUnion, Twitter, National University of Singapore, and more. "Individuals, businesses, and organizations of all types rely on Apache Drill's rich functionality," added Givre. "We invite everyone to participate in our user and developer lists as well as our Slack channel, and contribute to the project to build on our momentum and help improve the future experience for all Drill users." Catch Apache Drill in action at ApacheCon@Home, taking place online 21-23 September 2021. For more information and to register, visit https://www.apachecon.com/ . Availability and Oversight Apache Drill software is released under the Apache License v2.0 and is overseen by a volunteer, self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. About Apache Drill Apache Drill is the Open Source, schema-free Big Data SQL query engine for Apache Hadoop, NoSQL, and Cloud storage. For more information, including documentation and ways to become involved with Apache Drill, visit http://drill.apache.org/ , https://twitter.com/ApacheDrill , and https://apache-drill.slack.com/ . © The Apache Software Foundation. "Apache", "Drill", "Apache Drill", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners. # # # NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
The Apache® Software Foundation Announces Program for ApacheCon@Home 2021
[this announcement is available online at https://s.apache.org/ACHome2021 ] Official Apache global conference series to be held virtually for second year, featuring 140+ sessions, and keynotes from GitHub, NYU and Open Source Hardware Association, Red Hat, and the Wilson Center. Wilmington, DE —17 August 2021— The Apache® Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced keynotes, sponsors, and program for ApacheCon@Home, taking place online 21-23 September 2021. Registration is open and free for all attendees. "With dozens of compelling talks on the latest Apache innovations, presented by noted community experts and supported by an impressive roster of sponsors, we expect a record turnout of attendees," said Ruth Suehle, ASF Executive Vice President and ApacheCon@Home co-Chair. "We're excited to enable participants to join us at their own convenience online and to build on the success of last year's inaugural ApacheCon@Home, with nearly 3,500 attendees." ApacheCon is the ASF's official global conference series, first held in 1998. ApacheCon draws attendees from more than 130 countries to experience "Tomorrow's Technology Today" independent of business interests, corporate biases, or sales pitches. ApacheCon showcases the latest breakthroughs from dozens of Apache projects, with content selected entirely by Apache projects and their communities. ApacheCon@Home joins ApacheCon Asia, which took place online 6-8 August, to meet the educational demands of the growing Apache community of developers, users, and enthusiasts worldwide. "The ApacheCon@Home format has been a game changer by letting many members of the Apache community experience ApacheCon for the first time —all from the comfort of their homes or any location,” said Rich Bowen, Vice President of Conferences at the ASF. "We continue to grow and evolve our events to enable participants from around the globe to experience the full event as it happens, and interact with community members and sponsors in real-time. Post-event session recordings enable thousands to enjoy ApacheCon year-round." ApacheCon@Home features more than 140 sessions, all held virtually and online. Participants at all levels will learn about innovations in Apache projects and categories that include: ActiveMQ; AGE (incubating); APISIX; API and Microservice; Beam; Big Data; Calcite; Camel; Cassandra, Community; Content Delivery; Content Management; CXF; Daffodil; DataSketches; Data Visualization; DolphinScheduler; Druid; Federated Data; Fineract and FinTech; Flink; Geode; Geospatial; Groovy; Hadoop; Hadoop YARN; HBase; HDFS; Hive; Hop (incubating); HTTP Server; Hudi Ignite; Impala; Incubator; Integration; Internet of Things; James; Jena; Kafka; Karaf; Kudu; Liminal (incubating); Lucene; MADlib; MXNet (incubating); NiFi; NLPCraft (incubating); OpenNLP; Ozone; PLC4X; POI; Pulsar; Search; Sedona (incubating); SIS; SkyWalking; Sling; Solr; Spark; Storm; Streampipes (incubating); Teaclave (incubating); Thrift; Tika; Tomcat; Traffic Control; Traffic Server; Wayang (incubating); YuniKorn (incubating); Zookeeper; and more. Keynote presentations will be delivered by Ashley Wolf, head of GitHub’s Open Source Program Office; Mark Cox, ASF Vice President Security, and Distinguished Software Engineer at Red Hat’s Open Source Program Office; Dr. Alison Parker, Senior Program Associate in the Science and Technology Innovation Program at the Wilson Center; and Michael Weinberg, Executive Director of the Engelberg Center on Innovation Law & Policy at NYU Law and the Board President of the Open Source Hardware Association. The full program is available at https://www.apachecon.com/acah2021/tracks/ ApacheCon@Home sponsors include Strategic Sponsor Google; Platinum Sponsors Apple, Huawei, Instaclustr, and Tencent Cloud; Gold Sponsors AWS, Baidu, Cerner, Didi Chuxing, Dremio, Fiter, Red Hat, and Replicated; Silver Sponsors Imply, Securonix, and SphereEx; and Bronze Sponsor Technical Arts & Engineering. AWS, Huawei, Didi Chuxing, Tencent, Baidu, and SphereEx were also Sponsors of ApacheCon Asia. To sponsor ApacheCon@Home, visit https://www.apachecon.com/acah2021/2021_ApacheCon_prospectus.pdf Register today at https://www.apachecon.com/acah2021/register.html . About ApacheCon ApacheCon is the official global conference series of The Apache Software Foundation. Since 1998 ApacheCon has been drawing participants at all levels to explore "Tomorrow's Technology Today" across 350+ Apache projects and their diverse communities. In 2020 and 2021 ApacheCon events showcase ubiquitous Apache projects and emerging innovations virtually through sessions, keynotes, real-world case studies, community events, and more, all online and free of charge. For more information, visit http://apachecon.com/ and https://twitter.com/ApacheCon . About The Apache
The Apache Software Foundation Announces Apache® Pinot™ as a Top-Level Project
[this announcement is available online at https://s.apache.org/ft8p6 ] Open Source distributed real-time Big Data analytics infrastructure in use at Amazon-Eero, Doordash, Factual/FourSquare, LinkedIn, Stripe, Uber, Walmart, Weibo, and WePay, among others. Wilmington, DE —2 August 2021— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® Pinot™ as a Top-Level Project (TLP). Apache Pinot is a distributed Big Data analytics infrastructure created to deliver scalable real-time analytics at high throughput with low latency. The project was first created at LinkedIn in 2013, open-sourced in 2015, and entered the Apache Incubator in October 2018. "We are pleased to successfully adopt 'the Apache Way' and graduate from the Apache Incubator," said Kishore Gopalakrishna, Vice President and original co-creator of Apache Pinot. "Pinot initially pushed the boundaries of real-time analytics by delivering insights to millions of Linkedin users. Today, as an Apache Top-Level Project, Pinot is in the hands of developers across the globe who are building it to power several user-facing analytical applications and unlock the value of data within their organizations." Scalable to trillions of records, Apache Pinot’s online analytical processing (OLAP) ingests both online and offline data sources from Apache Kafka, Apache Spark, Apache Hadoop HDFS, flat files, and Cloud storages in real time. Pinot is able to ingest millions of events and serve thousands of queries per second, and provide unified analytics in a distributed, fault-tolerant fashion. Features include: Speed —answers OLAP queries with low latency on real-time data Pluggable indexing —Sorted, Inverted, Text Index, Geospatial Index, JSON Index, Range Index, Bloom filters Smart Materialized Views - Fast Aggregations via star-tree index Supports different stream systems with near real-time ingestion —with Apache Kafka, Confluent Kafka, and Amazon Kinesis, as well as customizable input format, with out-of the box support for Avro and JSON formats Highly available, horizontally scalable, and fault tolerant Supports lookup joins natively and full joins using PrestoDB/Trino Apache Pinot is used to power internal and external analytics at Adbeat, Amazon-Eero, Cloud Kitchens, Confluera, Doordash, Factual/FourSquare, Guitar Center, LinkedIn, Publicis Sapient, Razorpay, Scale Unlimited, Startree, Stripe, Traceable, Uber, Walmart, Weibo, WePay, and more. Examples of how Apache Pinot helps organizations across numerous verticals include: 1) a fintech company uses Pinot to achieve financial data visibility across 500+ terabytes of data and sustain half million queries per second with financial transactions; 2) a food delivery service leveraged Pinot in the midst of the COVID-19 pandemic to analyze real-time data to provide a socially-distanced pick-up experience for its riders and restaurants; and 3) a large retail chain with geographically distributed franchises and stores uses Pinot for revenue-generating opportunities by analyzing real-time data for internal use cases, as well as real-time cart analysis to increase sales. "We rely on Apache Pinot for all our real-time analytics needs at LinkedIn," said Kapil Surlaker, Vice President of Engineering at LinkedIn. "It's battle-tested at LinkedIn scale for hundreds of our low-latency analytics applications. We believe Apache Pinot is the best tool out there to build site-facing analytics applications and we will continue to contribute heavily and collaborate with the Apache Pinot community. We are very happy to see that it's now a Top-level Apache project." "We use Apache Pinot in our real-time analytics platform to power external user-facing applications and critical operational dashboards," said Ujwala Tulshigiri, Engineering Manager at Uber. "With Pinot's multi-tenancy support and horizontal scalability, we have scaled to hundreds of use cases that run complex aggregations queries on terabytes of data at millisecond latencies, with the minimal overhead of cluster management." "We've been using Apache Pinot since last year, and it's been a huge win for our client’s dashboard project," said Ken Krugler, President of Scale Unlimited. "Pinot's ability to rapidly generate aggregation results over billions of records, with modest hardware requirements, was critical for the success of the project. We've also been able to provide patches to add functionality and fix issues, which the Pinot community has quickly integrated and released. There was never any doubt in our minds that Pinot would graduate from the Apache incubator and become a successful top-level project." "Last year, we started without analytics built into our product," said Pradeep Gopanapalli, technical staff member at Confluera. "By the end of the year, we were using Apache Pinot
Apache Month in Review: July 2021
[this post is available online at https://s.apache.org/July2021 ] Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in July (video highlights available at https://youtu.be/KIYB1g6SKhg ): New this month -- - The Apache Cassandra Project Releases Apache Cassandra v4.0, the Fastest, Most Scalable and Secure Cassandra Yet https://s.apache.org/d30v9 - Apache Attic --provides process and solutions when an Apache project has reached its end of life -- Apache Sqoop is now retired https://s.apache.org/0e51t - Apache Month in Review: June 2021 https://s.apache.org/June2021 + Video highlights https://youtu.be/yIE8SSHw2iw Important Dates -- - Next Board Meeting: 18 August 2021. Board calendar and minutes http://apache.org/foundation/board/calendar.html - ApacheCon™ --the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998-- will be held twice in 2021: --ApacheCon Asia - 6-8 August and ApacheCon@Home - 21-23 September The Apache® Software Foundation Welcomes its Global Community Online at ApacheCon Asia 2021 https://s.apache.org/ACAsia2021 Program, Registration, and Sponsorship available for both events https://www.apachecon.com/ Infrastructure -- Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in July was 99.88%. http://www.apache.org/uptime/ Committer Activity -- In July, 789 Apache Committers changed 13,194,378 lines of code over 17,560 commits. The Committers with the top 5 highest contributions, in order, were: Bertrand Delacrétaz, Andrea Cosentino, Gary Gregory, Mark Thomas, and Xiang Xiao. Project Releases and Updates -- New releases from Apache Ant (Build Management); Arrow (Big Data); APISIX (APIs); Beam (Big Data); Camel (Integration); Cassandra (Databases); CloudStack (Cloud Computing); Commons (Libraries); Curator (Messaging); Directory (Identity Management); Druid (Big Data); Fortress (Identity Management); Geode (Databases); HBase (Big Data); Impala (Databases); Jackrabbit (Content); James (Mail); Jena (Libraries); MINA (Network Client/Server); NiFi (Big Data); OpenMeetings (Web Conferencing); Qpid (Messaging); ShardingSphere (Big Data); SkyWalking (Observability); Streampipes (incubating; IoT); Tika (Content); Tomcat (Servers); Tuweni (incubating; Blockchain); UIMA (Content); Unomi (Data Management); Wicket (Web Frameworks); XML Beans (Big Data) The Apache Incubator is the primary entry path for projects wishing to become an official part of the ASF. No new projects entered the Apache Incubator in July. More than three dozen projects are currently undergoing development in the Apache Incubator http://incubator.apache.org/ . # # # To see our Weekly News Round-ups (published every Friday), visit https://blogs.apache.org/foundation/ and click on the calendar or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your support! = = = NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
The Apache Cassandra Project Releases Apache® Cassandra™ v4.0, the Fastest, Most Scalable and Secure Cassandra Yet
[this announcement is available online at https://s.apache.org/d30v9 ] Open Source enterprise-grade Big Data distributed database powers mission-critical deployments with improved performance and unparalleled levels of scale in the Cloud Wilmington, DE —27 July 2021— The Apache Cassandra Project released today v4.0 of Apache® Cassandra™, the Open Source, highly performant, distributed Big Data database management platform. "A long time coming, Cassandra 4.0 is the most thoroughly tested Cassandra yet," said Nate McCall, Vice President of Apache Cassandra. "The latest version is faster, more scalable, and bolstered with enterprise security features, ready-for-production with unprecedented scale in the Cloud." As a NoSQL database, Apache Cassandra handles massive amounts of data across load-intensive applications with high availability and no single point of failure. Cassandra’s largest production deployments include Apple (more than 160,000 instances storing over 100 petabytes of data across 1,000+ clusters), Huawei (more than 30,000 instances across 300+ clusters), and Netflix (more than 10,000 instances storing 6 petabytes across 100+ clusters, with over 1 trillion requests per day), among many others. Cassandra originated at Facebook in 2008, entered the Apache Incubator in January 2009, and graduated as an Apache Top-Level Project in February 2010. Apache Cassandra v4.0 Cassandra v4.0 effortlessly handles unstructured data, with thousands of writes per second. Three years in the making, v4.0 reflects more than 1,000 bug fixes, improvements, and new features that include: - Increased speed and scalability – streams data up to 5 times faster during scaling operations, and up to 25% faster throughput on reads and writes, that delivers a more elastic architecture, particularly in Cloud and Kubernetes deployments. - Improved consistency – keeps data replicas in sync to optimize incremental repair for faster, more efficient operation and consistency across data replicas. - Enhanced security and observability – audit logging tracks users access and activity with minimal impact to workload performance. New capture and replay enables analysis of production workloads to help ensure regulatory and security compliance with SOX, PCI, GDPR, or other requirements. - New configuration settings – exposed system metrics and configuration settings provides flexibility for operators to ensure they have easy access to data that optimize deployments. - Minimized latency – garbage collector pause times are reduced to a few milliseconds with no latency degradation as heap sizes increase. - Better compression – improved compression efficiency eases unnecessary strain on disk space and improves read performance. Cassandra 4.0 is community-hardened and tested by Amazon, Apple, DataStax, Instaclustr, iland, Netflix, and others that routinely run clusters as large as 1,000 nodes and with hundreds of real-world use cases and schemas. The Apache Cassandra community deployed several testing and quality assurance (QA) projects and methodologies to deploy the most stable release yet. During the testing and QA period, the community generated reproducible workloads that are as close to real-life as possible, while effectively verifying the cluster state against the model without pausing the workload itself. "In our experience, nothing beats Apache Cassandra for write scaling, and we're looking forward to the performance and management improvements in the 4.0 release," said Elliott Sims, Senior Systems Administrator at Backblaze. "We rely on Cassandra to manage over one exabyte of customer data and serve over 50 billion files for our customers across 175 countries so optimizing Cassandra's capabilities and performance means a lot to us." "Since 2016, software engineers at Bloomberg have turned to Apache Cassandra because it’s easy to use, easy to scale, and always available," said Isaac Reath, Software Engineering Team Lead, NoSQL Infrastructure at Bloomberg. "Today, Cassandra is used to support a variety of our applications, from low-latency storage of intraday financial market data to high-throughput storage for fixed income index publication. We serve up more than 20 billion requests per day on a nearly 1 PB dataset across a fleet of 1,700+ Cassandra nodes." "Netflix uses Apache Cassandra heavily to satisfy its ever-growing persistence needs on its mission to entertain the world. We have been experimenting and partially using the 4.0 beta in our environments and its features like Audit Logging and backpressure," said Vinay Chella, Netflix Engineering Manager and Apache Cassandra Committer. "Apache Cassandra 4.0's improved performance helps us reduce infrastructure costs. 4.0's stability and correctness allow us to focus on building higher-level abstractions on top of data store compositions, which results in increased developer velocity and optimized data
Re: The Apache® Software Foundation Welcomes its Global Community Online at ApacheCon(TM) Asia 2021
Hello everyone --we're ramping up for ApacheCon Asia! Learn more about the event from Sheng Wu and Willem Jiang at https://youtube.com/watch?v=hfRCrpnbDhc Join us online 6-8 August --hundreds of sessions over a dozen tracks-- registration is free for all! Sign up today at https://www.apachecon.com/acasia2021/ On Wed, Jun 9, 2021, at 12:01, Sally Khudairi wrote: > [this announcement is available online at https://s.apache.org/ACAsia2021 ] > > Asia edition of the official Apache global conference series to be held > virtually, with 140+ sessions, and keynote and plenary sessions by > luminaries from AliCloud, API7, DiDi Chuxing, Huawei, Kyligence, > PingCAP, Tencent Cloud, Tsinghua University, and more. > > Wilmington, DE —9 June 2021— The Apache® Software Foundation (ASF), the > all-volunteer developers, stewards, and incubators of more than 350 > Open Source projects and initiatives, announced keynotes, sponsors, and > program for ApacheCon(TM) Asia, taking place online 6-8 August 2021. > Registration is open and free for all attendees. > > "We’re excited to hold ApacheCon Asia online following last year’s > highly successful ApacheCon@Home," said Sheng Wu, ApacheCon Asia > co-Chair and member of the ASF Board of Directors. "The pandemic > mobilized the global Apache community to collectively produce a > first-rate online event, supported by an outstanding group of sponsors. > We are proud to build on ApacheCon’s new virtual format and bring the > ApacheCon Asia program to participants joining us from any location." > > ApacheCon is the ASF's official global conference series, first held in > 1998. ApacheCon draws attendees from more than 130 countries to > experience "Tomorrow's Technology Today" independent of business > interests, corporate biases, or sales pitches. > > ApacheCon showcases the latest breakthroughs from dozens of Apache > projects, with content selected entirely by Apache projects and their > communities. ApacheCon Asia joins ApacheCon@Home, taking place online > 21-23 September, to meet the educational demands of the growing Apache > community of developers, users, and enthusiasts worldwide. > > "Tune in to ApacheCon Asia's 140+ sessions to learn the latest > developments, best practices, and lessons learned with Apache projects, > incubating podlings, and community-led development 'The Apache Way',” > said Willem Jiang, ApacheCon Asia co-Chair and initiator of Apache > Local Community Beijing. "Participants can also connect and network > virtually with attendees, speakers, and sponsors in real-time, as well > as revisit presentations and explore additional tracks after the event." > > Participants at all levels will learn about Apache project innovations > in categories that include: APIs and Microservices; Big Data; > Community; Culture; Data Visualization; Incubator; Integration; IoT and > IIoT; Messaging; Middleware; Observability; Streaming; Servers; > Workflow and Data Governance. > > Featured Apache projects include Airflow, APISIX, Arrow, Atlas, Bigtop, > BookKeeper, brpc (incubating), Camel, CarbonData, Cassandra, Commons, > DolphinScheduler, Doris (incubating), Druid, Dubbo, ECharts, Flink, > Hadoop, HBase, Hive, HUDI, Ignite, Impala, InLong (incubating), IoTDB, > Kafka, Kudu, Kylin, Liminal (incubating), MXNet (incubating), Nemo > (incubating), Ozone, Pegasus (incubating), Pinot (incubating), PLC4X, > Pulsar, RocketMQ, ServiceComb, ShardingSphere, SkyWalking, Sling, > Spark, StreamPipes (incubating), Superset, Teaclave (incubating), > Tomcat, YuniKorn (Incubating), and more. > > Keynote presentations will be delivered by Dongxu Huang, CTO of > PingCAP; Jianmin Wang, Dean, School of Software at Tsinghua University; > Sharan Foga, ASF Board Member; and Sheng Wu, ASF Board Member. Plenary > sessions will be presented by AliCloud, API7, DiDi Chuxing, Huawei, > Kyligence, and Tencent Cloud. > > The full program is available at https://apachecon.com/acasia2021/tracks.html > > ApacheCon Asia sponsors include Strategic Sponsor Huawei; Platinum > Sponsors AliCloud, API7, DiDi Chuxing, Kyligence, and Tencent Cloud; > and Gold Sponsor Baidu. Huawei, Tencent, DiDi and Baidu are also > Sponsors of ApacheCon@Home at the above levels. > > To sponsor ApacheCon Asia and/or ApacheCon@Home, visit > https://www.apachecon.com/acah2021/2021_ApacheCon_prospectus.pdf > > Register today at https://apachecon.com/acasia2021/register.html . > > About ApacheCon > ApacheCon is the official global conference series of The Apache > Software Foundation. Since 1998 ApacheCon has been drawing participants > at all levels to explore "Tomorrow's Technology
The Apache News Round-up: week ending 2 July 2021
[this newsletter is available online at https://s.apache.org/wynzf ] Hello, July --we're midway through the year already. It's been another great week; let's see what the Apache community has been up to: Apache Month in Review – a round-up of our Round-ups and other newsworthy bits over the past month. - June Month in Review https://s.apache.org/June2021 --video highlights at https://youtu.be/yIE8SSHw2iw ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Next Board Meeting: 21 July 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998. Two events are being held in 2021: - ApacheCon@Home (21-23 September) - program and registration are live https://www.apachecon.com/acah2021/ - ApacheCon Asia (6-8 August) - program, registration, keynotes, and sponsors announced https://s.apache.org/ACAsia2021 - Sponsorship opportunities available for both events https://www.apachecon.com/acah2021/2021_ApacheCon_prospectus.pdf ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at 99.99%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/ Apache Code Snapshot – Over the past week, 349 Apache Committers changed 3,463,699 lines of code over 4,141 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Xiaoxiang Yu, Penghui Li, Andrea Cosentino, and Tellier Benoit. Apache Project Announcements – the latest updates by category. Apache Attic --provides process and solutions when an Apache project has reached its end of life. http://attic.apache.org/ - Apache MetaModel is now retired https://s.apache.org/69b1q Big Data -- - Apache Druid CVE-2021-26920: The HTTP inputSource allows authenticated users to read data from other sources than intended https://s.apache.org/e5oai Databases -- - Apache Geode 1.13.3 and 1.12.3 released http://geode.apache.org/ Integration -- - Apache Camel 3.11.0 released https://camel.apache.org/ Did You Know? - Did you know that the following Apache projects are celebrating anniversaries this week? Many happy returns to Apache Tcl (21 years), DB (19 years); STeVe (9 years); JSPWiki (8 years); Celix and Tez (7 years); NiFi (6 years); Kudu (5 years); Fluo, MADlib, and Streams (4 years); OpenWhisk (2 years); APISIX (1 year) https://projects.apache.org/committees.html?date - Did you know that Airflow Summit kicks off 8-16 July? https://airflow.apache.org/ - Did you know that FlinkForward Global will be held virtually 26-27 October? https://flink.apache.org/ Apache Community Notices - The Apache Month in Review: June 2021 https://s.apache.org/June2021 and video highlights https://youtu.be/yIE8SSHw2iw - The Apache® Software Foundation Celebrates 22 Years of Open Source Leadership – world’s largest Open Source foundation advances community-led innovation "The Apache Way" https://s.apache.org/22ndAnniversay - The Apache Software Foundation Operations Summary: Q3 FY2021 (November 2020 - January 2021) https://s.apache.org/Q3FY2021 + Video highlights https://youtu.be/S6FWqAuA_8M - Apache in 2020 - By The Digits https://s.apache.org/Apache2020Digits + Video highlights https://s.apache.org/Apache2020Digits-vid - ASF Security Report 2020 https://s.apache.org/SecurityReport2020 + Video highlights https://youtu.be/Z7yudar_da0 - ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport - "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI - Foundation Reports and Statements http://www.apache.org/foundation/reports.html - All presentations from ApacheCon@Home are available at https://www.youtube.com/c/TheApacheFoundation/ - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache - Inside Infra: the new interview series with members of the ASF infrastructure team --meet Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris Drew Foulks https://s.apache.org/InsideInfra-Drew Greg Stein Part I https://s.apache.org/InsideInfra-Greg ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3 Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2 Gavin McDonald Part I
Apache Month in Review: June 2021
[this post is available online at https://s.apache.org/June2021 ] Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in June (video highlights available at https://youtu.be/yIE8SSHw2iw ): New this month -- - Success at Apache – the blog series that focuses on the people and processes behind why the ASF "just works". Security in Practice by Jarek Potiuk https://s.apache.org/1upl4 - Apache Attic --provides process and solutions when an Apache project has reached its end of life http://attic.apache.org/ Apache MetaModel is now retired https://s.apache.org/69b1q - Apache Month in Review: May 2021 https://s.apache.org/May2021 + Video highlights https://youtu.be/ByiPjxGu_Tg Important Dates -- - Next Board Meeting: 21 July 2021. Board calendar and minutes http://apache.org/foundation/board/calendar.html - ApacheCon™ --the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998-- will be held twice in 2021: --ApacheCon Asia - 6-8 August --ApacheCon@Home - 21-23 September Program, Registration, and Sponsorship available for both events https://www.apachecon.com/ The Apache® Software Foundation Welcomes its Global Community Online at ApacheCon Asia 2021 https://s.apache.org/ACAsia2021 Infrastructure -- Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in May was 99.71%. http://www.apache.org/uptime/ Committer Activity -- In June, 703 Apache Committers changed 14,997,996 lines of code over 12,720 commits. The Committers with the top 5 highest contributions, in order, were: Mark Thomas, Andrea Cosentino, Daniel Haywood, Andi Huber, and Benoit Tellier. Project Releases and Updates -- New releases from Apache Airflow (Workflow); Arrow (Big Data); Calcite (Big Data); Camel (Integration); Commons (Libraries); CXF (Libraries); Drill (Big Data); Druid (Big Data); Flink (Big Data); HTTP Server (Servers); IoTDB (IoT); Jackrabbit (Content); Kudu (Big Data); Logging Chainsaw (Libraries); Lucene (Search); MyFaces (Web Frameworks); NetBeans (IDE); NLPCraft (Natural Language Processing); PDFBox (Content); Pulsar (Messaging); Qpid (Messaging); ShardingSphere (Big Data); SkyWalking (Observability); Solr (Search); Tika (Content); Tomcat (Servers) The Apache Incubator is the primary entry path for projects wishing to become an official part of the ASF. New to the Apache Incubator in June is Kyuubi, a distributed multi-tenant Thrift JDBC/ODBC server for Big Data management, processing, and analytics. We invite you to review the many projects currently in development in the Apache Incubator, including recent additions in the advertising, Big Data, geospatial, machine learning, messaging, natural language understanding, orchestration, and scheduling categories http://incubator.apache.org/ . # # # To see our Weekly News Round-ups (published every Friday), visit https://blogs.apache.org/foundation/ and click on the calendar or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your support! = = = NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
Success at Apache: Security in Practice
[this post is available online at https://s.apache.org/1upl4 ] by Jarek Potiuk This post is about the Apache Software Foundation's Security process and security mindset of the Apache Software project’s PMC put to the best use in practice. From this post you can learn why security practices we apply at our projects are important and how they work when they are applied correctly and when the right security-driven mindset is applied by the PMCs but also how important it is for the users of the Apache Software Foundation projects to keep their software updated - including latest security fixes. The idea of this article was triggered by a recent blog post of the security researcher Ian Caroll that has earned USD 13.000 on bug bounties by simply following up the results of Apache Security process applied by the Apache Airflow PMC. This saved quite a few businesses a lot of trouble, but it was only possible due to the foundations laid down by the ASF and the PMC of the project. Here is what Ian Caroll has to say about it: "This issue was a great example of how ASF's transparent way of fixing and disclosing vulnerabilities worked to protect users of their software, and gave many organizations a wake-up call on ensuring they upgrade and protect their open-source software." Apache Airflow is one of the most common orchestration software used in the industry currently, and due to its nature, it sounds like an important vector of attack - if you run it internally in your company, you are likely to interact with pretty much all your systems, and if you manage to break in through Airflow, it might cascade into as many systems you connect to. Therefore the Apache Airflow PMC takes security very seriously. So seriously that we have the whole discussion panel about Apache Airflow Security at the Airflow Summit that is coming soon - July 8-16th. This post's main point is to show how important it is to follow the security best practices for all the software lifecycle and how important it is to think about it at every step of building and releasing the software (and beyond). Let's start from the very beginning: making sure the code development process is secure. Like most of the ASF projects, the Apache Airflow project is developed in GitHub and together with a growing number of projects we use GitHub Actions to run continuous integration. There are a number of best practices and security hardening practices published by Github that you should follow when you run your CI with GitHub Actions, and we rigorously follow them, including monitoring of the "Security blog of GitHub" and following its advisories. And we have not stopped there. We actively think and discuss the potential security threats and ways how - for example supply chain attacks can be performed on our project, and we share our findings at the discussion mailing lists of the ASF and introducing recommendations for all ASF projects to make use of the best practices. One of the results there is documenting the practices and sharing them at the bui...@apache.org. But we also raised a few security issues to GitHub and as a result of that (at least that's the feedback we got from GitHub) they implemented some improvements that we apply in practice. The recent example of that is a change implemented by GitHub to allow control of permissions of the GitHub Token used during the CI build which resulted in this PR. Few months ago, we raised concern that having the blanket "write" permission is quite dangerous, and GitHub responded and implemented the change, which allowed us to limit the scope of tokens used for our builds and increase protection against a wide range of attacks - with the supply-chain attacks being recently the most prominent ones, leading to ransomware threats and millions of dollars paid to hackers. This is where the security mindset for the Apache Airflow PMC starts with and this lays the foundation for the next steps where the Apache Software Foundation takes a crucial role in - releasing the software and monitoring for security vulnerabilities. The ASF has a rather well established process for disclosing and following up with security vulnerabilities for the ASF projects. One that is very straightforward and simple to follow for everyone involved - starting from security researchers, who raise those issues, going through the voluntary (!) security team of the ASF that has to handle (from the upcoming annual report) 387 reports of possible vulnerabilities spanned across 95 of the top level ASF projects, which led to 155 CVEs (Common Vulnerabilities and Exposures) assigned, and end up with the PMC that has to handle solving the issues and follow up with reporting. Heck, ASF even introduced an internal portal to report and keep track of all the CVEs as well as report the yearly security summary report and video. This process is very clear about responsible disclosure and publishing the
The Apache® Software Foundation Welcomes its Global Community Online at ApacheCon(TM) Asia 2021
[this announcement is available online at https://s.apache.org/ACAsia2021 ] Asia edition of the official Apache global conference series to be held virtually, with 140+ sessions, and keynote and plenary sessions by luminaries from AliCloud, API7, DiDi Chuxing, Huawei, Kyligence, PingCAP, Tencent Cloud, Tsinghua University, and more. Wilmington, DE —9 June 2021— The Apache® Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced keynotes, sponsors, and program for ApacheCon(TM) Asia, taking place online 6-8 August 2021. Registration is open and free for all attendees. "We’re excited to hold ApacheCon Asia online following last year’s highly successful ApacheCon@Home," said Sheng Wu, ApacheCon Asia co-Chair and member of the ASF Board of Directors. "The pandemic mobilized the global Apache community to collectively produce a first-rate online event, supported by an outstanding group of sponsors. We are proud to build on ApacheCon’s new virtual format and bring the ApacheCon Asia program to participants joining us from any location." ApacheCon is the ASF's official global conference series, first held in 1998. ApacheCon draws attendees from more than 130 countries to experience "Tomorrow's Technology Today" independent of business interests, corporate biases, or sales pitches. ApacheCon showcases the latest breakthroughs from dozens of Apache projects, with content selected entirely by Apache projects and their communities. ApacheCon Asia joins ApacheCon@Home, taking place online 21-23 September, to meet the educational demands of the growing Apache community of developers, users, and enthusiasts worldwide. "Tune in to ApacheCon Asia's 140+ sessions to learn the latest developments, best practices, and lessons learned with Apache projects, incubating podlings, and community-led development 'The Apache Way',” said Willem Jiang, ApacheCon Asia co-Chair and initiator of Apache Local Community Beijing. "Participants can also connect and network virtually with attendees, speakers, and sponsors in real-time, as well as revisit presentations and explore additional tracks after the event." Participants at all levels will learn about Apache project innovations in categories that include: APIs and Microservices; Big Data; Community; Culture; Data Visualization; Incubator; Integration; IoT and IIoT; Messaging; Middleware; Observability; Streaming; Servers; Workflow and Data Governance. Featured Apache projects include Airflow, APISIX, Arrow, Atlas, Bigtop, BookKeeper, brpc (incubating), Camel, CarbonData, Cassandra, Commons, DolphinScheduler, Doris (incubating), Druid, Dubbo, ECharts, Flink, Hadoop, HBase, Hive, HUDI, Ignite, Impala, InLong (incubating), IoTDB, Kafka, Kudu, Kylin, Liminal (incubating), MXNet (incubating), Nemo (incubating), Ozone, Pegasus (incubating), Pinot (incubating), PLC4X, Pulsar, RocketMQ, ServiceComb, ShardingSphere, SkyWalking, Sling, Spark, StreamPipes (incubating), Superset, Teaclave (incubating), Tomcat, YuniKorn (Incubating), and more. Keynote presentations will be delivered by Dongxu Huang, CTO of PingCAP; Jianmin Wang, Dean, School of Software at Tsinghua University; Sharan Foga, ASF Board Member; and Sheng Wu, ASF Board Member. Plenary sessions will be presented by AliCloud, API7, DiDi Chuxing, Huawei, Kyligence, and Tencent Cloud. The full program is available at https://apachecon.com/acasia2021/tracks.html ApacheCon Asia sponsors include Strategic Sponsor Huawei; Platinum Sponsors AliCloud, API7, DiDi Chuxing, Kyligence, and Tencent Cloud; and Gold Sponsor Baidu. Huawei, Tencent, DiDi and Baidu are also Sponsors of ApacheCon@Home at the above levels. To sponsor ApacheCon Asia and/or ApacheCon@Home, visit https://www.apachecon.com/acah2021/2021_ApacheCon_prospectus.pdf Register today at https://apachecon.com/acasia2021/register.html . About ApacheCon ApacheCon is the official global conference series of The Apache Software Foundation. Since 1998 ApacheCon has been drawing participants at all levels to explore "Tomorrow's Technology Today" across 350+ Apache projects and their diverse communities. In 2020 and 2021 ApacheCon events showcase ubiquitous Apache projects and emerging innovations virtually through sessions, keynotes, real-world case studies, community events, and more, all online and free of charge. For more information, visit http://apachecon.com/ and https://twitter.com/ApacheCon . About The Apache Software Foundation (ASF) Established in 1999, The Apache Software Foundation is the world’s largest Open Source foundation, stewarding 227M+ lines of code and providing more than $20B+ worth of software to the public at 100% no cost. The ASF’s all-volunteer community grew from 21 original founders overseeing the Apache HTTP Server to 850+ individual Members and 200 Project Management Committees who successfully lead
Apache Month in Review: May 2021
[this post is available online at https://s.apache.org/May2021 ] Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in May (video highlights available at https://youtu.be/ByiPjxGu_Tg ): New this month -- - The Apache Attic provides process and solutions when an Apache project has reached its end of life. Apache Trafodion has retired https://s.apache.org/57y49 - Apache Month in Review: April 2021 https://s.apache.org/Apr2021 + Video highlights https://youtu.be/EOA1L1PjCYg Important Dates -- - Next Board Meeting: 16 June 2021. Board calendar and minutes http://apache.org/foundation/board/calendar.html - ApacheCon™ --the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998-- will be held twice in 2021: --ApacheCon Asia - 6-8 August --ApacheCon@Home - 21-23 September Registration and sponsorship opportunities for both events available at https://www.apachecon.com/ Infrastructure -- Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in May was 99.95%. http://www.apache.org/uptime/ Committer Activity -- In May, 699 Apache Committers changed 6,744,402 lines of code over 13,427 commits. The Committers with the top 5 highest contributions, in order, were: Jean-Baptiste Onofré, Andrea Cosentino, Mark Thomas, Albumen Kevin, and Daniel Haywood. Project Releases and Updates -- New releases from Apache ActiveMQ (Messaging); Airflow (Big Data); Allura (Content); APISIX (API); Calcite (Big Data); Camel (Integration); Daffodil (Libraries); Fineract (FinTech); Flink (Big Data); HttpComponents (Servers); Jackrabbit (Content); Kafka (Big Data); Karaf (Application Servers/Middleware); Log4cxx (Libraries); MyFaces (Web Frameworks); OpenOffice (Content); Pulsar (Messaging); Qpid (Messaging); Skywalking (Application Performance Management); Tomcat (Servers); UIMA (Content). The Apache Incubator is the primary entry path for projects wishing to become an official part of the ASF. New to the Apache Incubator in May is ShenYu, a Microservices API gateway. We invite you to review the many projects currently in development in the Apache Incubator, including recent additions in the advertising, Big Data, geospatial, machine learning, messaging, natural language understanding, orchestration, and scheduling categories http://incubator.apache.org/ . # # # To see our Weekly News Round-ups (published every Friday), visit https://blogs.apache.org/foundation/ and click on the calendar or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your support! = = = NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
Media Alert: Apache OpenOffice Recommends upgrade to v4.1.10 to mitigate legacy vulnerability
[this announcement is available online at https://s.apache.org/4gj2y ] Wilmington, DE —4 May 2021— Who: Apache OpenOffice, an Open Source office-document productivity suite comprising six productivity applications: Writer, Calc, Impress, Draw, Math, and Base. The OpenOffice suite is based around the OpenDocument Format (ODF), supports 41 languages, and ships for Windows, macOS, Linux 64-bit, and Linux 32-bit. Apache OpenOffice delivers up to 2.4 Million downloads each month. What: A recently reported vulnerability states that all versions of OpenOffice through 4.1.9 can open non-http(s) hyperlinks, and could lead to untrusted code execution. The Apache OpenOffice Project has filed a Common Vulnerabilities and Exposures report with MITRE Corporation’s national vulnerability reporting system: > CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes > in Hyperlinks > > Severity: moderate > >Credit: Fabian Bräunlein and Lukas Euler of Positive Security >https://positive.security/blog/url-open-rce#open-libreoffice The complete CVE report is available at https://www.openoffice.org/security/cves/CVE-2021-30245.html How: Applications of the OpenOffice suite handle non-http(s) hyperlinks in an insecure way, allowing for 1-click code execution on Windows and Xubuntu systems via malicious executable files hosted on Internet-accessible file shares. Why: The mitigation in Apache OpenOffice 4.1.10 assures that a security warning is displayed to give users the option of continuing to open the hyperlink. Best practice dictates to be careful when opening documents from unknown and unverified sources. When: The vulnerability predates OpenOffice entering the Apache Incubator. During the analysis of this issue, it was discovered that an incorrect bug fix was made by the StarOffice/OpenOffice.org developers preparing OpenOffice 2.0 in 2005, whilst under the auspices of Sun Microsystems. Where: Download Apache OpenOffice v4.1.10 at https://www.openoffice.org/download/ Apache OpenOffice Highlights 24 October 2020 — 300 million downloads of Apache OpenOffice 14 October 2020 — 20 year anniversary of OpenOffice 18 October 2016 — 200 million downloads of Apache OpenOffice 17 April 2014 — 100 million downloads of Apache OpenOffice 17 October 2012 — OpenOffice graduated as an Apache Top Level Project (TLP) 13 June 2011 — OpenOffice.org entered the Apache Incubator [downloads are binary installation files] For more information, visit https://openoffice.apache.org/ and https://twitter.com/ApacheOO About The Apache Software Foundation (ASF) Established in 1999, The Apache Software Foundation is the world’s largest Open Source foundation, stewarding 227M+ lines of code and providing more than $20B+ worth of software to the public at 100% no cost. The ASF’s all-volunteer community grew from 21 original founders overseeing the Apache HTTP Server to 850+ individual Members and 200 Project Management Committees who successfully lead 350+ Apache projects and initiatives in collaboration with more than 8,100 Committers through the ASF’s meritocratic process known as "The Apache Way". Apache software is integral to nearly every end user computing device, from laptops to tablets to mobile devices across enterprises and mission-critical applications. Apache projects power most of the Internet, manage exabytes of data, execute teraflops of operations, and store billions of objects in virtually every industry. The commercially-friendly and permissive Apache License v2 is an Open Source industry standard, helping launch billion dollar corporations and benefiting countless users worldwide. The ASF is a US 501(c)(3) not-for-profit charitable organization funded by individual donations and corporate sponsors including Aetna, Alibaba Cloud Computing, Amazon Web Services, Anonymous, Baidu, Bloomberg, Budget Direct, Capital One, Cloudera, Comcast, Confluent, Didi Chuxing, Facebook, Google, Handshake, Huawei, IBM, Microsoft, Namebase, Pineapple Fund, Red Hat, Reprise Software, Target, Tencent, Union Investment, Verizon Media, and Workday. For more information, visit http://apache.org/ and https://twitter.com/TheASF © The Apache Software Foundation. "Apache", "OpenOffice", "Apache OpenOffice", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners. # # # NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
Apache Month in Review: April 2021
[this post is available online at https://s.apache.org/Apr2021 ] Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in April (video highlights available at https://youtu.be/EOA1L1PjCYg ): New this month -- - The Apache Software Foundation Welcomes 40 New Members https://s.apache.org/2021NewMembers - ApacheCon™ (the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998) will be held twice in 2021: ApacheCon Asia (6-8 August) and ApacheCon@Home (21-23 September). Registration and sponsorship opportunities at https://www.apachecon.com/ --CFP closes 3 May! - New Sponsor Success at Apache post (the blog series that focuses on the people and processes behind why the ASF "just works", featuring insights and experiences from the perspective of select ASF Sponsors): "The Fork" by Wei Zhou https://s.apache.org/snobd - The Apache Software Foundation Announces Apache® DolphinScheduler™ as a Top-Level Project https://s.apache.org/yavpt - The Apache Attic provides process and solutions when an Apache project has reached its end of life. 19 Apache projects --Apex, Aurora, Chukwa, Crunch, DRAT, Eagle, Forrest, Hama, Labs, Lens, Marmotta, Metron, Open Climate Workbench, PredictionIO, Sentry, Stanbol, Tajo, Twill, and VXQuery-- have retired in April http://attic.apache.org/ - Apache Month in Review: March 2021 https://s.apache.org/Mar2021 + Video highlights https://youtu.be/wq2HXN4z9W0 Important Dates -- - CFP closes for ApacheCon Asia and ApacheCon@Home: 3 May 2021 https://www.apachecon.com/ - Next Board Meeting: 19 May 2021. Board calendar and minutes http://apache.org/foundation/board/calendar.html Infrastructure -- Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in March was 99.95%. http://www.apache.org/uptime/ Committer Activity -- In April, 738 Apache Committers changed 8,108,869 lines of code over 13,898 commits. The Committers with the top 5 highest contributions, in order, were: Andrea Cosentino, Mark Thomas, Shad Storhaug, Sebastian Rühl, and Stephen Mallette. Project Releases and Updates -- New releases from Apache Ant (Build Management); APISIX (API); Camel (Integration); Druid (Big Data); Flagon (Incubating; Libraries); Geode (Database); Groovy (Programming Languages); Hop (Incubating; Orchestration); Jackrabbit (Content); James (Mail); Kafka (Big Data); Karaf (Application Servers/Middleware); Maven (Build Management); MyFaces (Web Frameworks); MyNewt (Embedded OS); MXNet (Incubating; Libraries); OFBiz (Enterprise Processes Automation / ERP); OpenOffice (Content); Parquet (Big Data); PDFBox (Content); Qpid Proton (Messaging); Skywalking (Application Performance Management); Solr (Search); SpamAssassin (Mail); Syncope (Identity Management); Tika (Big Data); Tomcat (Servers); Traffic Server (Servers); Wicket (Web Frameworks); ZooKeeper (Databases). The Apache Incubator is the primary entry path for projects wishing to become an official part of the ASF. We invite you to review the many projects currently in development in the Apache Incubator, including recent additions in the advertising, Big Data, geospatial, machine learning, messaging, natural language understanding, orchestration, and scheduling categories http://incubator.apache.org/ . # # # To see our Weekly News Round-ups (published every Friday), visit https://blogs.apache.org/foundation/ and click on the calendar or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your support! - - - NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
Sponsor Success at Apache: The Fork
[this post is available online at https://s.apache.org/snobd ] by Wei Zhou I joined the Apache CloudStack community in 2012 and became a committer in 2013, eventually becoming a PMC (Project Management Committee) member in 2017. My journey to becoming a PMC was both physical and literal, and included several forks in the road. The forks presented themselves in all aspects of my journey – although the literal forks came later, mainly because my journey began in China. In 2010 I was working at China Mobile, the world's largest mobile network operator, in Beijing as the manager of a cloud project based on OpenNebula (another Open Source project). A year later, my partner received her PhD in the Netherlands and began working in Belgium, so I started looking for new work opportunities in the area. In 2012 I visited Europe and had a few interviews, but it was difficult at the time as my English was quite poor. I was committed to finding a good job and moving to Europe, which meant I needed to improve my English quickly. I studied the language, left China Mobile, and moved to Belgium permanently. It took me seven months to became fluent in English. I re-interviewed at the companies that had rejected me seven months prior and landed a position in Amsterdam at Leaseweb as a Cloud Innovation Engineer. At that time, we had two public cloud platforms based on Apache CloudStack. I was mainly working on the research of Apache CloudStack. In the first two months I fixed some bugs we found in our productions. Thanks to the CloudStack community, I also received tons of help as I began contributing my changes to the mainstream. In 2013 was invited to be a committer, 3 months after my first submission. It was a huge surprise and a massive honor for me, and I began pushing my changes for new features and bug fixes much more quickly. A year later, in 2014, Leaseweb released its first private cloud based on Apache CloudStack. It was very welcomed by many customers. As this was happening, we began finding issues with CloudStack as customers were requesting more features and functionalities. The same year, Apache CloudStack moved code repositories to GitHub.com and started using GitHub pull quests to review and merge commits. While all commits should be reviewed and approved by other commits before they are merged into the mainstream, we had already made many changes at Leaseweb and could not wait for next release. Because of this we created our own fork containing all our changes and bug fixes. We developed very quickly, and our process was much faster than the review/merge process of Apache CloudStack. The gap between our fork and the community was getting bigger and bigger. When we decided to upgrade from CloudStack 4.2.1 to CloudStack 4.7.1, we had to spend half of a year just to port all of our changes in our fork based on CloudStack 4.2.1 to new fork based on CloudStack 4.7.1. The same problem happened again when we tried to upgrade to CloudStack 4.14, and we had to spend around one year to port all of our changes. The lesson we learned from these two upgrades was that we needed to contribute more to the community and maintain a fork as small as possible. After realizing this, we contributed all of our features and bug fixes to the community by creating many GitHub PRs. Some PRs have now already been merged into mainstream, while others are still in review. My colleague recently asked me, “If you could go back in time, would you still make the Leaseweb fork?” My answer is yes, I would do it again. A fork makes us more flexible, as we can offer more stable production and more functionalities to our customers. However, if I could go back in time, I would have spent much more time contributing our changes to the community. I’ve learned that the gap between the fork and the community should be less than 100 commits. We learned so much from these two painstakingly long ports and have implemented the above advice. From now on, the Leaseweb fork only contains features we have developed in the past and bug fixes. For new features, we will always contribute to community and deploy to our production only if it is merged into the mainstream. By doing this, we will be able to upgrade to the next CloudStack release much easier, and will benefit more from the community (e.g., more bug fixes, more features by other contributors). When we contribute to the community, we also benefit from knowledge sharing and the contributions from others. Wei Zhou has been an Apache committer since 2013 and a PMC member since 2017. He has a Masters in Computer Applied Technology from the University of Science and Technology of China, and a PHD in Computer Organization and Architecture from the Institute of Computing Technology, Chinese Academy of Sciences. Wei specializes in all things computers and has over 10 years of experience in software development. He is Principal Cloud
The Apache Software Foundation Welcomes 40 New Members
[this announcement is available at https://s.apache.org/2021NewMembers ] The Apache Software Foundation (ASF) welcomes the following new Members who were elected during the annual ASF Members' Meeting on 9 and 11 March 2021: Maxime Beauchemin, Bolke de Bruin, Wei-Chiu Chuang, Jiangjie (Becket), Pablo Estrada, Dave Grove, Madhawa Kasun Gunasekara, Nathan Hartman, Tilman Hausherr, Georg Henzler, Xiangdong Huang, Nikita Ivanov, Yu Li, Geoff Macartney, Denis A. Magda, Carl Marcum, Matteo Merli, Aaron Morton, Aizhamal Nurmamat kyzy, Enrico Olivelli, Jaikiran Pai, Juan Pan, Pranay Pandey, Arun Patidar, Jarek Potiuk, Rodric Rabbah, Katia Rojas, Maruan Sahyoun, Aditya Sharma, Atri Sharma, Ankit Singhal, Michael Adam Sokolov, Simon Steiner, Benoit Tellier, Josh Thompson, Abhishek Tiwari, Sven Vogel, William Guo Wei, Ming Wen, Andrew Wetmore, and Liang Zhang. The ASF incorporated in 1999 with a core membership of 21 individuals who oversaw the progress of the Apache HTTP Server. This group grew with Committers —developers who contributed code, patches, documentation, and other contributions, and were subsequently granted access by the Membership: - to "commit" or "write" directly to Apache code repositories as well as make non-code contributions; - the right to vote on community-related decisions; and - the ability to propose an active contributor for Committership. Those Committers who demonstrate merit in the Foundation's growth, evolution, and progress are nominated for ASF Membership by existing Members. This election brings the total number of ASF Members to 853 today. Individuals elected as ASF Members legally serve as the "shareholders" of the Foundation https://www.apache.org/foundation/governance/members.html For more information on how the ASF works, visit http://www.apache.org/foundation/how-it-works.html Apache Is Open https://blogs.apache.org/foundation/entry/apache-is-open and Briefing: The Apache Way http://apache.org/theapacheway/ # # # NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
The Apache Software Foundation Announces Apache® DolphinScheduler™ as a Top-Level Project
[this announcement is available online at https://s.apache.org/yavpt ] Open Source distributed Big Data visual workflow scheduler system in use at thousands of organizations, including Budweiser, China Unicom, IDG Capital, IBM China, JD.com, Lenovo, New Oriental, Nokia China, Qihoo 360, SF Express, and Tencent, among others. Wilmington, DE —8 April 2021— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® DolphinScheduler™ as a Top-Level Project (TLP). Apache DolphinScheduler is a distributed, extensible visual Big Data workflow scheduler system. The project was first created at Analysys in December 2017, and entered the Apache Incubator in August 2019. "We learned a lot about becoming a strong Open Source project during our time in the Apache Incubator," said Lidong Dai, Vice President of Apache DolphinScheduler. "Our incubation mentors helped guide us with developing our project and community the Apache Way. We are pleased to have graduated as an Apache Top-Level Project." As a distributed and extensible data workflow scheduler platform with rich directed acyclic graph (DAG) visual interfaces, DolphinScheduler solves complex task dependencies and triggers in the data pipeline. Out-of-the-box, its easy-to-extend processing connects numerous systems to 100,000-level data task scheduling. Apache DolphinScheduler is: - Cloud Native —support multi-cloud/data center workflow management, also supports Kubernetes, Docker deployment and custom task types, distributed scheduling, with overall scheduling capability increased linearly with the scale of the cluster - Highly Reliable —decentralized multi-master and multi-worker, high availability, supported by itself, overload processing - User-Friendly —all process definition operations are visualized, defines key information at a glance, one-click deployment - Supports Rich Scenarios —includes streaming, pause, recover operation, multi-tenant, and additional task types such as spark, hive, mr, shell, python, flink, sub_process, and more. "Apache DolphinScheduler is designed for cloud-native," added Dai. "We are proud to have built a reliable and cloud friendly data workflow system while using next generation architecture and smart UI design." Apache DolphinScheduler has more than 4,000 users in China, with Internet companies and banks forming a large percentage of users. Users include Budweiser, China Unicom, IDG Capital, IBM China, JD.com, Lenovo, New Oriental, Nokia China, Qihoo 360, SF Express, and Tencent, among others. "Apache DolphinScheduler is an excellent data workflow open-source product," said Zhengjun Yin, Architect at China Unicom. "Its community is very friendly and gives us strong support. We save the cost of hundreds of human-months by using DolphinScheduler!" "Apache DolphinScheduler is amazing," said Xide Gu, Architect at JD Logistics. "JD Logistics used Apache DolphinScheduler as a stable and powerful platform to connect and control the data flow from various data sources in JDL, such as SAP Hana and Hadoop. It offers open API, easy plug-in and stable data flow development and scheduler environment. DolphinScheduler really helps JD Logistics data team accelerate development efficiency in many Agile BI projects!" "I am honored to guide the DolphinScheduler community from day one of the incubating. In the past 1.5 years, it grows fast and healthy," said Sheng Wu, ASF Board Member and DolphinScheduler Incubator Champion. "They learned the Apache culture quickly, and have great executive capability. It is great to see the project graduating from the incubator with a diverse and active community. Being a top-level project is a new beginning for you, look forward to becoming a global and powerful project." "I am honored to witness the entire process of DolphinScheduler from open source to entry into the Apache incubator, and then to graduation to become an independent Apache top-level project," said Shi Shaofeng, Member of the Apache Kylin and Apache Incubator Project Management Committees. "During more than one year, the participants in the DolphinScheduler community have been adhering to the open-source spirit, constantly innovating and making progress. The developers and contributors join in the community constantly and make DolphinScheduler, a big data scheduling tool created by the Chinese, become more and more perfect, more and more users, and enter a virtuous cycle of development. It is expected that after graduation from the incubator, she will continue to move forward under the management of PMCs and create more value for society and the public through open-source software." "Congratulations to open source project DolphinScheduler for graduating from the Apache incubator and becoming ASF's top project," said Chen Liang, Vice President of Apache
Apache Month in Review: March 2021
[this announcement is available online at https://s.apache.org/Mar2021 --video highlights available at https://s.apache.org/exppv ] Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in March: New this month -- - It's our anniversary! The Apache® Software Foundation Celebrates 22 Years of Open Source Leadership – world’s largest Open Source foundation advances community-led innovation "The Apache Way" https://s.apache.org/22ndAnniversay - Announcing New ASF Board of Directors https://s.apache.org/NewBoard2021 - ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998. -- CFPs open for ApacheCon@Home AND ApacheCon Asia https://www.apachecon.com/ -- Event Sponsorship available for both ApacheCon@Home and ApacheCon Asia https://www.apachecon.com/acah2021/2021_ApacheCon_prospectus.pdf - The Apache Software Foundation Operations Summary: Q3 FY2021 (November 2020 - January 2021) https://s.apache.org/Q3FY2021 + Video highlights https://youtu.be/S6FWqAuA_8M - The Apache Software Foundation Announces Apache® Daffodil™ as a Top-Level Project https://s.apache.org/18vob - Apache Month in Review: February 2021 https://s.apache.org/Feb2021 + Video highlights https://youtu.be/6TMuYglu2Cc Important Dates -- - Next Board Meeting: 21 April 2021. Board calendar and minutes http://apache.org/foundation/board/calendar.html Infrastructure -- Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in March was 99.75%. http://www.apache.org/uptime/ Committer Activity -- In March, 783 Apache Committers changed 12,041,653 lines of code over 16,037 commits. The Committers with the top 5 highest contributions, in order, were: Andrea Cosentino, Jean-Baptiste Onofré, Mark Thomas, Claus Ibsen, and Gary Gregory. Project Releases and Updates -- New releases from Apache APISIX (API); Avro (Big Data); Camel (Integration); CloudStack (Cloud Computing); Commons Lang and Numbers (Libraries); Daffodil (Libraries); Flink (Big Data); HttpComponents (Servers); Jackrabbit (Content); Karaf (Application Servers/Middleware); Log4j (Libraries); NetBeans (Integrated Development Environment); NiFi (Big Data); OFBiz (Enterprise Processes Automation / ERP); OpenMeetings (Web Conferencing); Parquet (Big Data); PDFBox (Content); Qpid JMS (Messaging); Skywalking (Application Performance Management); SpamAssassin (Mail); Teaclave (Incubating; Computing); Tomcat (Servers); Velocity (Library); XMLBeans (Library). The Apache Incubator is the primary entry path for projects wishing to become an official part of the ASF. We invite you to review the many projects currently in development in the Apache Incubator http://incubator.apache.org/ . # # # To see our Weekly News Round-ups (published every Friday), visit https://blogs.apache.org/foundation/ and click on the calendar or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your support! = = = NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
The Apache® Software Foundation Celebrates 22 Years of Open Source Innovation "The Apache Way"
[this announcement is available online at https://s.apache.org/22ndAnniversay ] World's largest Open Source foundation provides $22B+ in community-led software 100% free of charge for the common good Wilmington, DE —24 March 2021— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today its 22nd Anniversary. Originally established by the 21-member Apache Group, who oversaw the then-3-year-old Apache HTTP Server, the ASF today is the world's largest, vendor-neutral, Open Source foundation, comprising 800+ individual Members, 8,100+ Committers, and 40,000+ code contributors located on every continent. Conservatively valued at more than $22B, Apache’s 350+ projects and 37 incubating podlings are all freely-available to the public-at-large, at 100% no cost, and with no licensing fees. "Over the past 22 years the ASF has evolved to meet the growing needs of the greater community," said Sander Striker, Board Chair of The Apache Software Foundation. "The ASF enables people from all over the world to collaborate, develop, and shepherd the projects and communities that are helping individuals, sustaining businesses, and transforming industries." Advancing its mission of providing software for the public good, the ASF's projects are integral to nearly every aspect of modern computing, benefitting billions worldwide. The "Apache Way" process of community-led, collaborative development has led to breakthrough innovations in Artificial Intelligence and Deep Learning, Big Data, Build Management, Cloud Computing, Content Delivery and Management, Edge Computing and IoT, Fintech, Identity Management, Integration, Libraries, Messaging, Mobile, Search, Security, Servers, and Web Frameworks, among other categories. Projects undergoing development in the Apache Incubator span AI, Big Data, blockchain, Cloud computing, cryptography, deep learning, email, IoT, machine learning, microservices, mobile, operating systems, testing, visualization, and more. Nearly half a million people participate in ASF projects and initiatives, including ApacheCon, the ASF's official global conference series; Community Development, which oversees contributor onboarding and mentoring and programs such as Google Summer of Code; and Diversity & Inclusion, whose programs promote diversity, equity, and inclusion across the greater Apache community. The ASF's influence is everywhere —countless ubiquitous and mission-critical applications across dozens of industries are powered by Apache projects; the Apache License 2.0 was the top-ranked Open Source license in 2020 (source: WhiteSource); the Apache Way is the backbone for open development and inner source environments; and new users, developers, and enthusiasts are onboarding to the greater Apache community every day (the ASF has been a Google Summer of Code mentoring organization for the past 16 years, since the program's inception). The ASF is the top-ranked Open Source not-for-profit organization with the most stars on GitHub (source: GitHub). A just-released feature on the ASF in FOSSlife [1] states, "The Apache project has undeniably changed the world … Apache remains a crucial Web server, the most popular in the field. For building Open Source communities, the lessons learned by creating the project still resonate throughout the open source world. Every project is advised to respect the Apache value of 'community over code'." ASF operations bolster Apache projects and their communities with infrastructure support, bandwidth, connectivity, servers, hardware, development environments, legal counsel, accounting services, trademark protection, marketing and publicity, educational events, and related administrative assistance. As a United States private 501(c)(3) not-for-profit charitable organization, the ASF's day-to-day operating expenses are offset through tax-deductible sponsorships, corporate contributions, and individual donations. Current ASF Sponsors are: Platinum: Amazon Web Services, Facebook, Google, Huawei, Microsoft, Namebase, Pineapple Fund, Tencent, and Verizon Media. Gold: Anonymous, Baidu, Bloomberg, Cloudera, Confluent, IBM, Indeed, Reprise Software, Union Investment, and Workday. Silver: Aetna, Alibaba Cloud Computing, Capital One, Comcast, Didi Chuxing, Red Hat, and Target. Bronze: Bestecasinobonussen.nl, Bookmakers, Casino2k, Cerner, Curity, GridGain, Gundry MD, Host Advice, HotWax Systems, Journal Review, LeoVegas Indian Online Casino, Miro-Kredit AG, Mutuo Kredit AG, Online Holland Casino, ProPrivacy, PureVPN, RX-M, RenaissanceRe, SCAMS.info, SevenJackpots.com, Start a Blog by Ryan Robinson, Talend, The Best VPN, The Blog Starter, The Economic Secretariat, Top10VPN, Twitter, and Writers Per Hour. Targeted Platinum: Amazon Web Services, CloudBees, DLA Piper, Fastly, JetBrains, Leaseweb, Microsoft, OSU Open
Re: The Apache Software Foundation Operations Summary: 1 November 2020 - 31 January 2021
Video highlights of the ASF Q3 FY2021 Report are now available at https://youtu.be/S6FWqAuA_8M Many thanks for sharing! = = = On Mon, Mar 15, 2021, at 11:23, Sally Khudairi wrote: > [this report is available online at https://s.apache.org/Q3FY2021 ] > > FOUNDATION OPERATIONS SUMMARY > > Third Quarter, Fiscal Year 2021 (November 2020 - January 2021) > > "We’re proud to be a part of the ASF community and look forward to > continued support of its mission to provide Open Source software for > the public good." > —Joel Marcey, Open Source Developer Advocate and Ecosystem Lead at > Facebook (ASF Platinum Sponsor) > > > > > Conferences and Events http://apachecon.com/ > > We held no events during the reporting period. > > We have begun discussion of dates and details for ApacheCon 2021, and > expect to have an announcement by March 1st. This event will, once > again, be an online-only event. > > Please watch @apachecon (on Twitter) for that announcement. > > > > Community Development http://community.apache.org/ > > During December an Apache Roadshow China was held in conjunction with > COSCon. The event was a great success and we are looking forward to > participation at future events. > > A key theme this quarter was communication and ensuring our community > was being kept informed of what is happening. As a result, we have been > experimenting with a new format for the Apache News Roundup have been > trialling it with the community. A range of short videos have been > created focussed on different but hopefully useful topics. Feedback > from the community has been extremely positive. > > We applied for and were accepted for an online booth at FOSDEM. > Throughout January most of our efforts were focussed on preparing for > our participation at FOSDEM. Even with the very short timeframe, > several of our volunteers worked quickly and efficiently to put > together an online presence for us during the event. > > A request has been received to try and establish an Apache Local > Community (ALC) in Nigeria so we are currently looking for an ASF > member or PMC members from any Apache project that live locally that > can become the main point of contact. These are part of the minimum > requirements for governance when establishing a new ALC group. > > We are in the final stages of our Google Summer of Code (GSoC) > application so have also been gathering ideas from our projects. > > Our mailing list has seen a large increase in traffic this quarter. > Some of the increase is related to GSoC proposal requests being > received from our projects. Yet even with the break for the holidays, > it was good to see our discussion activity grow. > > > > Committers and Contributions > > http://apache.org/licenses/contributor-agreements.html > > Over the past quarter, 1,424 contributors committed 64,101 changes that > amount to 35,706,852 lines of code across Apache projects. The top 5 > contributors, in order, were: Andrea Cosentino (1,544 commits), Xiang > Xiao (1,301 commits), Jean-Baptiste Onofré (971 commits), Kaxil Naik > (907 commits), and Gary Gregory (878 commits). > > All individuals who are granted write access to the Apache repositories > must submit an Individual Contributor License Agreement (ICLA). > Corporations that have assigned employees to work on Apache projects as > part of an employment agreement may sign a Corporate CLA (CCLA) for > contributing intellectual property via the corporation. Individuals or > corporations donating a body of existing software or documentation to > one of the Apache projects need to execute a formal Software Grant > Agreement (SGA) with the ASF. > > During Q3 FY2021, the ASF Secretary processed 198 ICLAs, 4 CCLAs, and > 16 Software Grants. History of Apache committer growth can be seen at > https://projects.apache.org/timelines.html > > > > > Brand Management http://apache.org/foundation/marks/ > > Operations —the work of the Brand Management team falls broadly into > one of four categories: > > providing advice to projects > granting permission to use our marks > trademark transfers and registrations > addressing potential infringements of our marks > As with previous quarters we provided both Apache projects and external > parties with advice on the correct use of Apache marks in a range of > scenarios including branding of YouTube channels, Docker images > Registrations, publishing, translations of project websites, tshirts, > and stickers. The COVID-19 pandemic doesn't appear to reduced the > number of project related events although all of the ones approves this > quar
The Apache Software Foundation Operations Summary: 1 November 2020 - 31 January 2021
Stein, David Nalley, and Ruth Suehle for the truly excellent collaboration which made a change of this extent possible. We thank Virtual for their many years of service. The Apache Software Foundation would not be where we are today without the tireless efforts of Virtual to modernize our accounting processes and make them sustainable. In all, the transition has been extremely smooth. Our books were imported without difficulties. Thanks to the work Myrle Krantz and Greg Stein performed earlier this year to introduce bill.com, there were no interruptions in our vendor payments. And thanks to heightened attention by Sally Khudairi, and Daniel Ruggeri and IgniteSpot, there were no interruptions to sponsor invoicing. The financial report has a few more details than past quarterly reports. We have adjusted reporting to include mention of restricted funds. ASF Treasury has gone above and beyond to support fundraising this quarter. In particular, to make possible a two year platinum sponsorship before the end of the sponsor’s fiscal year, Myrle Krantz, with support from Greg Stein, and direction from Sally Khudairi interfaced with a sponsor’s PO system and generated and submitted last minute estimates and invoices. This team worked through multiple iterations over the course of several hours on New Year’s Eve and New Year’s Day to get it right. This was possible, in part, because the ASF Treasury now has access to our own books via QuickBooks Online. We have added a bank account at TDBank to our mix of financial instruments. The majority of our cash remains in a CDARS account at Boston Private which provides FDIC insurance for the full amount. [please see the balance sheet at https://s.apache.org/Q3FY2021 ] > Diversity and Inclusion http://diversity.apache.org/ Diversity & Inclusion Q3 of FY2021 focused on wrapping up the first research on the current status of D at the ASF, securing funds for one more year of Outreachy internships and planning for FY2022. Below is a breakdown of these accomplishments. Wrapping the research on the current status of Diversity and Inclusion at the ASF This project was composed of two initiatives: The ASF Community Survey and a User Experience Research for contributors of underrepresented groups. These two initiatives concluded in Q2 and we have a final draft https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=173087952 to be published in multiple channels, such as research publications and conferences like ApacheCon. Continuing the internships for underrepresented groups through Outreachy.org The third period of Outreachy internships is underway and we have six interns for six different Apache projects https://cwiki.apache.org/confluence/display/EDI/2020-11-25+Outreachy+Meeting+notes . We secured $52,000 in sponsorship from Google to continue with this program for one more year. The sponsorship will be processed in March 2021. FY2022 planning The findings and recommendations from the research completed in FY2021 will be the platform for taking action in FY2022. The D committee will have the following goals in FY2022: Act on the findings and recommendations from the research done in FY2021 Continue the Outreachy Internships Re-application of the community survey to measure changes since the survey was last done in 2020. The ultimate objective is to scope and define a project that will help us take the current state of D at the ASF to better neights. We will partner with Bitergia again, this is the firm that conducted the research and ran the ASF community survey in 2020. One of the alternatives we’re strongly considering is the creation of a program that helps podlings in the incubator develop strong practices for inclusion, enabling the projects to be diverse from the moment they graduate from incubation. This is still one are of consideration, and we’ll have the final selection by the end of the quarter. > Fundraising http://apache.org/foundation/contributing.html As was noted in prior quarterly reports, Fundraising continues to move along well operationally. In addition to performing regular renewals, we are further honing our processes by experimenting with automation and tooling to augment our work. In this quarter, we are pleased to note that all ApacheCon sponsorships have completed and closed in the early quarter. Additionally, we managed to continue business-as-usual during a very busy December as the foundation onboarded a new accounting provider and platform. We continue maintaining cautious optimism as we weather the current pandemic with our Sponsors and are tremendously thankful for the continued sponsorship despite the hard times. While we regret that two Bronze sponsors chose not to renew their sponsorship this quarter, we are thrilled to welcome a new Platinum Sponsor, Gold Sponsor, Silver Sponsor, and Bronze Sponsor! This growth in sponsorships is a heart war
Announcing New ASF Board of Directors
[this announcement is available online at https://s.apache.org/NewBoard2021 ] At The Apache Software Foundation (ASF) Annual Members' Meeting held this week, the following individuals were elected to the ASF Board of Directors: - Bertrand Delacretaz (current Director) - Roy Fielding (current Director) - Sharan Foga (new Director) - Justin Mclean (current Director) - Craig Russell (current Director) - Sam Ruby (current Director) - Roman Shaposhnik (former Director) - Sander Striker (current Director) - Sheng Wu (new Director) The ASF thanks Shane Curcuru, Patricia Shanahan, and Niclas Hedhman (who resigned from the Board prior to the Members’ Meeting) for their service, and welcomes our new and returning directors. An overview of the ASF's governance, along with the complete list of ASF Board of Directors, Executive Officers, and Project/Committee Vice Presidents, can be found at http://apache.org/foundation/ For more information on the Foundation's operations and structure, see http://apache.org/foundation/how-it-works.html#structure # # # NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
The Apache Software Foundation Announces Apache® Daffodil™ as a Top-Level Project
[this announcement is available online at https://s.apache.org/18vob ] Open Source universal data interchange implementation of the Data Format Description Language (DFDL) standard in use at DARPA, GE Research, Naval Postgraduate School, Owl Cyber Defense, Perspecta Labs, and Raytheon BBN Technologies, among others. Wilmington, DE —4 March 2021— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® Daffodil™ as a Top-Level Project (TLP). Apache Daffodil is an Open Source implementation of the Data Format Description Language 1.0 specification (DFDL; the Open Grid Forum open standard framework for describing the attributes of any data format [1]) to enable universal data interchange. The project was first created at the University of Illinois National Center for Supercomputing Applications (NCSA) in 2009, and entered the Apache Incubator in August 2017. "We’re extremely excited that Apache Daffodil has achieved this important milestone in its development. The Daffodil DFDL implementation is a game changer in complex text and binary data interfaces and creates massive opportunities for organizations to easily implement highly sophisticated processes like data decomposition, inspection, and reassembly," said Michael Beckerle, Vice President of Apache Daffodil. "Instead of spending a lot of time worrying about how to deal with so many kinds of data that you need to take in, from day one you can convert all sorts of data into XML, or JSON, or your preferred data structure, and convert back if you need to write data out in its original format." Apache Daffodil is particularly useful in large-scale organizations, such as governments and large corporations, where massive amounts of complex and legacy data must be exchanged and made accessible every day. Daffodil is also particularly useful in cybersecurity, where data must be inspected for correctness and sanitized. Apache Daffodil is in use at major global organizations that include DARPA, GE Research, Naval Postgraduate School, Owl Cyber Defense, Perspecta Labs, and Raytheon BBN Technologies, among others. "We are using Daffodil to translate DFDL schema specifications into code for our Monitoring & INspection Device (MIND) as part of our work on DARPA’s Guaranteed Architecture for Physical Security (GAPS) program," said said Bill Smith, Principal Engineer at GE Research. "One of our engineers has joined the Apache Daffodil Project Management Committee and is building out the new DFDL-to-C backend on a dedicated Daffodil development branch. We are now translating DFDL schemas provided by other DARPA GAPS performers to C code suitable for the small resource-constrained controllers in our MIND device. When complete, Daffodil’s DFDL-to-C backend will give us the ability to annotate DFDL schemas with security policies and rapidly reconfigure our MIND device for different mission security profiles." "Apache Daffodil is an important asset to our cross domain solutions technology stack, allowing Owl to support our customers by extending our filtering capabilities to new data types faster and with less risk," said Ken Walker, CTO at Owl Cyber Defense. "It’s directly in line with our company priorities, as supporters of the Open Source community, and highly beneficial to our product lines to have this high-quality Open Source implementation of DFDL to support challenging, sometimes proprietary data formats, such as Link16, VMF, USMTF, OSIsoft PI System, and JANAP-128, without the need to develop additional software. DFDL enables our Raise-the-Bar compliant cross domain solutions to support new data types without additional rounds of lengthy lab-based testing and recertification." "The DFDL open spec and the Apache Daffodil implementation have helped us tremendously in parsing and transforming fixed-format data in a variety of different R projects at BBN," said Michael Atighetchi, Lead Scientist at Raytheon BBN Technologies. "Sharing parsers through a vendor-neutral XML representation is a game changer that enables a significant speedup in developing, maturing, and transitioning advanced capabilities to help war fighters." "Our research on applying Data Format Description Language (DFDL) is exploring how to unlock and archive a plethora of diverse data streams from unmanned systems," said Don Brutzman, Naval Postgraduate School. "Both the DFDL standard and the Apache Daffodil open-source implementation provide a big benefit for these potential capabilities. Continuing work at Naval Postgraduate School (NPS) Consortium for Robotics and Unmanned Systems Education and Research (CRUSER) hopes to make telemetry from field experimentation and simulation repeatably tractable for Big Data analytics." "Graduation to a TLP recognizes that the Apache Daffodil project follows the rigorous software
Apache Month in Review: February 2021
[this announcement is available online at https://s.apache.org/Feb2021 ] Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in February: New this month -- - Call for Apache project proposals and mentors: Outreachy Open Source internship program May-Aug 2021 https://s.apache.org/s7tz2 - The Apache Software Foundation Announces Apache® DataSketches™ as a Top-Level Project https://s.apache.org/jhvqu - The Apache Software Foundation Announces Apache® Gobblin™ as a Top-Level Project https://s.apache.org/df92k - The Apache® Software Foundation Sustains its Mission of Providing Software for the Public Good through Corporate Sponsorships and Charitable Giving https://s.apache.org/8foo2 - Apache Month in Review: January 2020 https://s.apache.org/Jan2021 Important Dates -- - Next Board Meeting: 17 March 2021. Board calendar and minutes http://apache.org/foundation/board/calendar.html Infrastructure -- Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in February was 99.97%. http://www.apache.org/uptime/ Committer Activity -- In February, 718 Apache Committers changed 8,293,634 lines of code over 13,685 commits. The Committers with the top 5 highest contributions, in order, were: Andrea Cosentino, Gary Gregory, Claus Ibsen, Andi Huber, and Benoit Tellier. Project Releases and Updates -- New releases from Apache Airflow (Big Data); APISIX (API); Beam (Big Data); BookKeeper (Big Data); Camel (Integration); Commons NET (Libraries); Directory Studio (Network Client / Server); Druid (Big Data); Flink (Big Data); FreeMarker (Templating); HttpComponents (Servers); Lucene (Search); MyFaces (Web Frameworks); NiFi (Big Data); NLPCraft (Incubating; Natural Language Processing); PLC4X (IoT); Qpid Broker (Messaging); Qpid Dispatch (Messaging); Skywalking (Application Performance Management); Tomcat (Servers). The Apache Incubator is the primary entry path for projects wishing to become an official part of the ASF. EventMesh entered the Apache Incubator as a new podling this month. We invite you to review the many projects currently in development in the Apache Incubator http://incubator.apache.org/ . # # # To see our Weekly News Round-ups (published every Friday), visit https://blogs.apache.org/foundation/ and click on the calendar or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your support! = = = NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
Re: Apache Software Foundation Security Report: 2020
Video highlights of the ASF Security Report: 2020 now available at https://youtu.be/Z7yudar_da0 Do enjoy, Sally - - - Vice President Marketing & Publicity Vice President Sponsor Relations The Apache Software Foundation On Mon, Jan 25, 2021, at 08:59, Sally Khudairi wrote: > [this report is available online at https://s.apache.org/SecurityReport2020 ] > > Synopsis: This report explores the state of security across all Apache > Software Foundation projects for the calendar year 2020. We review key > metrics, specific vulnerabilities, and the most common ways users of > ASF projects were affected by security issues. > > Released: January 2021 > > Author: Mark Cox, Vice President Security, Apache Software Foundation > > Background > The security committee of the Apache Software Foundation (ASF) oversees > and coordinates the handling of vulnerabilities across all of the 340+ > Apache projects. Established in 2002 and composed of all volunteers, > we have a consistent process https://s.apache.org/cveprocess for how > issues are handled, and this process includes how our projects must > disclose security issues. > > Anyone finding security issues in any Apache project can report them to > secur...@apache.org where they are recorded and passed on to the > relevant dedicated security teams > https://apache.org/security/projects.html or private project management > committees (PMC) to handle. The security committee monitors all the > issues reported across all the addresses and keeps track of the issues > throughout the vulnerability lifecycle. > > The security committee is responsible for ensuring that issues are > dealt with properly and will actively remind projects of their > outstanding issues and responsibilities. As a board committee, we have > the ability to take action including blocking their future releases or, > worst case, archiving a project if such projects are unresponsive to > handling their security issues. This, along with the Apache Software > License, are key parts of the ASF’s general oversight function around > official releases, allowing the ASF to protect individual developers > and giving users confidence to deploy and rely on ASF software. > > The oversight into all security reports, along with tools we have > developed, gives us the ability to easily create metrics on the issues. > Our last report covered the metrics for 2019 > https://s.apache.org/security2019 . > > Statistics for 2020 > In 2020 our security email addresses received in total 18,000 emails. > After spam filtering and thread grouping this was 946 (2019: 620) > non-spam threads. Unfortunately many security reports do look like > spam and so the security team are careful to review all messages to > ensure real reports are not missed for too long. > > [see image online at https://s.apache.org/SecurityReport2020 ] > > Diagram 1: Breakdown of ASF security email threads for calendar year 2020 > > Diagram 1 gives the breakdown of those 946 threads. 257 threads (27%) > were people confused by the Apache License. As many projects use the > Apache License, not just those under the ASF umbrella, people can get > confused when they see the Apache License and they don't understand > what it is. This is most common for example on mobile phones where the > licenses are displayed in the settings menu, usually due to the > inclusion of software by Google released under the Apache License. We > no longer reply to these emails. This is nearly double the number we > saw in 2019. > > The next 220 of the 946 (23%) are email threads with people asking > non-security (usually support-type) questions. > > The next 93 of those reports were researchers reporting issues in an > Apache web site. These are almost always false negatives; where a > researcher reports us having directory listings enabled, source code > visible, or the lack of various domain headers. These reports are > generally the unfiltered output of some publicly available scanning > tool, and often where the reporter asks us for some sort of monetary > reward (bounty) for their report. > > That left 376 (2019: 320) reports of new vulnerabilities in 2020, which > spanned across 101 of the top level projects. These 376 reports are a > mix of both external reporters and internal; for example where a > project has found an issue themselves and followed the ASF process to > assign it a CVE name and address it we’d still count it here. We don’t > keep metrics that would give the breakdown of internal vs external > reports. > > The next step is that the appropriate project triages the report to see > if it's really an issue or not. Invalid repor
The Apache® Software Foundation Sustains its Mission of Providing Software for the Public Good through Corporate Sponsorships and Charitable Giving
[this announcement is available online at https://s.apache.org/8foo2 ] World's largest Open Source Foundation provides more than $22B worth of community-led software at 100% no charge to users worldwide. Wilmington, DE —23 February 2021— The Apache® Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today that Corporate Sponsorship and Charitable Giving has enabled the Foundation to sustain its mission of providing software for the public good. The ASF is the world's largest Open Source foundation. Apache software projects are integral to nearly every end-user computing device, benefit billions of users worldwide, with Web requests received from every Internet-connected country on the planet. Valued conservatively at more than $22B, Apache Open Source software is available to the public-at-large at 100% no cost. No payment of any kind is ever required to use, contribute to, or otherwise participate in Apache projects. The ASF depends on tax-deductible Sponsorships and donations to offset its operations expenses that include infrastructure, marketing and publicity, accounting, and legal services. "We are proud of our Sponsors, whose generous support helps our volunteer community continue to develop essential software that keeps the world running," said Daniel Ruggeri, ASF Vice President of Fundraising. "ASF Sponsorship allows us to make great strides towards developing and improving our projects, enriching our communities, educating and mentoring newcomers, and encouraging and facilitating participation by under-represented groups. Fiscal support today secures the groundwork to ensure future Apache benefits can be shared by all." ASF Sponsors include: Platinum —Amazon Web Services, Facebook, Google, Huawei, Microsoft, Namebase, Pineapple Fund, Tencent, and Verizon Media. Gold —Anonymous, Baidu, Bloomberg, Cloudera, Confluent, IBM, Indeed, Reprise Software, Union Investment, and Workday. Silver —Aetna, Alibaba Cloud Computing, Capital One, Comcast, Didi Chuxing, Red Hat, and Target. Bronze —Bestecasinobonussen.nl, Bookmakers, Casino2k, Cerner, Curity, Gundry MD, GridGain, Host Advice, HotWax Systems, LeoVegas Indian Online Casino, Miro-Kredit AG, Mutuo Kredit AG, Online Holland Casino, ProPrivacy, PureVPN, RX-M, RenaissanceRe, SCAMS.info, SevenJackpots.com, Start a Blog by Ryan Robinson, Talend, The Best VPN, The Blog Starter, The Economic Secretariat, Top10VPN, and Twitter. In addition to ASF Sponsors, Targeted Sponsors provide in-kind support for select Foundation operations and initiatives that benefit Apache Projects and their communities. They include: Platinum —Amazon Web Services, CloudBees, DLA Piper, JetBrains, Leaseweb, Microsoft, OSU Open Source Labs, Sonatype, and Verizon Media. Gold —Atlassian, Datadog, Docker, PhoenixNAP, and Quenda. Silver —HotWax Systems, Manning Publications, and Rackspace. Bronze —Bintray, Education Networks of America, Friend of Apache Cordova, Hopsie, Google, No-IP, PagerDuty, Peregrine Computer Consultants Corporation, Sonic.net, SURFnet, and Virtru. "We deeply appreciate the ongoing support over the course of this unprecedentedly challenging year," said Sally Khudairi, ASF Vice President of Sponsor Relations. "Widespread awareness of the value of The Apache Software Foundation has led organizations and individuals to reach deep and help ensure our day-to-day operations continue without interruption. We are grateful and humbled by the support." Corporate Contributions In addition to Sponsorship, a variety of Corporate Giving programs benefit the ASF. They include: Annual Corporate Giving —organizations such as Bloomberg Philanthropies, IBM, Microsoft, PayPal, Vanguard, and many others offer tax benefits and provide their employees the ability to boost their support of a diverse set of nonprofit organizations that include the ASF. Matching Gifts and Volunteer Grants —donations to the ASF can be doubled or tripled through a corporate matching gift program. Employers such as American Express, AOL, Bloomberg, IBM, and Microsoft match contributions and volunteer hours made by their employees. Charitable Gifts and Payroll Giving —as an official charity in Benevity https://www.benevity.com/ , the Blackbaud Giving Fund https://blackbaudgivingfund.org/ , and other philanthropic giving distributors, the ASF benefits from numerous corporate giving initiatives, such as the Microsoft Tech Talent for Good volunteer program and Charles Schwab Charitable, among others. Individual Donations Individuals and organizations wishing to support Apache with one-time and recurring tax-deductible donations using a credit or debit card, PayPal, ACH electronic bank transfer, or Apple/Google/Microsoft Pay on their mobile device are invited to do so at https://donate.apache.org/ . Supporting
The Apache Software Foundation Announces Apache® Gobblin™ as a Top-Level Project
[this announcement is available online at https://s.apache.org/df92k ] Open Source distributed Big Data integration framework in use at Apple, CERN, Comcast, Intel, LinkedIn, Nerdwallet, PayPal, Prezi, Roku, Sandia National Labs, Swisscom, Verizon, and more. Wilmington, DE —16 February 2021— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® Gobblin™ as a Top-Level Project (TLP). Apache Gobblin is a distributed Big Data integration framework used in both streaming and batch data ecosystems. The project originated at LinkedIn in 2014, was open-sourced in 2015, and entered the Apache Incubator in February 2017. "We are excited that Gobblin has completed the incubation process and is now an Apache Top-Level Project," said Abhishek Tiwari, Vice President of Apache Gobblin and software engineering manager at LinkedIn. "Since entering the Apache Incubator, we have completed four releases and grown our community the Apache Way to more than 75 contributors from around the world." Apache Gobblin is used to integrate hundreds of terabytes and thousands of datasets per day by simplifying the ingestion, replication, organization, and lifecycle management processes across numerous execution environments, data velocities, scale, connectors, and more. "Originally creating this project, seeing it come to life and solve mission-critical problems at many companies has been a very gratifying experience for me and the entire Gobblin team," said Shirshanka Das, Founder and CTO at Acryl Data, and member of the Apache Gobblin Project Management Committee. As a highly scalable data management solution for structured and byte-oriented data in heterogeneous data ecosystems, Apache Gobblin makes the arduous task of creating and maintaining a modern data lake easy. It supports the three main capabilities required by every data team: - Ingestion and export of data from a variety of sources and sinks into and out of the data lake while supporting simple transformations. - Data Organization within the lake (e.g. compaction, partitioning, deduplication). - Lifecycle and Compliance Management of data within the lake (e.g. data retention, fine-grain data deletions) driven by metadata. "Apache Gobblin supports deployment models all the way from a single-process standalone application to thousands of containers running in cloud-native environments, ensuring that your data plane can scale with your company’s growth," added Das. Apache Gobblin is in use at Apple, CERN, Comcast, Intel, LinkedIn, Nerdwallet, PayPal, Prezi, Roku, Sandia National Laboratories, Swisscom, and Verizon, among many others. "We chose Apache Gobblin as our primary data ingestion tool at Prezi because it proved to scale, and it is a swiss army knife of data ingestion," said Tamas Nemeth, Tech Lead and Manager at Prezi. "Today, we ingest, deduplicate, and compact more than 1200 Apache Kafka topics with its help, and this number is still growing. We are looking forward to continuing to contribute to the project and helping the community enable other companies to use Apache Gobblin." "Apache Gobblin has been at the center stage of the data management story at LinkedIn. We leverage it for various use-cases ranging from ingestion, replication, compaction, retention, and more," said Kapil Surlaker, Vice President of Engineering at LinkedIn. "It is battle-tested and serves us well at exabyte scale. We firmly believe in the data wrangling capabilities that Gobblin has to offer, and we will continue to contribute heavily and collaborate with the Apache Gobblin community. We are happy to see that Gobblin has established itself as an industry standard and is now an Apache Top-Level Project." "Open community and meritocracy are the key drivers for Apache Gobblin's success," added Tiwari. "We invite everyone interested in the data management space to join us and help shape the future of Gobblin." Catch Apache Gobblin in action in the upcoming hackathon planned for late Q1 2021. Details will be posted on the Apache Gobblin mailing lists and Twitter feed listed below. Availability and Oversight Apache Gobblin software is released under the Apache License v2.0 and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. For downloads, documentation, and ways to become involved with Apache Gobblin, visit https://gobblin.apache.org/ and https://twitter.com/ApacheGobblin About the Apache Incubator The Apache Incubator is the primary entry path for projects and codebases wishing to become part of the efforts at The Apache Software Foundation. All code donations from external organizations and existing external projects enter the ASF through the
The Apache Weekly News Round-up: week ending 12 February 2021
[this newsletter is available online at https://s.apache.org/26lb3 ] Friday arrived quickly --happy Lunar New Year to those who celebrate! The Apache community has had a productive week; let's review: ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Next Board Meeting: 17 February 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html Apache Diversity & Inclusion – initiatives that promote diversity, equity, and inclusion across the greater Apache community. - Call for Apache project proposals and mentors: Outreachy Open Source internship program May-Aug 2021 https://lists.apache.org/thread.html/r7ba52de92d2a31d623aa510573de89c9d8a82ab01e85c87f43a792d4%40%3Cannounce.apache.org%3E ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998. - ApacheCon@Home keynotes, plenaries, and presentations on Big Data, Camel/Integration, Cassandra, Community, Content Delivery (Traffic Server/Traffic Control), cTAKES, Fineract/Fintech, Geode, Geospatial, Groovy, HTTP Server (httpd and the Web), Ignite, Incubator, IoT, Jena, Karaf, Machine Learning, Mahout, Multi-lingual tracks (Hindi/German/Mandarin/Spanish), Observability, OpenOffice, Pulsar/Bookkeeper, Royale, Solr/Lucene/Search Learning, Streaming, Tomcat, and more are available at https://www.youtube.com/c/TheApacheFoundation/ ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at 99.96%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/ Apache Code Snapshot – Over the past week, 388 Apache Committers changed 2,346,803 lines of code over 4,410 commits. Top 5 contributors, in order, are: Bernd Bohmann, Gary Gregory, Tellier Benoit, Andrea Cosentino, and Claus Ibsen. Apache Project Announcements – the latest updates by category. APIs -- - Apache APISIX 2.3 released https://apisix.apache.org/ IoT -- - Apache PLC4X 0.8.0 released https://plc4x.apache.org/ Observability -- - Apache SkyWalking CLI 0.6.0 released https://skywalking.apache.org/ Servers -- - Apache HttpComponents Core 5.1 BETA3 released https://hc.apache.org/ - Apache Tomcat 8.5.63 released https://tomcat.apache.org/ Web Frameworks -- - Apache MyFaces Core 2.2.14 released http://myfaces.apache.org/ Did You Know? - Did you know that downloads of Apache OpenOffice exceed 1 Million each month? https://openoffice.apache.org/ - Did you know that Airbnb uses Apache Superset for deep data insights, visualizing metrics, and business intelligence at scale? https://superset.apache.org/ - Did you know that the Apache Groovy, Kafka, and Maven communities will be participating at DevNexus online on 17 February? Registration is free and open to all http://devnexus.com Apache Community Notices - Apache Month In Review: January 2021 https://s.apache.org/Jan2021 + Video highlights https://youtu.be/hWMonAbaprU - The Apache Software Foundation Operations Summary: Q2 FY2021 (August - October 2020) https://s.apache.org/Q2FY2021 - Apache in 2020 - By The Digits https://s.apache.org/Apache2020Digits + Video highlights https://s.apache.org/Apache2020Digits-vid - ASF Security Report 2020 https://s.apache.org/SecurityReport2020 - ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport - "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI - Foundation Reports and Statements http://www.apache.org/foundation/reports.html - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache - Inside Infra: the new interview series with members of the ASF infrastructure team --meet Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris Drew Foulks https://s.apache.org/InsideInfra-Drew Greg Stein Part I https://s.apache.org/InsideInfra-Greg ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3 Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2 Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2 Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2 Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II
The Apache Software Foundation Announces Apache® DataSketches™ as a Top-Level Project
[this announcement is available online at https://s.apache.org/jhvqu ] Open Source high-performance Big Data streaming algorithm library in use at Nielsen Identity, Permutive, Splice Machine, and Verizon Media, among others. Wilmington, DE —3 February 2021— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® DataSketches™ as a Top-Level Project (TLP). Apache DataSketches is a highly performant Big Data analysis library for scalable approximate algorithms. The project originated at Yahoo in 2012, was open-sourced in 2015, and entered the Apache Incubator in March 2019. "We are excited to be part of the ASF," said Lee Rhodes, Vice President of Apache DataSketches. "We have learned a great deal from the incubation process and look forward to working with new users of our library that want to take advantage of sketching technology." Apache DataSketches’s library of specialized streaming algorithms —known as sketches— comprise small data structures that process data at massive scale. Sketches are ideal for queries that cannot afford the time or huge compute resources needed to generate exact results. Where approximate results are acceptable, sketches are the only viable alternative for interactive queries with real-time analysis. Apache DataSketches is: - Fast —produces approximate results at orders of magnitude faster than traditional methods -- user configurable size vs accuracy tradeoff; - Efficient —sketch algorithms process data in a single pass for both real-time and batch; - Mergeable —allows for parallelization; - Optimized for large-scale computing environments that process Big Data —such as Apache Hadoop, Apache Spark, Apache Druid, Apache Hive, Apache Pig, PostgreSQL; - Binary compatible across multiple languages and platforms —available in Java, C++, and Python; - Expanded Analysis —including count distinct with set operations, quantiles, most frequent items (heavy hitters), matrix computations, and more; and - Mathematically defined and proven error properties —provides a priori and a posteriori error estimation and upper and lower bounds with statistically derived confidence intervals. Apache DataSketches is used in large-scale computing environments such as Nielsen Identity, Permutive, Splice Machine, and Verizon Media, among others, as well as Apache Druid and Apache Pinot (incubating). "The Apache DataSketches project takes powerful algorithms for data summarization and analysis, and makes them available to everyone," said Professor Graham Cormode of the University of Warwick. "While these methods are tremendously useful in practice, their descriptions were previously only in highly technical scientific papers. This project has made robust, dependable and well-documented implementations available to all. Already the library has been used for a wide range of applications, including service quality, monitoring, ad analytics and the sciences." "Using Apache DataSketches has enabled Apache Druid users to perform common tasks such as quantiles and unique counting in a highly performant and efficient manner," said Gian Merlino, Vice President of Apache Druid. "We have worked closely together over the years to make the power of DataSketches accessible to Apache Druid users, helping us provide real-time analytics at scale." "Sketches are fundamental to calculating many of our key company metrics," said Tom Miller, Director of Software Development Engineering at Verizon Media. "It allows us to greatly simplify our data processing and reduce storage costs by allowing us to calculate non-additive metrics across user specified dimension combinations at report time instead of having to either retain raw data or pre-calculate for each set of dimensions." "Combining Apache Druid and DataSketches allows us to provide our customers real-time insights into their target audiences and advertising campaigns," said Yakir Buskilla, Senior Vice President of Research and Development and General Manager Israel at Nielsen Identity. "The ability to evaluate set expressions make the Theta Sketch especially powerful for multi-set cardinality estimation as well as funnel analysis." “Apache DataSketches has provided us with a solid theoretical foundation upon which we are able to store and process data at scale - in a simple, fast and cost-efficient manner," said David Cromberge, Senior Software Engineer at Permutive. "It has been a pleasure to engage with their creators and community who have been helpful at every step of the way.” "We use DataSketches's Theta-Sketches for distinct-count aggregations that are used to solve large multi-set cardinality approximation," said Mayank Shrivastava, Committer and member of the Apache Pinot (incubating) Podling Project Management Committee. "The ability to evaluate set expressions make the
Apache Month in Review: January 2021
[this announcement is available online at https://s.apache.org/Jan2021 --Video highlights https://youtu.be/hWMonAbaprU ] Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in January: New this month -- - Apache in 2020 - By The Digits – a look at the achievements from the Apache Community over the past 12 months. -- Summary and stats at https://s.apache.org/Apache2020Digits -- Video highlights https://s.apache.org/Apache2020Digits-vid - ASF Security Report 2020 – the annual state of security across all Apache projects https://s.apache.org/SecurityReport2020 - The Apache Way to Sustainable Open Source Success – Apache is for Everyone. Every developer has their personal motivations for building software. We celebrate their right to choose when and how they build their software, including their right to use a non-open license. https://s.apache.org/GhnI - ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998. -- Videos of all ApacheCon@Home sessions, including Plenaries and Keynotes, are available https://www.youtube.com/c/TheApacheFoundation/ - Apache Software Foundation Operations Summary: Q2 FY2021 (August - October 2020) https://s.apache.org/Q2FY2021 - "Inside Infra" – the interview series featuring members of the ASF Infrastructure team -- Meet Chris Lambertus --Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2 - Apache Month in Review: December 2020 https://s.apache.org/Dec2020 Important Dates -- - Next Board Meeting: 17 February 2021. Board calendar and minutes http://apache.org/foundation/board/calendar.html Infrastructure -- Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in January was 99.96%. http://www.apache.org/uptime/ Committer Activity -- In January, 726 Apache Committers changed 11,011,714 lines of code over 14,708 commits. The Committers with the top 5 highest contributions, in order, were: Rohit Yadav, Jean-Baptiste Onofré, Andrea Cosentino, Gary Gregory, and Mark Thomas. Project Releases and Updates -- New releases from Apache Accumulo (Big Data); Arrow (Big Data); Beam (Big Data); Camel (Integration); CloudStack (Cloud Computing); Commons Daemon (Libraries); Flink (Big Data); Guacamole (Network Client); Hadoop (Big Data); Ignite (Big Data); IoTDB (IoT); Jackrabbit (Content); JMeter (Testing); Nutch (Web Crawler); OFBiz (Enterprise Processes Automation / ERP); Oak (Content); Rya (Big Data); Qpid Broker (Messaging); ShardingSphere (Big Data); Skywalking (Application Performance Management); Tika (Big Data); Tomcat (Servers); Traffic Server (Servers). Upcoming Apache Project community events include ESUP Days & Apereo Paris (2 February); Airflow Virtual Meetup (12 February); Joint ASF–OCG–OSGeo Code Sprint (17-19 February); and Big Data Technology Warsaw Summit (23 February). The Apache Incubator is the primary entry path for projects wishing to become an official part of the ASF. New to the Apache Incubator in January: ECharts (Library) and Superset (Big Data). We invite you to review the many projects currently in development in the Apache Incubator http://incubator.apache.org/ . # # # To see our Weekly News Round-ups (published every Friday), visit https://blogs.apache.org/foundation/ and click on the calendar or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your support! = = = NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
The Apache Software Foundation Announces Apache® ECharts™ as a Top-Level Project
[this announcement is available online at https://s.apache.org/txmmr ] Adaptable, interactive, responsive Open Source charting and data visualization software in use at Alibaba, Amazon, Baidu, GitLab, Intel, and Tencent, among others. Wilmington, DE —26 January 2021— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® ECharts™ as a Top-Level Project (TLP). Apache ECharts is an intuitive, interactive, and powerful charting and visualization library ideally suited for commercial-grade presentations. The project originated in 2013 at Baidu and entered the Apache Incubator in January 2018. "Our decision to incubate ECharts at The Apache Software Foundation was a wise one," said Ovilia Zhang, Vice President of Apache ECharts. "Through the Apache Way, our community is healthier and more diverse, which has improved ECharts to become a more attractive, competitive choice for visualization professionals and enthusiasts." Written in JavaScript and based on the ZRender rendering engine supporting both Canvas and SVG, Apache ECharts provides an array of dynamic, highly-customizable chart types that include line, column, scatter, pie, radar, candlestick, gauge, funnel, heatmap, and more. Features include: - Customized and amalgamated chart styles with more than 20 chart types - Multi-dimensional data analysis and coding - Interactive components available out-of-the-box - Cross-device responsiveness - Optimized dynamic scaling - Server side rendering - Immediate UI response on millions of streaming data through progressive rendering - Extensions for: --3-D visualization and other rich special effects --Python, R, Julia, and other languages --Platforms that include Wechat App and Baidu Smart Program Examples of ECharts' many data visualization options are available at https://echarts.apache.org/examples/ The project has recently released ECharts 5, which provides rendering ability for tens of millions of data points, and supports accessibility requirements in compliance with W3C’s Web Accessibility Initiative Accessible Rich Internet Applications Suite (WAI-ARIA) standards. Building on EChart’s core features, ECharts 5 makes it even easier for developers to tell the story behind the data through 15 new features and improvements in story-telling and data expression, optimized visualization and responsive design, interaction and performance enhancement, developer experience, internationalization, and more. Apache ECharts is in use at Alibaba, Amazon, Baidu, GitLab, Intel, and Tencent, among others, as well as solutions such as Apache Superset data visualization software. The project continues to grow in popularity, with more than 44,000 stars on GitHub and 250,000 weekly downloads on npm to date. "The world we live in today is powered by software and data," said Erica Brescia, COO of GitHub. "With Apache ECharts, developers around the world have access to a powerful, free and open source library for data visualization. It is great to see the project flourishing on GitHub. Congrats to the Apache ECharts on their graduation to a top level project at the Apache Software Foundation." "Apache ECharts helps visualization experts and data analysts easily create a wide variety of visualizations that are very helpful for us to analyze and explore the story behind the data," said visualization academia pioneer Professor Wei Chen of Zhejiang University. "We are glad to witness ECharts’ pleasant process in the Apache Incubator," said Ming Zu, Senior Manager at Baidu. "Our community grew with individuals from many countries and organizations, who contributed to bug fixing, issue resolving, and new feature implementation." "When the Apache Superset community looked into visualization libraries to rebuild the core visualization plugins, ECharts stood out as the absolute best fit," said Maxime Beauchemin, original creator of both Apache Airflow and Superset, and serves as Vice President of Apache Superset. "It has an unparalleled variety of visualizations, a rich and composable visual grammar, an intuitive and well designed API, a flexible and performant rendering engine, a very lean tree of dependencies, and the important set of guarantees that the ASF provides when committing long term to using an Open Source project." "It was a pleasure guiding the ECharts community through the Apache Incubator," said Dave Fisher, ASF Member and Apache ECharts Incubating Mentor. "They have embraced the Apache Way of community-led development, encouraging those interested in helping improve ECharts to contribute and become part of its growing community.” "This is an exciting time for the ECharts community," added Zhang. "We are enjoying continued growth, and invite those interested in contributing to the project to join us on our developer and user
Apache Software Foundation Security Report: 2020
[this report is available online at https://s.apache.org/SecurityReport2020 ] Synopsis: This report explores the state of security across all Apache Software Foundation projects for the calendar year 2020. We review key metrics, specific vulnerabilities, and the most common ways users of ASF projects were affected by security issues. Released: January 2021 Author: Mark Cox, Vice President Security, Apache Software Foundation Background The security committee of the Apache Software Foundation (ASF) oversees and coordinates the handling of vulnerabilities across all of the 340+ Apache projects. Established in 2002 and composed of all volunteers, we have a consistent process https://s.apache.org/cveprocess for how issues are handled, and this process includes how our projects must disclose security issues. Anyone finding security issues in any Apache project can report them to secur...@apache.org where they are recorded and passed on to the relevant dedicated security teams https://apache.org/security/projects.html or private project management committees (PMC) to handle. The security committee monitors all the issues reported across all the addresses and keeps track of the issues throughout the vulnerability lifecycle. The security committee is responsible for ensuring that issues are dealt with properly and will actively remind projects of their outstanding issues and responsibilities. As a board committee, we have the ability to take action including blocking their future releases or, worst case, archiving a project if such projects are unresponsive to handling their security issues. This, along with the Apache Software License, are key parts of the ASF’s general oversight function around official releases, allowing the ASF to protect individual developers and giving users confidence to deploy and rely on ASF software. The oversight into all security reports, along with tools we have developed, gives us the ability to easily create metrics on the issues. Our last report covered the metrics for 2019 https://s.apache.org/security2019 . Statistics for 2020 In 2020 our security email addresses received in total 18,000 emails. After spam filtering and thread grouping this was 946 (2019: 620) non-spam threads. Unfortunately many security reports do look like spam and so the security team are careful to review all messages to ensure real reports are not missed for too long. [see image online at https://s.apache.org/SecurityReport2020 ] Diagram 1: Breakdown of ASF security email threads for calendar year 2020 Diagram 1 gives the breakdown of those 946 threads. 257 threads (27%) were people confused by the Apache License. As many projects use the Apache License, not just those under the ASF umbrella, people can get confused when they see the Apache License and they don't understand what it is. This is most common for example on mobile phones where the licenses are displayed in the settings menu, usually due to the inclusion of software by Google released under the Apache License. We no longer reply to these emails. This is nearly double the number we saw in 2019. The next 220 of the 946 (23%) are email threads with people asking non-security (usually support-type) questions. The next 93 of those reports were researchers reporting issues in an Apache web site. These are almost always false negatives; where a researcher reports us having directory listings enabled, source code visible, or the lack of various domain headers. These reports are generally the unfiltered output of some publicly available scanning tool, and often where the reporter asks us for some sort of monetary reward (bounty) for their report. That left 376 (2019: 320) reports of new vulnerabilities in 2020, which spanned across 101 of the top level projects. These 376 reports are a mix of both external reporters and internal; for example where a project has found an issue themselves and followed the ASF process to assign it a CVE name and address it we’d still count it here. We don’t keep metrics that would give the breakdown of internal vs external reports. The next step is that the appropriate project triages the report to see if it's really an issue or not. Invalid reports and reports of things that are not actually vulnerabilities get rejected back to the reporter. Of the remaining issues that are accepted they are assigned appropriate CVE names and eventually fixes are released. As of January 1st 2021, 35 of those 376 reports were still under triage (i.e. the project had not yet determined if the report is accepted or rejected). The remaining closed 341 (2019: 301) reports led to us assigning 151 (2019: 122) CVE names. Some vulnerability reports may include multiple issues, some reports are across multiple projects, and some reports are duplicates where the same issue is found by different reporters, so there isn't an exact one-to-one mapping of accepted
The Apache Way to Sustainable Open Source Success
[this post is available at https://s.apache.org/GhnI ] (originally published 19 March 2019) As Open Source software continues to grow in importance, it seems appropriate to reflect upon the ongoing success of The Apache Software Foundation (ASF) as it approaches its 20th anniversary. The Apache Way of community-driven development continues to gain momentum despite the compounding challenges of building software in the greater Open Source ecosystem. This approach, The Apache Way, was defined over 24 years ago by the original Apache Group, prior to the establishment of the Foundation. It has led to our success as a foundation and we believe it has been fundamental to the triumph of Open Source as a whole. While The Apache Way has been refined over the years, it remains true to the original goals of transparent, community-driven collaboration in a vendor-neutral environment that is accessible to all. The Apache Way defines Open Source in terms of both a legal and a social framework for collaboration. It helps others understand what makes Open Source powerful and how participants are expected to behave. In this post we will examine The Apache Way in the context of the Foundation's mission: "The mission of the Apache Software Foundation (ASF) is to provide software for the public good. We do this by providing services and support for many like-minded software project communities consisting of individuals who choose to participate in ASF activities." Let's dissect this mission statement. "Provide Software for the Public Good" Key points in this section: - We produce software that is non-excludable and non-rivalrous - Use of the software in any context does not reduce its availability to others - Users and contributors have no committed responsibility to the foundation, our projects or our communities - Use of a license that conforms to the Open Source Definition is necessary but not sufficient to deliver on our mission Investopedia defines a public good as "a product that one individual can consume without reducing its availability to another individual, and from which no one is excluded." On the surface, this is a good definition for our use of the term. However, there is a nuance in our use. Our mission is not to produce "public goods" but to "provide software for the public good". To understand why this is important, one needs to think about what motivates the ASF to produce software that is a public good. Open Source software can be digitally copied and reused in an unlimited number of ways. Every user can modify it for their specific needs. They can combine it with other software. They can design innovative new products and services using it and can make a living from the proceeds. This is all possible without impacting other people's use of the software. As such, the ASF produces software that can be used for the public good in many different ways. To allow us to deliver on this part of the mission, it is critical that we adopt a license that uses the law to protect the software curated here at the Foundation. For us that license is the Apache License, Version 2. In addition, we adopt an inbound licensing policy that defines which licenses are allowable on software reused within Apache projects. This policy can be summarized as: The license must meet the Open Source Definition (OSD). The license, as applied in practice, must not impose significant restrictions beyond those imposed by the Apache License 2.0. This means that you can be assured that software curated by projects within The Apache Software Foundation is both a public good and for the public good. You can use Apache software for any purpose and you have no responsibility to the Foundation or the project to contribute back (though as addressed in the next section, it is often in your interests to do so). It is important to recognize that there are software projects out there that adopt our license but do not adopt our inbound licensing policy. Such projects may bring restrictions that are not covered by our license; therefore, it is important to carefully examine the licensing policies of these projects. Using the Apache License alone may not provide you with the same options a Foundation project provides. Apache projects are successful, in large part, because of our diligence with respect to clearly-defined licensing policies. Such diligence makes it much easier for downstream users to understand what they can and cannot do with Apache software. The Apache License is deliberately permissive to ensure that everyone has an opportunity to participate in Open Source within the ASF or elsewhere. Modifications of our license are allowed, but modified licenses are neither the Apache License nor affiliated with or endorsed by The Apache Software Foundation. No modified license can be represented as such. Modified licenses that use the Apache name are strictly disallowed,
Inside Infra: Chris Lambertus --Part II
[this interview is available online at https://s.apache.org/InsideInfra-ChrisL2 ] Part II of the of the "Inside Infra" interview with Chris Lambertus, the last of the series of interviews with members of the ASF Infrastructure team, who share their experiences with Sally Khudairi, ASF VP Marketing & Publicity. [catch up on Part I of the interview https://s.apache.org/InsideInfra-ChrisL ] - - - "...you want to limit your exposure... You have to keep that in mind as you move through the day to make sure that you are minimizing your risk and minimizing your security threat vectors." - - - - So, in the scope of the team, I understand that you're a more "senior" developer. Not that you know better; it's not an issue of better or worse, but you're more seasoned. How does ASF compare to other groups that you've worked with? Are there special technical requirements or special security issues you have to be concerned with? Especially as we mentioned before, it seems like there's an unlimited number of project development environments. Are there certain things that you have to consider or accommodate or do that's so different with ASF that you've never experienced before? Can you give a little bit of a frame of reference for folks unfamiliar with how it is within the ASF? First of all, I'm not a developer. I am terrible at programming. Absolutely, I'm awful at it. I don't consider myself a developer in any way, shape, or form. I am a system administrator, 100%. - ...Administrator. Okay, so, you're a more "senior" sysadmin then. I hesitate to use the word senior, because it has some implications in the industry that I don't necessarily feel are appropriate for the ASF. I believe that I have been doing it longer than most other people on the team just as a career. I'm guessing that's probably what you mean by that. - Right. That's why I used the word "seasoned" also. It's hard because some people go, "Are you saying I'm old, or are you saying hierarchical, that I'm above others?" It's a hard way of describing it, because some folks have been programming or dealing with computers since there were kids, others later in life, but you guys are all moving in the same direction. So, how does one describe it? Yeah, I think seasoned is a good word. Just like I said, I've been working in the industry as a system administrator since 1992, pretty much continuously with some brief changes in the 2000s. It's not here nor there. So, it's not hierarchical. Everybody is equivalent in terms of the Infra team. Nobody's above anybody else or below anybody else, right? - ...I was wondering how is the ASF different from other groups you've worked with. All right. It's actually not all that different. There are a couple of things that make it unique. Well, a number of things that make it unique. One is that it's completely remote and completely geographically dispersed. Two is that the participants on the team are all from very different backgrounds and cultures and countries, which is fairly unusual for a system admin team, a small system admin team, I would say. But beyond that, it actually shares quite a lot of things that I typically see in system administration teams. There's a central job board, if you will, like the Jira stuff. There's a communications channel. We have Slack. There's a nominal leader in Greg, that directs the general movement of the barge. Yeah, by and large, it's pretty similar with most environments that I've worked in. I mean, some are much different. Some are very corporate, some are very open. Yeah, now I remember one of your previous questions --one of the biggest challenges that I found is the openness. The ASF for quite some time has been incredibly public with its configurations, with its systems, with its documentation. These types of things are very unusual in the corporate world or in commercial IT. Typically, you would never make that stuff public. The fact that it is and has been at the ASF, that's been a challenge for me. It's an unusual way to maintain systems. It's got some downsides. Having that stuff available can be concerning at times. - ...How so? Help me understand this, because I've been with the ASF forever. What you're mentioning right now reminds me of about 10 years ago, something failed in Infrastructure. I can't remember what it was, but it was a big thing. People were talking about it. It was even in the press at the time. It wasn't catastrophic, but it was big. We actually wrote a blog post about it and we presented about it at ApacheCon. From a marketing perspective and a media perspective, I was uncomfortable, because from a corporate perspective, you don't do that. The fact that we not only encouraged it but published it and educated everyone about it, admitted it, ate it all, we took responsibility, 100%: "Here's what failed. Here's w
The Apache Software Foundation Announces Apache® Superset™ as a Top-Level Project
[this announcement is available online at https://s.apache.org/scefo ] Open Source enterprise-grade Big Data visualization and business intelligence Web application in use at Airbnb, American Express, Dropbox, Lyft, Netflix, Nielsen, Rakuten Viki, Twitter, and Udemy, among others. Wilmington, DE —21 January 2021— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® Superset™ as a Top-Level Project (TLP). Apache Superset is a modern, Open Source data exploration and visualization platform that enables users to easily and quickly build and explore dashboards using its simple no-code visualization builder and state-of-the-art SQL editor. The project originated at Airbnb in 2015 and entered into the Apache Incubator program in May 2017. "It's been amazing to be an active part of growing a welcoming, diverse and engaged community over the past five years while following the ASF principles around inclusion, openness and collaboration," said Maxime Beauchemin, Vice President of Apache Superset. "At the scale and level of diversity that the Superset project has achieved, it's critical to have a solid governance model in place like the one prescribed by the ASF." Apache Superset v1.0 Superset helps streamline the analytics process by providing an intuitive interface to rapidly explore and visualize datasets, create interactive dashboards, and model real-time business intelligence insights at scale. The platform integrates with most SQL speaking data sources, including modern cloud-native databases, data warehouses, and engines at petabyte scale. The Project also celebrates a major milestone with the release of Apache Superset 1.0. Features include: - Rich library of visualizations with support for integrating custom visualizations - Thin caching layer to optimize performance of charts and dashboards - Code-free visualization builder - State-of-the-art SQL editor and metadata workflow - Extensible enterprise authentication and security model - Easy-to-use, lightweight semantic layer - Notification alerts and scheduled reports "Apache Superset 1.0 is a solid, mature, self-standing solution that fully solves business intelligence and data visualization needs for modern data teams," added Beauchemin. "Superset not only covers the table stakes, but also offers guarantees, features and a fresh approach that existing BI solutions can't match." Apache Superset is in use at Airbnb, American Express, Dropbox, Lyft, Netflix, Nielsen, Rakuten Viki, Twitter, and Udemy, among others. A list of known users is available at https://github.com/apache/superset/blob/master/INTHEWILD.md . "Apache Superset helps Airbnb democratize data insights and make data-informed decisions," said Jeff Feng, Product Lead at Airbnb and member of the Apache Superset Project Management Committee. "Superset uniquely connects SQL analysis with data exploration for thousands of employees each week. It also serves as a flexible and reliable platform for visualizing metrics, helping executives and knowledge workers see and understand data." "We had an amazing journey with Superset at Dropbox," said Chloe Wang, Senior Product Manager, Data Insights Platform at Dropbox. "Superset got introduced in 2019 and soon became the most widely adopted query engine within the analytical organization. As a result, our analysts are able to make timely and high confidence product decisions." "Before Superset, we were paying for a patchwork of proprietary tools and we kept running into limitations when it came to customizing charts and dashboards," said Amit Miran, Software Team Lead for Media Application Framework group at Nielsen. "Once the Superset project supported adding of custom visualizations, that was the turning point for us at Nielsen to start adopting Superset in large projects. We’re very excited about native dashboard filters and future support for cross filtering, which will make our viz plugins even more powerful. The excitement for the project drove me to become involved in my first open source project." "Apache Superset is an amazing project that enables engineers to easily execute data analysis," said Grace Guo, member of the Apache Superset Project Management Committee. "I have been a Superset user and a Superset builder for a few years. I run queries in SQL Lab, visualize data using one of the many supported chart types, and build dashboards, specifically focusing on performance and product adoption metrics. As an engineer, I appreciate the ability to contribute to the product. If I see some area to improve, or need a feature which doesn’t exist, I am happy to create a PR to fix it for myself and benefit other users." "Apache Superset’s strength lies in its community," added Beauchemin. "We invite those interested in data visualization to join our mailing
The Apache CloudStack Project Releases Apache® CloudStack® v4.15
[this announcement is available online at https://s.apache.org/vi0v8 ] Mature Open Source Enterprise Cloud platform powers billions of dollars in transactions for the world's largest Cloud providers, Fortune 5 multinationals, educational institutions, and more. Wilmington, DE —19 January 2021— The Apache CloudStack Project announced today v4.15 of Apache® CloudStack®, the mature, turnkey Open Source enterprise Cloud orchestration platform. Apache CloudStack is the proven, highly scalable IaaS platform of choice to rapidly and easily create private, public, and hybrid Cloud environments: it "just works". Apache CloudStack powers mission-critical clouds for the world’s largest users and service providers, including Alcatel-Lucent, Apple, Autodesk, Bell Canada, BT, China Telecom, Dell, Disney, Fujitsu, Huawei, INRIA, Juniper Networks, Korea Telecom, Leaseweb, Melbourne University, Nokia, NTT, Orange, SAP, Schuberg Philis, Taiwan Mobile, Tata, TrendMicro, Verizon, WebMD, and countless others. "We are pleased to announce our latest release, making CloudStack even easier to deploy full-featured public and private clouds," said Sven Vogel, Vice President of Apache CloudStack. "Apache CloudStack continues to grow from strength to strength, with upgraded software and powerful deployments, backed by a robust community." Apache CloudStack v4.15 Apache CloudStack includes the entire "stack" of features in an IaaS cloud: compute orchestration, Network-as-a-Service, user and account management, full and open native API, resource accounting, and a first-class user interface. The new 4.15 release ships with more than 200 new features, improvements, and bug fixes that include: - A new, modern user interface at general availability - vSphere advanced storage capabilities to support VMware storage policies, vSAN, VMFS6, vVols and datastore clusters - VMware "deploy-as-is" templates with OVF properties support for deploying virtual appliances in CloudStack clouds - Secondary storage management tools - Roles based users in projects - Dynamic roles enhancements for more granular RBAC - Support for CentOS 8, Ubuntu 20.04, XCP-ng 8.1, and MySQL 8 - noVNC console for performance improvements to VM console access - Redfish support for out of band management - Unmanaging guest VMs - PVLAN support for L2 networks - Boot into hardware setup (VMware) - Configure root disk via service offering The full list of new features is available in the project release notes at https://docs.cloudstack.apache.org/en/4.15.0.0/releasenotes/about.html "At NTT/Itelligence we were eagerly anticipating this latest version of Apache CloudStack as many of the features in the release are of importance to our Itelligence cloud solution," said Andre Walter, VP, Head of GMS Cloud Infrastructure Services at Itelligence Global Managed Services GmbH. "We are particularly excited about the vSphere advanced capabilities and full OVF properties support. It is important for us to see the Open Source community bringing more and more features that allow us to enhance our global cloud operations capabilities." "Apache CloudStack continues to bring innovative features for public cloud providers like us," said Wido den Hollander, CTO of PCExtreme. "With the 4.15 release, we are very interested in the Redfish implementation for Out of Band Management which helps bring the next generation of server management to our data centres. The fact that the CloudStack community is driven by users of the software as opposed to vendors with competing interests means that time and time again we see these exciting features delivered In Apache CloudStack." "Apache CloudStack continues to cement itself as the logical choice for reliable, open source IaaS orchestration," said Giles Sirett, CEO of ShapeBlue. "It is proven, hugely scalable and, most importantly, easy to deploy and operate. The 4.15 release brings many features that will allow both public and private cloud operators to further innovate on their service offerings. I’d like to thank everybody in the Apache CloudStack community for this latest release." The Apache CloudStack community invites those interested to join its mailing lists and global events, including CloudStack Collaboration Conference and numerous regional user groups. To get started and for ways to contribute, visit http://cloudstack.apache.org/contribute.html Availability and Oversight Apache CloudStack software is released under the Apache License v2.0 and is overseen by a volunteer, self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. Apache CloudStack Resources Source code downloads http://cloudstack.apache.org/downloads.html Documentation http://docs.cloudstack.apache.org/ Upgrade instructions
The Apache News Round-up: week ending 1 January 2020
[this newsletter is available online at https://s.apache.org/5ag3n ] Welcome, 2021! We hope that you have had a festive holiday season and are excited to kick off the new year. Here's what happened over the past week: Apache in 2020 - By The Digits – a look at the achievements from the Apache Community over the past 12 months. - Summary and stats at https://s.apache.org/Apache2020Digits - Video highlights https://s.apache.org/Apache2020Digits-vid The Apache Month in Review – highlights of what we've accomplished over the past month. - December 2020 https://s.apache.org/Dec2020 ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - The Apache Software Foundation Operations Summary: Q2 FY2021 (August - October 2020) https://s.apache.org/Q2FY2021 - Next Board Meeting: 20 January 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998. - all videos from ApacheCon@Home are available at https://www.youtube.com/c/TheApacheFoundation/ ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at 99.95%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/ Apache Code Snapshot – Over the past week, 214 Apache Committers changed 1,634,010 lines of code over 2,290 commits. Top 5 contributors, in order, are: Gary Gregory, Andreas Veithen, Chesnay Schepler, Rene Cordier, and Sylwester Lachiewicz. Apache Project Announcements – the latest updates by category. Application Performance Monitoring -- - Apache SkyWalking Python v0.5.0 released https://skywalking.apache.org/ Big Data -- - Apache ShardingSphere ElasticJob 3.0.0-RC1 released http://shardingsphere.apache.org/elasticjob/ - Apache Accumulo 1.10.1 and 2.0.1 released http://accumulo.apache.org/ - Apache Accumulo CVE-2020-17533: Improper Handling of Insufficient Permission https://s.apache.org/ixwwc Data Management Platform -- - Apache Ignite 2.9.1 released http://ignite.apache.org/ Did You Know? - Did you know that the following Apache projects are celebrating anniversaries this month? Many happy returns to Apache Cocoon, James, and Web Services (17 years); Lucene (15 years); ActiveMQ (13 years); Hadoop (12 years); River (9 years); Empire-db and Gora (8 years); OpenMeetings (7 years); Samza (5 years); Arrow (4 years); and Ranger (3 years)! https://projects.apache.org/committees.html?date - Did you know that the Top Ten of Fortune's "Future 50" companies --ServiceNow, Veeva Systems, Atlassian, Workday, Splunk, Adyen, MercadoLibre, DexCom, Square, and Spotify-- are all Powered by Apache? Everyone is welcome to use ASF and Apache Project badges to show that your projects are Powered by Apache http://apache.org/foundation/press/kit/#poweredby - Did you know that ASF Targeted Sponsor Manning Publications is offering special deals on the latest books on Apache Airflow, Pulsar, Spark, and Thrift, among other titles and MEAP (Manning Early Access Program) eBooks? https://deals.manning.com/the-latest-apache-innovations/ Apache Community Notices - Apache Month In Review: November 2020 https://s.apache.org/Nov2020 - ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport - "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation - The Apache Software Foundation Statement on the COVID-19 Coronavirus Outbreak https://s.apache.org/COVID-19 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership https://s.apache.org/21stAnniversary - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI - Foundation Reports and Statements http://www.apache.org/foundation/reports.html - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache - Inside Infra: the new interview series with members of the ASF infrastructure team --meet Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris Drew Foulks https://s.apache.org/InsideInfra-Drew Greg Stein Part I https://s.apache.org/InsideInfra-Greg ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3 Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2 Gavin McDonald Part I
Apache in 2020 - By The Digits
[this report, including charts and graphics, is available online at https://s.apache.org/Apache2020Digits ] Whilst 2020 has been quite a challenging year world-wide, the all-volunteer Apache community has demonstrated commendable strength, resilience, and commitment to our tenet of "Community Over Code" — - 238 Apache Projects, sub-projects, incubating podlings, and their communities produced nearly 3,500 releases across dozens of categories (API Gateways, Application Performance Management, Big Data, Blockchain, Build Management Cloud Computing, Content, Cryptography, Customer Profile Platform, Databases, eMail, Enterprise Resource Planning, FinTech, Identity Management, Integrated Development Environments, Integration, IoT, Libraries, Logging, Machine Learning, Messaging, Natural Language Processing, Operating Systems, Programming Languages, Remote Desktop Gateway, Search, Security Frameworks, Servers, Services Framework, Templating, Testing, Version Control, Web Conferencing, Web Crawlers, Web Frameworks, and more). - We produced the "Trillions and Trillions Served" documentary that showcases how The Apache Way skyrocketed the ASF from overseeing a single project two decades ago to 350+ projects that produce $22B+ worth of software today. - Apache events moved online, and attracted our most diverse and greatest number of participants. ApacheCon@Home drew nearly 5,750 participants from more than 150 countries, who enjoyed 300+ sessions across 27 tracks. A staggering 1.5M+ viewers tuned in to the Apache Roadshow/China over its 2-day online event. Additional highlights: Apache Projects —https://projects.apache.org/ - Total number of projects + sub-projects - 342 - Top-Level Projects - 199 - Podlings undergoing development in the Apache Incubator - 41 - New Top-Level Projects that graduated from the Incubator - 10 Community/People —http://home.apache.org/ The ASF’s merit-driven "Contributor-Committer-Member" progression is the central governing process across the Apache ecosystem. The core Apache Group of 21 individual Members grew with developers who contributed code, patches, or documentation. Some of these contributors were subsequently granted Committer status by the Membership, and provided access to: 1) commit code directly to Apache repositories; 2) vote on community-related decisions; and 3) propose an active user for Committership. Today, ASF Committers contribute not just code and documentation, but also an array of initiatives that provide value across the greater Apache ecosystem, including Project promotion and community development through mentoring, events, and diversity and inclusion programs. Those Committers who demonstrate merit in the Foundation's growth, evolution, and progress are nominated for ASF Membership by existing members. The Apache community continues to grow: we welcomed 3,612 contributors in 2020, 51.87% of whom were newcomers to Apache - 905 individuals earned Committer status, totalling 8,022. - 34 individuals were elected as new ASF Members, totalling 813. Apache Projects/Code —https://projects.apache.org/statistics.html - 3,258 Apache Committers changed 117,350,563 lines of code over 247,451 commits. Top 5 Committers - Andrea Cosentino (6,357 commits; 2,003,123 lines changed) - Jean-Baptiste Onofré (3,120 commits; 735,656 lines changed) - Claus Ibsen (2,838 commits; 1,919,860 lines changed) - Mark Thomas (2,360 commits; 185,548 lines changed) - Gary Gregory (2,188 commits; 234,845 lines changed) Top 5 Apache Project Repositories by Size (Lines of Code) - Tuweni (incubating; 7,822,771 --Tuweni is Apache's first project in the Blockchain space) - Flex (7,007,693) - NetBeans (6,582,707) - OpenOffice (6,376,683) - Hadoop (3,521,559) Top 5 Apache Project Repositories by Commits - Camel - Flink - Airflow - Lucene/Solr - Spark GitHub: Top 5 Most Active Apache Project Sources (clones) - Thrift - Beam - Arrow - Geode - Cordova GitHub: Top 5 Most Active Apache Project Sources (visits) - Spark - Flink - Kafka - Beam - Camel Mailing Lists —https://lists.apache.org/ "If it didn’t happen on-list, it didn’t happen" The ASF’s day-to-day operations, including Apache project and community development, takes place on ~1,450 public and ~700 private mailing lists. - In 2020, 18,388 authors sent 2,139,458 emails on 774,364 topics. Top 5 most active Apache Project user@ mailing lists - Flink - Lucene-Solr - OpenMeetings - Ignite - Tomcat Top 5 most active Apache Project dev@ mailing lists - Tomcat - Flink - Royale - James - Beam Contributor License Agreements and Software Grants —https://www.apache.org/licenses/ Individuals who are granted write access to the Apache repositories must submit an Individual Contributor License Agreement (ICLA). Corporations that have assigned employees to work on Apache projects as part of an employment agreement may sign a Corporate CLA
Apache Month in Review: December 2020
[this post is available online at https://s.apache.org/Dec2020 ] Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in December: Support Apache -- When we founded the ASF 21 years ago, we made a commitment to ensure Apache software is freely available to everyone worldwide at 100% no cost. Today the ASF provides more than $21B worth of software developed by an all-volunteer community. - from Individual and Corporate donations to online shopping, Corporate Charitable Giving, Matching Gifts, and Sponsorship, There are many ways to help the ASF with a tax-deductible contribution https://s.apache.org/2020SupportApache New this month -- - ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998. -- Videos of all ApacheCon@Home sessions, including Plenaries and Keynotes, are available https://www.youtube.com/c/TheApacheFoundation/ - Apache Software Foundation Operations Summary: Q2 FY2021 (August - October 2020) https://s.apache.org/Q2FY2021 - "Inside Infra" – the interview series featuring members of the ASF Infrastructure team -- Meet Andrew Wetmore --Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2 - Apache Month in Review: November 2020 https://s.apache.org/Nov2020 Important Dates -- - Next Board Meeting: 20 January 2021. Board calendar and minutes http://apache.org/foundation/board/calendar.html Infrastructure -- Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in December was 99.95%. http://www.apache.org/uptime/ Committer Activity -- In December, 837 Apache Committers changed 11,192,118 lines of code over 18,775 commits. The Committers with the top 5 highest contributions, in order, were: Andrea Cosentino, Xiang Xiao, Hugh Miles, Andi Huber, and Gary Gregory. Project Releases and Updates -- New releases from Apache Accumulo (Big Data); Airflow (Big Data); APISIX (API); Avro (Big Data); Beam (Big Data); Bigtop (Big Data); Camel (Integration); Flink (Big Data); Groovy (Programming Languages); HBase (Big Data); HttpComponents Core (Servers); IoTDB (IoT); Jackrabbit (Content); JMeter (Testing); JSPWiki (Content); Kafka (Big Data); Knox (Big Data); OpenMeetings (Web Conferencing); PDFBox (Content); Pulsar (Messaging); Rya (Big Data); ShardingSphere (Big Data); SINGA (Machine Learning); Skywalking (Application Performance Management); Struts (Web Frameworks); Syncope (Identity Management); Tika (Big Data); Tomcat (Servers); Traffic Control (Servers); Traffic Server (Servers); Yetus (Library). The Apache Incubator is the primary entry path for projects wishing to become an official part of the ASF. New to the Apache Incubator in December: Wayang (Big Data). We invite you to review the many projects currently in development in the Apache Incubator http://incubator.apache.org/ . # # # To see our Weekly News Round-ups (published every Friday), visit https://blogs.apache.org/foundation/ and click on the calendar or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your support! = = = NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
Final days to Support Apache.
[this post is available online https://s.apache.org/2020SupportApache ] When we founded the ASF 21 years ago, we made a commitment to ensure Apache software is freely available to everyone worldwide at 100% no cost. Today the ASF provides more than $21B worth of software developed by an all-volunteer community. Your tax-deductible contribution has an immediate impact by helping us continue to steward, develop, and incubate Apache projects and their communities. There are many ways to help the ASF: - Individual and Corporate donations --contribute on a one-time, monthly, or quarterly basis via credit card, PayPal, or ACH (US banks). https://donate.apache.org/ - Online shopping --start at http://smile.amazon.com, select The Apache Software Foundation as the beneficiary organization, and Amazon will contribute 0.5% of the sale to the ASF. - Corporate Charitable Giving --companies such as Bloomberg, IBM, Microsoft, Charles Schwab, Vanguard, and others support Apache through an array of philanthropic programs and matching gifts. http://apache.org/foundation/contributing.html - Sponsor the ASF --ASF Sponsors provide essential annual support that helps make a lasting impact. http://apache.org/foundation/sponsorship Just one week remains to make an end-of-year tax-deductible contribution in 2020. Thank you in advance for your generous support! = = = NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
The Apache Software Foundation Operations Summary: 1 August - 31 October 2020
D BRONZE: Bintray, Education Networks of America, Google, Hopsie, No-IP, PagerDuty, Peregrine Computer Consultants Corporation, Sonic.net, SURFnet, Virtru To sponsor The Apache Software Foundation, visit http://apache.org/foundation/sponsorship.html . To make a one-time or monthly recurring donation, please visit https://donate.apache.org/ . = = = Report prepared by Sally Khudairi, Vice President Marketing & Publicity, with contributions by David Nalley, President; Rich Bowen, Vice President Conferences; Mark Cox, Vice President Security; Sharan Foga, Vice President Community Development; Christian Grobmeier, Vice President Data Privacy; Myrle Krantz, Treasurer; Griselda Cuevas, Vice President Diversity & Inclusion, Vice President Fundraising; and Mark Thomas, Vice President Brand Management. For more information, subscribe to the announce@apache.org mailing list http://apache.org/foundation/mailinglists.html#foundation-announce and visit http://www.apache.org/ , the ASF Blog at http://blogs.apache.org/ , the @TheASF on Twitter https://twitter.com/TheASF , and LinkedIn https://www.linkedin.com/company/the-apache-software-foundation . (c) The Apache Software Foundation 2020. # # # NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
Inside Infra: Andrew Wetmore --Part II
[this interview is available online at https://s.apache.org/InsideInfra-Andrew2 ] The "Inside Infra" series continues with members of the ASF Infrastructure team. Andrew Wetmore shares his experience in Part II of his interview with Sally Khudairi, ASF VP Marketing & Publicity. = = = "The nice thing is that the Infrastructure team does so much so well and almost making it look easy that any project in Apache that's really got itself organized to do its work is going to find success, because there's going to be no roadblock or brick wall or power failure that will keep them from it. That makes me feel like I'm engaged in a very small way in a very large good thing." = = = - Let's talk about your background and your road to the ASF. How did you become a technical writer and editor? What sorts of projects were you working on? Well, let's see. I spent 20 years as an ordained minister and I was working for the Episcopal Church in the US and the Anglican Church in Canada. I got to the point where I preached my many thousands of sermons and it was time to stop. It was about then I moved over into QA and documentation with a company building healthcare software in DOS. That tells you how far back we are. One of my first great excitements was helping that team through the Y2K tensions. I got myself a bit smarter and took courses and had a lot of hands-on experience. I became proficient as a tester as well as a documenter. I worked over the next 15 years for a number of companies, large corporations, startups, and nonprofits, and leading teams or participating in teams, both for documentation and testing, but also at one point, I was the director of user experience. It was designing the front-end for a big complex project. I've built applications from end to end, usually using Flex which compiled to Flash in the days when we could trust it, when we hadFlash to play with, ColdFusion for munging things around and communicating with the database and a MySQL database. - … That's a blast from the past with ColdFusion. It's still around. There's a new ColdFusion. It's even brighter and shinier, I'm sure. I was just looking at it and thinking, "Gosh, I really should take a look at the tutorial and see if I still recognize anything." - I'm curious, when you tell people what you do, how would you describe the ASF to the uninitiated? I would say it is a benevolent community home for a whole bunch of highly focused teams who are trying to do good stuff. The benevolent community home provides the support features that let those teams do their things without crashing into each other. - How do you explain what you do? Do you know the movie Fifth Element? - … Yes. That's a cult film in the tech community. I've only seen parts of it superficially, I don't know it years after so I might have to watch it again. You were very young. Your parents probably had to give you permission to go to it. - No. I'm older than you think. In that movie, there's a sequence when a bad guy is explaining economics by knocking a drinking glass off his table and it breaks and there's a mess. Out from the baseboards of the wall come all these little robots, one robot with a broom, one robot with a dustpan and one robot with a vacuum cleaner and a duster and they go. They run around and they clean up the mess and they disappear back in the baseboard. That's me on the Infra team. I'm the little guy with the dustpan. - … I love it. I understand that you are also very active with ApacheCon --were you involved in this past ApacheCon that we had in September? I was. I thought Royale had some things to say that could be said and I looked around and nobody seemed to have the time or have paid attention to the fact that there should be a Royale track. I said, "Oh, there's going to be a Royale track and I guess I'll coordinate it." - … You volunteered to do that, you decided to do it, you just rolled up sleeves and dove it? Well, I said to the team, "If nobody else will do it, I'm going to do it." I was sure, I was so hoping, that someone else would say, "Oh, no, I'll do that," and then I'd be in a support role, but that didn't happen. I also engaged with the team that Rich had to put ApacheCon together, but in a very minor way. I didn't help as much as I felt I should have helped just from a lack of time. - … You were on the Planners list; you were involved with that as well? Yeah, in the regular meetings and so on and testing out things like the -- - … Hopin platform. I have my own Hopin account now because I found it quite useful. - Was that your first ApacheCon or have you gone to a face-to-face event before? I've never been to an ApacheCon until this one. Obviously I've never been in a face-to-face one because there hasn't been one since. In fact, the Infra team was going to have one of its annual fa
The Apache Software Foundation Announces Apache® TVM™ as a Top-Level Project
[this announcement is available online at https://s.apache.org/59g4a ] Open Source End-to-End Deep Learning Hardware Compiler Stack in use at Alibaba Cloud, AMD, ARM, AWS, Facebook, Huawei, Intel, Microsoft, NVIDIA, and Xilinx, among others. Wilmington, DE —30 November 2020— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® TVM™ as a Top-Level Project (TLP). The ASF's first full stack software and hardware co-optimization project, Apache TVM is an end-to-end open deep learning compiler stack for CPUs, GPUs, and specialized accelerators. TVM enables machine learning developers to optimize and run computations efficiently on any hardware backend. The project originated in 2017 as a research project at Washington University and entered the Apache Incubator in March 2019. "It is amazing to see how the Apache TVM community members come together and collaborate under The Apache Way," said Tianqi Chen, Vice President of Apache TVM. "Together, we are building a solution that allows machine learning engineers to optimize and run computations efficiently on any hardware backend." Apache TVM’s extensible full-stack framework enables deep learning applications to efficiently deploy across an array of hardware modules, platforms, and systems, including mobile phones, wearables, specialized chips, and embedded devices. Features include: High Performance: compilation and minimal runtimes commonly unlock ML workloads on existing hardware. Runs Everywhere: automatically generates and optimizes tensor operators on backends, CPUs, GPUs, browsers, microcontrollers, FPGAs, ASICs, and more. Flexible: deep learning compilation models in Keras, Apache MXNet (incubating), PyTorch, Tensorflow, CoreML, and DarkNet, among other libraries. Supports block sparsity, quantization, random forests/classical ML, memory planning, MISRA-C compatibility, Python prototyping, and more. Easy to Use: easily build out production stacks using C++, Rust, Java, or Python. Deploy deep learning workloads across diverse hardware devices. Apache TVM is in use at dozens of organizations and institutions that include Alibaba Cloud, AMD, ARM, AWS, Carnegie Mellon University, Cornell University, Edge Cortix, Facebook, Huawei, Intel, ITRI, Microsoft, NVIDIA, Oasis Labs, OctoML, Qualcomm, University of California/Berkeley, UCLA, University of Washington, Xilinx, and more. "ML compilers and runtimes thrive on diversity of models supported and HW targets, which is a perfect way to show the power of Open Source communities," said Luis Ceze, CEO of OctoML and Professor at the University of Washington. "It has been fantastic to see Apache TVM's fast adoption among hardware vendors and ML end-users, being well on its way to becoming a de-facto industry standard." "Apache TVM brings unique value to deep learning researchers and developers. It closes the gap between model development and the demand to efficiently deploy it on various hardware targets," said Yizhi Liu, Senior Software Development Engineer at AWS and member of the Apache TVM Project Management Committee. "I'm thrilled to see Apache TVM now becomes the Top-Level Project and looking forward to further collaboration with the community." "Congratulations to the Apache TVM community for graduating to be one of the Top Level Projects of The Apache Software Foundation," said Henry Saputra, ASF Member and Apache TVM Incubating Mentor. "The Apache TVM ecosystem has a healthy mix of representation and contribution from the industries and academia that provides a good balance of innovations and production readiness for wider and faster adoption. As one of the mentors of the podling, I am grateful and glad to be part of the journey." "The key to Apache TVM's success is its open community," added Chen. "We welcome everyone interested in the field to join us and shape the future of ML compilation together under The Apache Way." Catch Apache TVM in action at the annual TVM Conference being held 2-4 December 2020. The online event is free of charge to participate: for more information and to register, visit https://tvmconf.org/ Availability and Oversight Apache TVM software is released under the Apache License v2.0 and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. For downloads, documentation, and ways to become involved with Apache TVM, visit http://tvm.apache.org/ and https://twitter.com/ApacheTVM About the Apache Incubator The Apache Incubator is the primary entry path for projects and codebases wishing to become part of the efforts at The Apache Software Foundation. All code donations from external organizations and existing external projects enter the ASF
Inside Infra: Andrew Wetmore --Part I
[this interview is available online at https://s.apache.org/InsideInfra-Andrew ] The "Inside Infra" series with members of the ASF Infrastructure team continues with Part I of the interview with Andrew Wetmore, who shares his experience with Sally Khudairi, ASF VP Marketing & Publicity. - - - "...I really had a distant but benevolent appreciation of Apache until I started to get more and more involved with Royale and began to understand from that angle all the things that the Foundation does to support these little projects that could not survive without it. Of course, now that I've become part of the Infrastructure team, I'm awestruck by the amount of work that the team does to support all these little projects, so they can do their thing." - - - - What is your name and how is it pronounced? I'm An-drew Wet-more. The "Wetmore" is like a rainy day, very easy to pronounce. - When and how did you get involved with the ASF? I was a Flex and ColdFusion developer. When Flex came to end-of-support with Adobe and they passed it over to Apache, I followed along. I wasn't an active committer: I was a participant in the Apache Flex project and contributing in my little ways here and there. Then when the Apache Royale project split off Apache Flex, I went there, but I was not an active, not a heavily significant contributor. That is, I was helping with documentation, a bit of testing, a bit of organizing and helping. I was truly surprised when I was invited to become a Committer. Then at some point, somebody noted on the Apache Royale list that the Apache Software Foundation Infrastructure Team was looking for a documentation person. I thought, "Well, that's interesting. Maybe I would be able to contribute to that." I followed that up. I wrote to (ASF Infrastructure Administrator) Greg Stein and introduced myself and said, "Oh, I'd be interested if this is something that's happening." Then for one reason and another, nothing happened for quite a long time. That was fine. He told me nothing was going to happen for a while. He was migrating some monstrous mountain of something. Then when that long time was up, I pinged him again and said, "I'm still around if that's an interesting possibility," and we got talking. He did that wonderful interviewer thing of saying, "Well, if you were going to hire someone for this sort of a job, that has this heading, what sort of job description would you write?" He made me write the job description. I thought, "this is cute: I'm happy to help. I don't know what person not me is going to get this job, but I'm happy to write what I think is a good job description for this thing." Truly, I really expected this to go out and a whole bunch of people to apply for it and that I would get a participation trophy. I was very pleased when I was invited to join the team. - … You got the real trophy. Yes, I did. - You got involved when Flex came to Apache, so that goes back to 2011, you've been with the Foundation for nine years or so? I was aware and downloading builds as soon as there were builds to download and participating. I was still building my own Flex stuff, but I don't think I was really contributing significantly until around maybe 2015. Then I didn't become a Committer until 2018. - The other things you were doing prior to Infra were limited to Apache Flex and then onto Royale? Yeah, I had a glancing awareness of Apache. Without even thinking about it, of course, I was using Apache tools like Apache Tomcat packages, but I really had a distant but benevolent appreciation of Apache until I started to get more and more involved with Royale and began to understand from that angle all the things that the Foundation does to support these little projects that could not survive without it. Of course, now that I've become part of the Infrastructure team, I'm awestruck by the amount of work that the team does to support all these little projects, so they can do their thing. - It's interesting with Apache projects because they're mostly ingredient brands versus a customer-facing final product. Of course we do have those too, but the majority of them power something else. A lot of times people aren't aware until they're in it: then they’re like, "Oh, wow, Apache is everywhere." Well, I keep trying to improve myself and I go and choose a product project at random and read its homepage and its "about our product" thing and see how far I can get before I've hit five things that I don't understand at all. I don't even understand what I would do with the thing that I do understand which is not a knock on those projects. It's what you just said, they're not end-user-facing. I, as a Flex developer, was a Flex developer. I was using Flex and now Royale to build other things, not getting in with the toolkit and adjustin
The Apache Weekly News Round-up: week ending 20 November 2020
[this newsletter is available online at https://s.apache.org/fwsym ]
Happy Friday! Here's what the Apache community has been up to this week:
Inside Infra – the interview series featuring members of the ASF Infrastructure
team.
- Gavin McDonald --Part II https://s.apache.org/InsideInfra-Gavin2
ASF Board – management and oversight of the business affairs of the corporation
in accordance with the Foundation's bylaws.
- Next Board Meeting: 16 December 2020. Board calendar and minutes
https://apache.org/foundation/board/calendar.html
ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's
Technology Today since 1998.
- ApacheCon@Home sessions now online at
https://www.youtube.com/c/TheApacheFoundation/
ASF Infrastructure – our distributed team on three continents keeps the ASF's
infrastructure running around the clock.
- 7M+ weekly checks yield uptime at 99.74%. Performance checks across 50
different service components spread over more than 250 machines in data centers
around the world. http://www.apache.org/uptime/
Apache Code Snapshot – Over the past week, 310 Apache Committers changed
806,646 lines of code over 3,127 commits. Top 5 contributors, in order, are:
Jarek Potiuk, Kaxil Naik, Andrea Cosentino, Mark Miller, and Maruan Sahyoun.
Apache Project Announcements – the latest updates by category.
Application Performance Monitoring --
- Apache SkyWalking Could on Kubernetes 0.1.0 and SkyWalking Client JS version
0.2.0 released http://skywalking.apache.org/
Big Data --
- Apache BookKeeper 4.11.1 released http://bookkeeper.apache.org/
- Apache ShardingSphere 5.0.0-alpha released http://shardingsphere.apache.org/
Content --
- Apache Jackrabbit Oak 1.36 released http://jackrabbit.apache.org/
Libraries --
- Apache Log4j 2.14.0 released http://logging.apache.org/
- Apache CXF CVE-2020-13954 Reflected XSS in the services listing page via the
styleSheetPath https://s.apache.org/tsb9p
Messaging --
- Apache Qpid Proton-J 0.33.8 released http://qpid.apache.org/
Servers --
- Apache Tomcat 8.5.60, 9.0.40, and 10.0.0-M10 available
http://tomcat.apache.org/
Did You Know?
- Did you know that the following Apache projects are celebrating their
anniversaries this month? Three cheers to Apache Ant (18 years); HttpComponents
(13 years); Attic, Buildr, CouchDB, and Qpid (12 years); Community Development
("ComDev", 11 years); OODT and ZooKeeper (10 years); Kafka and Syncope (8
years); Ambari (7 years); BookKeeper, Drill, and MetaModel (6 years); Brooklyn,
Groovy, Kylin, and REEF (5 years); Geode (4 years); Guacamole, Impala, and
Mnemonic (3 years); Griffin (2 years); and Petri (1 year). Many happy returns!
https://projects.apache.org/committees.html?date
- Did you know that you can make a tax-deductible individual or corporate
contribution to the ASF to help us continue to provide more than $20B worth of
software to the public at 100% no cost? Donate today at
https://donate.apache.org/
- Did you know that Alibaba’s real-time computing platform processed data
streams totaling 4 billion items per second during Singles Day, the largest
global online shopping event, using Apache Flink? https://flink.apache.org/
- Did you know that more than 300 videos from ApacheCon@Home are now available,
including keynotes, plenaries, and sessions on Big Data, Clinical Data,
Community, Content Delivery, Fintech, Incubator, Integration, IoT, Machine
Learning, Mobile, Observability, Search, Servers, Streaming, and more are now
available? https://www.youtube.com/c/TheApacheFoundation/
Apache Community Notices
- Apache Month In Review: October 2020 https://s.apache.org/Oct2020
- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport
- "Trillions and Trillions Served" documentary on the ASF: 1) full feature
https://s.apache.org/Trillions-Feature 2) "Apache Everywhere"
https://s.apache.org/ApacheEverywhere 3) "Why Apache"
https://s.apache.org/ASF-Trillions 4) “Apache Innovation”
https://s.apache.org/ApacheInnovation
- The Apache Software Foundation Statement on the COVID-19 Coronavirus
Outbreak https://s.apache.org/COVID-19
- The Apache Software Foundation Celebrates 21 Years of Open Source Leadership
https://s.apache.org/21stAnniversary
- Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits
- The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI
- Foundation Reports and Statements
http://www.apache.org/foundation/reports.html
- "Success at Apache" focuses on the people and processes behind why the ASF
"just works". https://blogs.apache.org/foundation/category/SuccessAtApache
- Inside Infra: the new interview series with members of the ASF
infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II
Inside Infra: Gavin McDonald --Part II
[this interview is available online at https://s.apache.org/InsideInfra-Gavin2 ] The "Inside Infra" series with members of the ASF Infrastructure team continues with Part II of the interview with Gavin McDonald, who shares his experience with Sally Khudairi, ASF VP Marketing & Publicity. - - - "... you don't know you need somebody until somebody like that arrives." - - - - Earlier you mentioned growth: preparing for growth and being able to accommodate that growth. What areas are you guys experiencing the biggest growth? Is there a specific type of request that's coming in more than others? I'm hearing all the time when I'm dealing with our Targeted Sponsors, for example, I'm hearing "We need more CI. We want more services in this area. We want more credits." What is it that you guys are feeling, or what are you dealing with in terms of big picture? What's the biggest demand, where are things coming from? Yeah, as far as I'm concerned you're spot on with CI. - … That's you. I mean it's not me totally. I have been concentrating on it more as others have been concentrating on other things, yes. Jenkins for example, we had this one --I call it a mega monolith of a service that had all the project services that was on one server, one Jenkins instance. And it was the same instance being upgraded for the last 10 years. So it was time to migrate it, so it's been migrated to five smaller Jenkins services. BuildBot is also being upgraded and moved to a bigger server. You've got actually Travis is being used to its full capacity. - What does that mean, "to its full capacity"? When Travis came out, projects started using it, and we're now at the stage where it's at the full capacity ASF is provided. - Oh okay. So if they're giving us 20 whatever, we're at 20. Right. It's not unlimited. This is why a lot of projects have decided to start moving to GitHub actions, which is also not unlimited. So the more that's provided, the more is needed. I don't think we'll ever keep up with the pace. - Greg says that often. When I talk to him about donations and things like that coming from different companies, he just says "more" and "more" and "more", so he's not exaggerating, right? No, no, he's not exaggerating. - ... If we offer, they'll take it? Yeah. There's ways in which projects can use CI in the same way they can use other things. And they will use everything that's given to them. - … Insatiable need. Yeah. Not understanding that there's 300 other Projects that could be using those same services. But there's a few beginning to realize, and there's talks on certain mailing lists that how can we make this more efficient, how can we projects help each other in managing the best usage of these services that we've got. Because they don't want to have it all. They've just been creating whatever they feel is needed for their project. Then sometime later they realize, "Oh, I'm using 80% of what everyone's been given." - … So it's not malicious, just a lack of awareness. When you guys get a new service do you go, "Hi PMCs, we have this thing, there's 20 units available, use with your discretion," or does someone say, "Hey, Infra has this now. We're going to run and take it all," without realizing they're taking it all. How do you introduce new services to the projects? I'm curious because I never see that side of the activity. Sometimes it's via the mailing list, users@infra. Projects can come to us and ask questions on that mailing list if it's not appropriate for a Jira ticket. People join that mailing list because they're interested in what Infra is up to. So we use that mailing list as a heads up for whatever it could be: "Jira is getting upgraded this weekend, or there's going to be some downtime on this", or it could be things like "okay we've now enabled GitHub actions across the board" or whatever. There were some new features added to one of our self serve things is asf.yaml, which I know you've spoken to Daniel Gruno about. - … You guys actually published a blog post on that. I saw that on Twitter and just added it to today's weekly news roundup. Right. - … I was really surprised to see that. It was exciting. Is that new for you to be announcing publicly like that, sharing outside of the ASF's mailing lists? It is and it isn't. We used to do it all the time years ago. Then as we've become bigger, it's paid staff not volunteers, we're busy all the time. Blog posts got put out of the picture I guess for a while. So this really new cool feature that was provided, the code was provided by a volunteer via a GitHub pull request. And we looked at it, Daniel made some comments, the changes came backwards and forwards until it was ready to be committed the other day. And it's fantastic new features that projec
Inside Infra: Gavin McDonald --Part I
[this interview is available online at https://s.apache.org/InsideInfra-Gavin ] The "Inside Infra" series with members of the ASF Infrastructure team continues with Gavin McDonald, who shares his experience with Sally Khudairi, ASF VP Marketing & Publicity. - - - "...The Foundation itself has a responsibility to the Projects to ensure that there is solid infrastructure there. So there's got to be a requirement that there's people there all the time to maintain this infrastructure. The Infrastructure team has become more professional over the years. The Projects have become customers, I guess. Volunteers are always welcome; at Infra we still have plenty of areas in which volunteers can help out." - - - - All right, let's get started. What is your name and how is it pronounced? Nice and easy one. Gavin McDonald. Just McDonald as in Big Mac and fries McDonald's. It's M and C, no Mac. - When and how did you get involved with the ASF? That was back around about 2005. I was looking for something different to do than what I was doing. And I came across the Apache Forrest Project. I knew a little bit about XML and websites and stuff like that. So I started contributing to the Apache Forrest Project. And some months later they made me a Committer. - So you first got involved with the Forrest project, then at some point you became part of infra. How did that evolution happen? That's me looking around for more things to do. I've always been involved in and interested in system administration work. My first real communications with the Infra team was whilst working on a Forrest Solaris Zone and needed some help with it. Shortly after that I started volunteering there. First of all, I saw a huge number of tickets regarding mirrors, you know for our software downloads. I'd say it was probably around 150 tickets outstanding for mirrors wanting to join. - ... What?! Yeah. - ... One Hundred and Fifty... Something like that; some of them had been outstanding for quite a while. At the time there was only one person being paid. There were volunteers obviously looking after the machines and stuff like that. Mirrors were sort of lagging behind as they were less important. So that was my in. I started off with getting karma to add all the mirrors. There was a certain standard that mirrors have to have, certain configurations. So I was going backwards and forwards with the mirror providers and making sure they were up to scratch, then adding them into our configuration. >From then, I introduced BuildBot to Infrastructure. And I think maybe a year >after that, this is now talking 2009, a position opened. I think more or less >the rest of the Infrastructure volunteers said, "Gavin is doing the job >anyway. Let's give it to him." That was my interview. Around October, November 2009 I became paid staff. - Are you the longest serving member of the current Infra team? Yes. Last year at ApacheCon I got presented with a 10 year t-shirt. Next time there's a physical conference I'll be bringing it along. - 10 years thumbs up: that's good! Explain the structure of the Infra team and your role in it. There are six of us, plus Greg (Stein), our Infra Admin, and David (Nalley), VP Infra. One of them is a documentation guy, that's Andrew (Wetmore). The rest of us all various system administration devops work. We look through tickets, what's needed to be done, and obviously we're looking to improve our infrastructure uptime and software and updates. So we all do what's needed, basically. Everyone has various roles. - What's your role? Well it's a bit of everything, I think. I have been concentrating quite a lot on the CI/CD side of things. That was written into my original contract, which is now not part of the contract. Basically that means the whole entire time I've been here, I've been involved in BuildBot and Jenkins and other CI/CD stuff, and I've been doing a lot of that lately as well. Migrating Jenkins over to new Cloudbees software, and on a whole load of VMs, mainly in AWS. - You mention that CI/CD is a key part of your role. Is that what you're specifically responsible for within Infra? Are you "the CI guy"? Are there other things you do? Everyone says to me, "Hey we do everything." That sounds amazing, but how is that possible? Do you do everything else in addition to the CI work? Yeah pretty much. Yeah. Everyone can do pretty much everything that we touch on. Some just choose to do certain things that they're more capable of or more used to working with or they like it better. Nobody is told, "You're working on this." - That's interesting. Fill that part in: if there's six things that need to get done, but five of you are actually hands-on sysadmins, so you guys do what you like to do or what you prefer to do? No one says, "Okay you go handle that mail serve
The Apache Software Foundation Celebrates 20 Years of OpenOffice®
[this announcement is available online at https://s.apache.org/86lex ] Leading Open Source office application and personal productivity suite under development as a community-led Apache® Project for the past 8 years Wakefield, MA —14 October 2020— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today the twenty-year anniversary of OpenOffice®, the last eight of which as an Apache® Top-Level Project. "It’s inspiring to see so many dedicated people from around the world volunteer their time to mentor, contribute code, test issues, moderate mailing lists, help on forums, translations, marketing and more to keep making this great product better and available for millions of users," said Carl Marcum, Vice President of Apache OpenOffice. "OpenOffice is more than just software. It’s a great community that I’m glad to be a part of." With more than 300 million downloads, Apache OpenOffice is used by countless individuals, organizations, and institutions around the world who are seeking a reliable, robust, and freely-available Open Source office document productivity suite. Apache OpenOffice features the following applications for Windows, macOS and Linux: - "Writer" word processor; - "Calc" spreadsheet tool; - "Impress" presentation editor; - "Draw" vector graphics editor; - "Math" mathematical formula editor; and - "Base" database management program. Apache OpenOffice supports more than 120 languages, 41 of which are officially maintained and released by the Project. Apache OpenOffice is the productivity suite of choice for governments seeking to meet mandates for using ISO/IEC standard Open Document Format (ODF) files. Originally created as "StarOffice" in 1985 by StarDivision, who was acquired by Sun Microsystems in 1999. The project was open-sourced under the name "OpenOffice.org", and continued development after Oracle Corporation acquired Sun Microsystems in 2010. OpenOffice entered the Apache Incubator in 2011 and graduated as an Apache Top-level Project in October 2012. "At Apache OpenOffice we are very excited about 20 years of OpenOffice," said Marcus Lange, ASF Member and Apache OpenOffice Committer since the project first arrived at the ASF. "Countless users, developers and friends have made it possible that we can today celebrate this incredible anniversary. Their commitment makes me believe that we will see many more years of this great Open Source productivity suite." "The need and, in fact, the demand, for a permissively licensed Open Source office suite, available to the masses and not just the privileged few fortunate enough to have the latest hardware and software, has never been greater within the last two decades," said Jim Jagielski, ASF co-Founder and Apache OpenOffice incubating mentor. "Apache OpenOffice exists to provide essential functionality, with as few licensing restrictions as possible, to the world at large. It is truly a noble mission, and I am honored to be a small part of it." "As a long-term user, I joined the project in 2016 to give something back," said Matthias Seidel, Committer and member of the Apache OpenOffice Project Management Committee. "After a steep learning curve, I am proud to be part of the community that provides this great software for the public good and benefits millions worldwide." Apache OpenOffice is available as a free download to all users at 100% no cost, charge, or fees of any kind. OpenOffice source code is readily available for anyone who wishes to enhance the applications. The Project welcomes contributions back to the project, its code, and its community. Those interested in participating with Apache OpenOffice can find out more at https://openoffice.apache.org/get-involved.html . Availability and Oversight As with all Apache projects, OpenOffice software is released under the Apache License v2.0 and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. For project data, documentation, and more information on Apache OpenOffice, visit https://openoffice.apache.org/ and https://twitter.com/ApacheOO . 12 releases have been made under the auspices of the ASF. The project strongly recommends that users download OpenOffice only from the official site https://www.openoffice.org/download/ to ensure that they receive the original software in the correct and most recent version. About The Apache Software Foundation (ASF) Established in 1999, The Apache Software Foundation (ASF) is the world’s largest Open Source foundation, stewarding 227M+ lines of code and providing more than $20B+ worth of software to the public at 100% no cost. The ASF’s all-volunteer community grew from 21 original founders overseeing the Apache HTTP
The Apache Software Foundation Operations Summary: 1 May - 31 July 2020
he.org/FY2019AnnualReport The Foundation is in excellent fiscal shape with all tax and compliance forms filed on time. Latest public filings can be found at http://www.apache.org/foundation/records/ . I have advised that officers minimize expenses until there is more certainty in global economic outlooks. Officers have done so by delaying new investments. This combined with a reduction in travel costs from conferences has made it possible for us to significantly reduce costs without reducing our service level to our projects. In the last quarter we also completed our transition to accounts payable approvals via bill.com. This has vastly improved the accuracy and auditability of our vendor payments and reduced the level of expertise required of the volunteers and staff who manage vendor payments. The majority of our cash remains in a CDARS account at Boston Private which provides FDIC insurance for the full amount. [See income and expenses summary at https://s.apache.org/2mefr ] > Fundraising http://apache.org/foundation/contributing.html Although we find ourselves in unprecedented times, we are happy to report that Fundraising for the foundation continues operating well. We have seen only a few changes in sponsorships with a Platinum sponsor renewing at the Gold level, a Gold sponsor renewing to the Platinum level, a Silver sponsor renewing at the Gold level, and two Silver sponsors unable to renew. Despite the trying times of this pandemic, we are again humbled and honored by our Sponsors' continued support! This quarter we finished a long-running effort to normalize all sponsorship links on our Thanks page with the rel="sponsored" tag. This is in support of popular webmaster best-practices announced last year which we broadcast as our go-forward model in November of last year. Fundraising support for ApacheCon @Home launched this quarter with excellent interest. At the close of the quarter, we were pleased to not only see several returning sponsors, but several new sponsors for the ApacheCon events. In addition to the generous support of our corporate sponsors, we were honored to have received more than $4,000 USD through individual giving to the foundation. Part of this was driven by participation in the #GivingTuesdayNOW COVID-focused giving campaign. We were also awarded a distribution from the UPLIFT! initiative led by FOSS Responders. As always, we are immensely thankful to our sponsors, who make it possible for our communities to build world-changing software PLATINUM: Amazon Web Services, Comcast, Facebook, Google, LeaseWeb, Pineapple Fund, Verizon Media, Tencent GOLD: Anonymous, ARM, Bloomberg, Cloudera, Handshake, Huawei, IBM, Indeed, Union Investment, Workday SILVER: Aetna, Alibaba Cloud Computing, Baidu, Budget Direct, Capital One, Cerner, Inspur, Red Hat, Target BRONZE: Airport Rentals, The Blog Starter, Bookmakers, Cash Store, Bestecasinobonussen.nl, CarGurus, Casino2k, Cloudsoft, The Economic Secretariat, Emerio, Footprints Recruiting, Gundry MD, HostChecka.com, Host Advice, HostingAdvice.com, Journal Review, LeoVegas Indian Online Casino, Mutuo Kredit AG, Online Holland Casino, ProPrivacy, PureVPN, RX-M, SCAMS.info, Site Builder Report, Start a Blog by Ryan Robinson, Talend, The Best VPN, Top10VPN, Twitter, Web Hosting Secret Revealed, Xplenty TARGETED PLATINUM: CloudBees, DLA Piper, JetBrains, Microsoft, OSU Open Source Labs, Sonatype, Verizon Media TARGETED GOLD: Atlassian, The CrytpoFund, Datadog, PhoenixNAP, Quenda TARGETED SILVER: Amazon Web Services, HotWax Systems, Rackspace TARGETED BRONZE: Bintray, Education Networks of America, Google, Hopsie, No-IP, PagerDuty, Peregrine Computer Consultants Corporation, Sonic.net, SURFnet, Virtru Going into the second quarter of our fiscal year, we remain energized and cautiously optimistic that we will weather the current storm. To sponsor The Apache Software Foundation, visit http://apache.org/foundation/sponsorship.html . To make a one-time or monthly recurring donation, please visit https://donate.apache.org/ = = = Report prepared by Sally Khudairi, Vice President Marketing & Publicity, with contributions by Rich Bowen, Vice President Conferences; Mark Cox, Vice President Security; Sharan Foga, Vice President Community Development; Christian Grobmeier, Vice President Data Privacy; Myrle Krantz, Treasurer; David Nalley, Vice President Infrastructure; Tom Pappas, Vice President Finance; Daniel Ruggeri, Vice President Fundraising; Greg Stein, ASF Infrastructure Administrator; and Mark Thomas, Vice President Brand Management. For more information, subscribe to the announce@apache.org mailing list and visit http://www.apache.org/, the ASF Blog at http://blogs.apache.org/, the @TheASF on Twitter, and https://www.linkedin.com/company/the-apache-software-foundation. (c) The Apache Software Foundation 2020. # # # NOTE: you are receiving this message because you a
Inside Infra: Daniel Gruno --Part II
[this interview is available online at https://s.apache.org/InsideInfra-Daniel2 ] The "Inside Infra" series with members of the ASF Infrastructure team continues with Part II of the interview with Daniel Gruno, who shares his experience with Sally Khudairi, ASF VP Marketing & Publicity. - - - "...it speaks of how tenaciously the Foundation guards its core values, one of which really is provenance, because it's the Apache seal of approval, means this has been thoroughly vetted. We know where every single piece of code comes from. And we know that it works." - - - - What about "user demand" --what does it take for you collectively to decide, "OK, we'll support Kubernetes," as you mentioned it earlier, or whatever? Are there strategic technologies that you want to work with or plan to support, or is it all coming from the projects themselves? How does that process work? You're creating projects out of some kind of pain point or some kind of vision. So for you, is it a longer-term thing? Do you have an influence on this? What drives the growth of services delivered? It's a mix. It's a mix of, first of all, the Infrastructure team is paid by The Apache Software Foundation and it's paid by The Apache Software Foundation to help the projects. So what we do must first and foremost be something that helps the projects and not something that just helps Infra. I mean, of course, we can make tools and have services that will assist us in our work, but the ultimate goal must be supporting the projects. First and foremost, we listen for projects that come and tell us, "We would really like this or we would really like that." Having said that, we do not always say yes. We have costs to consider. We have maintainability to consider. So as a general rule of thumb we will say, "Okay, project A wants to use service foo. Does anyone else want to use service foo right now?" On occasion, you get, "Nope. No one else wants to use service foo." And then we go back to project A and say, "It doesn't seem like this is feasible for us economically to maintain if it's just you." But you can also have a situation where 10 projects suddenly say, "Yep, we really, really want to use this." Once you have a trend for something, we are usually not proactive, but reactive to these trends. So a project will come and tell us, "We really want you to use this." We will go out and see if anyone else wants to use this, and they will say, "Yes, please." That's when we'll add that feature or service. We also have ideas of our own that are, by and large, a result of either existing services not doing what they're supposed to, or they're being... Let's say you have... For example, there is Google and there are mail archives that we had in the olden days. At some point we wondered, "Why don't we combine it so you can search for emails in the archive?" That's how lists.apache.org came to be. So we have both things that projects come and say, "We really want this," and we also have this crystal ball where we look at problems we're having with existing services, where we look at possible combinations between existing services and other existing services or new services that are emerging in the Web. Or we just have someone say, "Hey, wouldn't it be wonderful if something like this existed?" So it's really a mix of projects asking us and trends emerging and just blue skying, "Wouldn't it be cool if...?" - Have you guys been in the situation where you found yourselves caught where there was this magical trend that everyone wanted, and it just didn't serve the Foundation, it failed? Were you guys in that situation where you had to back pedal? Or is that not part of your experience? I would say the most prominent or obvious feature or service would probably be GitHub where we started in 2010 with mirrors of our local Subversion and Git repositories. They would be mirrored to GitHub. That was actually a bit later, but around that time, they started mirroring stuff to get up, but you couldn't write to GitHub. We were adamantly against it. Because provenance, provenance, provenance: that is that thing that if you know Apache, you know that provenance is one of our key features. We like to be able to say, "Oh this came from that. This came from this. This came from that." We had concerns at Infra that we were not able to have the exact --emphasis on exact-- same provenance as we had on our own servers, and we got a lot of pushback for that. In the end, we figured that maybe we don't need this kind of providence that we had. Because we had very verbose logging going on for our own service that we couldn't get from GitHub because GitHub is a third party provider. They're not going to fork over sensitive data about their customers
The Apache News Round-up: week ending 2 October 2020
[this newsletter is available online at https://s.apache.org/yhiw4 ] Hello, October --we've had a super-busy week, with ApacheCon drawing thousands of online participants as well as a slew of activities from the Apache community: ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Next Board Meeting: 21 October 2020. Board calendar and minutes https://apache.org/foundation/board/calendar.html ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998. - It's a wrap! ApacheCon@Home recordings will be posted in the coming weeks (send email to subscribe-annou...@apachecon.com to receive updates and future conference notifications). Thank you to event sponsors Apple, AWS, DataStax, IBM, Imply, Instaclustr, MuseDev, OpenLogic/Perforce, Red Hat, RX-M, and VMWare. ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at 99.97%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/ Apache Code Snapshot – Over the past week, 306 Apache Committers changed 748,827 lines of code over 2,445 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Andrea Cosentino, Mark Thomas, Duo Zhang, and Claus Ibsen. Apache Project Announcements – the latest updates by category. Big Data -- - Apache HBase 2.3.2 released https://hbase.apache.org/ - Apache Flink Stateful Functions 2.2.0 released https://flink.apache.org/ - Apache NiFi 1.12.1 released http://nifi.apache.org/ - Apache NiFi CVE-2020-9486, CVE-2020-9487, CVE-2020-9491, CVE-2020-13940 https://s.apache.org/hlh3t Build Management -- - Apache Ant 1.10.9 released https://ant.apache.org/ - Apache Ant CVE-2020-11979 insecure temporary file vulnerability https://s.apache.org/rnaf4 Integration -- - Apache Camel 3.4.4 released https://camel.apache.org/ Libraries -- - Apache Commons DBCP 2.8.0 released http://commons.apache.org/dbcp/ - Apache Commons Pool 2.9.0 released https://commons.apache.org/proper/commons-pool/ Messaging -- - Apache Pulsar Manager 0.2.0 released https://pulsar.apache.org/ Programming Languages -- - Apache Groovy 3.0.6 released http://groovy.apache.org/ Servers -- - Apache HttpComponents Client 5.0.2 GA released https://hc.apache.org/ Web Conferencing -- - Apache OpenMeetings CVE-2020-13951 DoS via public web service https://s.apache.org/1ugzb Web Frameworks -- - Apache Struts 2.5.25 released https://struts.apache.org/ Did You Know? - Did you know that dozens of Apache project and community presentations are available at the ASF's official YouTube channel? https://www.youtube.com/c/TheApacheFoundation - Did you know that Apache Druid powers real-time analytics for Airbnb, Alibaba, British Telecom, Cisco, Didi Chuxing, eBay, Hulu, Lyft, Netflix, and many more? http://druid.apache.org/ - Did you know that members of the Apache community will be presenting at All Things Open, taking place online in a few weeks? Registration is open https://2020.allthingsopen.org/ Apache Community Notices - Apache Month In Review: September 2020 https://s.apache.org/Sep2020 - ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport - "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation - The Apache Software Foundation Statement on the COVID-19 Coronavirus Outbreak https://s.apache.org/COVID-19 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership https://s.apache.org/21stAnniversary - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI - Foundation Reports and Statements http://www.apache.org/foundation/reports.html - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache - Inside Infra: the new interview series with members of the ASF infrastructure team --meet Christ Thistlethwaite https://s.apache.org/InsideInfra-Chris | Drew Foulks https://s.apache.org/InsideInfra-Drew | Greg Stein Part I https://s.apache.org/InsideInfra-Greg , Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3 | Daniel Gruno --Part I https://s.apache.org/InsideInfra-Daniel1 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation - Do friend and follow us on
Apache Month in Review: September 2020
[this announcement is available online at https://s.apache.org/Sep2020 ] Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in September: New this month -- - ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998. -- ApacheCon @Home 2020: all 2020 events have been combined and held online (free of charge!) 29 September - 1 October 2020 https://apachecon.com/acah2020 -- The Apache® Software Foundation Welcomes its Global Community Online at ApacheCon@Home https://s.apache.org/74zbx -- ApacheCon 2020 features Natural Language Processing for Electronic Medical Records in dedicated track on Apache cTAKES https://s.apache.org/x1051 - "Inside Infra" – a new interview series with members of the ASF Infrastructure team -- Meet Daniel Gruno --Part I https://s.apache.org/InsideInfra-Daniel1 - Apache Month in Review: August 2020 https://s.apache.org/Aug2020 Important Dates -- - Next Board Meeting: 21 October 2020. Board calendar and minutes http://apache.org/foundation/board/calendar.html - ApacheCon @Home 29 September - 1 October 2020 https://apachecon.com/acah2020 Infrastructure -- Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in September was 100%. http://www.apache.org/uptime/ Committer Activity -- In September, 808 Apache Committers changed 10,547,457 lines of code over 15,444 commits. The Committers with the top 5 highest contributions, in order, were: Andrea Cosentino, Mark Miller, Mark Thomas, Claus Ibsen, and Jean-Baptiste Onofré. Project Releases and Updates -- New releases from Apache Accumulo (Big Data); Beam (Big Data); Commons Codec (Libraries); Commons Daemon (Libraries); Commons IO (Libraries); CouchDB (Big Data); Fineract (FinTech); Flink (Big Data); Geode (Database); HttpComponents Core (Servers); IoTDB (IoT); Jackrabbit (Content); Kudu (Big Data); Kylin (Big Data); Libcloud (Cloud Computing); Lucene (Search); MyFaces (Web Frameworks); NetBeans (Integrated Development Environment); Oak (Content); OpenMeetings (Web Conferencing); OpenJPA (Libraries); OpenWebBeans (Libraries);Proton (Messaging); Ranger (Big Data); Qpid Dispatch (Messaging); Qpid Broker (Messaging); Solr (Search); Syncope (Identity Management); Tomcat (Servers); ZooKeeper (Databases). The Apache Incubator is the primary entry path for projects we invite you to review the many projects currently in development in the Apache Incubator http://incubator.apache.org/ . New releases from incubating podlings include: Apache MXNet (Incubating; Libraries). Congratulations to Apache IoTDB™, which graduated as a Top-Level Project this month https://s.apache.org/3xv3c # # # To see our Weekly News Round-ups, visit https://blogs.apache.org/foundation/ and click on the calendar in the upper-right side (published every Friday) or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. We appreciate your support! = = = NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
The Apache Software Foundation Announces Apache® IoTDB™ as a Top-Level Project
[this announcement is available online at https://s.apache.org/3xv3c ] Open Source Internet of Things-native database integrates with the Apache Big Data ecosystem for high-speed data ingestion, massive data storage, and complex data analysis in the cloud, in the field, and on the edge. Wakefield, MA —23 September 2020— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® IoTDB™ as a Top-Level Project (TLP). Apache IoTDB is an Open Source IoT database designed to meet the rigorous data, storage, and analytics requirements of large-scale Internet of Things (IoT) and Industrial Internet of Things (IIoT) applications. The project was first developed as a research project at Tsinghua University and entered the Apache Incubator in November 2018. "The Internet of Things, especially Industrial IoT, has swept the globe with unimaginable volumes of data,” said Xiangdong Huang, Vice President of Apache IoTDB. "To date, both Relational and Key Value-based database solutions struggle to meet the demands of IoT data management. Apache IoTDB is the missing link between current IoT data and IoT applications, and is redefining how IoT data is managed, both in the cloud and on the edge. We are proud to graduate as an Apache Top-Level Project, which is an important milestone in our project’s maturity." Apache IoTDB provides a compact and time series optimized columnar data file, which is able to efficiently store and access time series data. The database engine is specially optimized for time series-oriented operations, such as aggregations query, down-sampling, and time alignment query. Due to its lightweight structure, high performance, and deep integration with Apache Big Data ecosystem projects (such as Flink, Hadoop, and Spark), Apache IoTDB easily meets the requirements of storing massive data sets, ingesting high-speed data, and analyzing complex data, both on the edge and the cloud. Features include: - High-throughput read and write: supports high-speed write access for millions of low-power and intelligently networked devices, and provides lightning-quick read access for retrieving data on billions of data points. - Efficient directory structure: organizes complex metadata structure from IoT devices and large scale time series data, with fuzzy searching strategy for complex directory of time series data. - Rich query semantics: supports time alignment for time series data across devices and sensors, computation in time series field, and abundant aggregation functions in time dimension. - Flexible deployment: supports running on the edge (e.g., running on a Raspberry Pi), as well as forming a cluster in the cloud. It also provides a bridge tool between cloud platforms and data synchronization on premise machines. - Deep integration with Open Source Big Data projects: supports analysis ecosystems, including Apache Flink, Hadoop, PLC4X and Spark, as well as other Open Source applications. - Low hardware cost: reaches a high compression ratio of disk storage. Apache IoTDB is in use at dozens of organizations that include ArcelorMittal AMERICA, BONC Ltd., the China Meteorological Administration, Datang Xianyi, Goldwind, Haier, Lenovo, NAVINFO, pragmatic industries GMBH, Shanghai Metro, Tsinghua University, Yangtze Optical Fiber and Cable Company, and more. "IoTDB has attained Apache Top Level project status at a time of confluence of database, IoT and AI technologies in conjunction with a wider adoption of Industry 4.0 and automation approaches to further enable remote work and increased efficiencies," said Prof. C. Mohan, recently retired IBM Fellow, Former Chief Scientist of IBM India, and a member of the US National Academy of Engineering. "I am excited since this is the first Chinese University originated open-source project to reach this status. While I have been associated with the researchers behind IoTDB as a Distinguished Visiting Professor of the School of Software at China's prestigious Tsinghua University, I have seen this project reach maturity and build up a vibrant OSS community around it. It has a bright future ahead of it and I plan to collaborate on it." "Apache IoTDB is a perfect fit for edge computing," said Dr. Julian Feinauer, CEO at pragmatic industries GmbH. "The high compression helps to use the (limited) amount of memory we have very efficiently. IoTDB is a perfect fit, especially in IIoT use cases, where network and compute capabilities are limited on the edge." "Apache IoTDB was initially launched by a Chinese University and then incubated successfully in the Apache Community," said Prof. Hong Mei, an academician of the Chinese Academy of Sciences. "Following the Apache Way, it has created a healthy and active international open source community. It is a successful practice of open source education
ApacheCon 2020 features Natural Language Processing for Electronic Medical Records in dedicated track on Apache cTAKES
[this announcement is available online at https://s.apache.org/x1051 ] New track on Apache’s only project focused on biomedical informatics features sessions presented by Apache cTAKES community representatives from the Barcelona Supercomputing Center, Boston Children’s Hospital’s Computational Health Informatics Program (CHIP), Children's Hospital of Philadelphia, Dell EMC, Geisinger Health, Loyola University Chicago, and University of California San Francisco. Wakefield, MA —21 September 2020— ApacheCon, the official conference series of The Apache Software Foundation (ASF), the world’s largest Open Source foundation, announced today its first dedicated track on Apache cTAKES. The track will be held on all three days of the ApacheCon@Home virtual conference, taking place online 29 September - 1 October 2020. Registration is free of charge for all participants and is required in advance to participate. Now in its 22nd year, ApacheCon is the primary gathering of the collective Apache community worldwide, drawing attendees from more than 130 countries. ApacheCon showcases the latest breakthroughs from dozens of Apache projects, upcoming innovations in the Apache Incubator, and sessions on developing community-led Open Source projects "The Apache Way". Apache cTAKES (clinical Text Analysis Knowledge Extraction System) is the Open Source natural language processing (NLP) system for information extraction from electronic medical records (EMR) and health-related free-text. cTAKES originated in 2006 by a team of physicians, computer scientists, and software engineers at Mayo Clinic, was submitted to the Apache Incubator in June 2012, led by the Computational Health Informatics Program (CHIP) at Boston Children’s Hospital, and graduated as an Apache Top-Level Project in April 2013. cTAKES is the only Apache project focused on biomedical informatics software, and, during the ASF’s 20th Anniversary celebrations in 2019, was named one of the 20 most influential Apache projects. cTAKES was built using the Apache UIMA (Unstructured Information Management Architecture) framework and Apache OpenNLP machine-learning based toolkit. cTAKES identifies signals important for the biomedical domain, including types of clinical named entities mapped to various biomedical terminologies/ontologies such as the Unified Medical Language System (UMLS) —drugs, diseases/disorders, signs/symptoms, anatomical sites and procedures along with their associated attributes such as negation, uncertainty, and more. Apache cTAKES components create rich linguistic and semantic annotations that can be utilized by clinical decision support systems and clinical research. The cTAKES track is organized and presented by members of the Apache cTAKES project and its community. The track introduces new users to its standard features for biomedical text processing software, including the ability to extract concepts such as symptoms, procedures, diagnoses, medications and anatomy with attributes and standard codes. Several advanced presentations will exemplify its modular engineering and its leading-edge machine learning methods. Components implementing these research-driven methods can, for instance, identify complex relations between entities (e.g. anatomical site of a disease) and relations between temporal elements – resulting in the placement of events in a patient timeline. Session presenters include: - Peter Abramowitsch, University of California San Francisco - Siamak Barzegar, Barcelona Supercomputing Center, Spain - Dmitriy Dligach, Loyola University Chicago - Sean Finan, Computational Health Informatics Program (CHIP) at Boston Children's Hospital - Chen Lin, Computational Health Informatics Program (CHIP) at Boston Children’s Hospital - Jeff Miller, Children's Hospital of Philadelphia - Debdipto Misra, Geisinger Health - Gandhirajan N, Dell EMC Apache cTAKES can impact patient health at many levels, and presentations at ApacheCon range from “Automated Adverse Drug Event Surveillance in Pediatric Pulmonary Hypertension” to “Extraction of Information on Diagnosis of Stroke” in Spanish to “High Throughput Orchestration” on notes involving COVID-19, amongst others. Track details can are available at https://www.apachecon.com/acah2020/tracks/ctakes.html In addition to cTAKES, ApacheCon@Home features an array of presentations on Apache projects across categories that include Big Data, Community, Content Delivery, Databases, Fintech, Geospatial, Innovation/Incubator, Integration, IoT, Machine Learning, Search, Servers, Software Development, Streaming, and more. A special track in the Mandarin language, as well as select sessions in German, Hindi, and Spanish will be held as well. ApacheCon keynotes will be delivered by high profile speakers from organizations such as DataStax, IBM, Imply, Instaclustr, NASA Jet Propulsion Laboratory, Oak Ridge National Labs, Red Hat, Tetrate, Two
Inside Infra: Daniel Gruno --Part I
[this post is available online at https://s.apache.org/InsideInfra-Daniel1 ] The fourth interview in the "Inside Infra" series with members of the ASF Infrastructure team. Meet Daniel Gruno, who shares his experience with Sally Khudairi, ASF VP Marketing & Publicity. - - - "...companies are not the same as ASF. They don't have 300 different departments that all have their own little tools that they want working in their specific way. And they want this to connect to that, and that's connected to some other thing. We are not afraid to create custom solutions, we're not afraid to get our hands dirty and we're not afraid to make mistakes." - - - - What is your name and how is it pronounced? I have my official name and I have my user name and people usually ask about both of them. My name is "Dan-yell Gkhroo-no" or I will accept "Dan-yell Groo-no" which is as you read it in English. It's actually a Dutch name. So you would pronounce it "Hrooy-no" in Dutch, which I'm not even going to try to phoneticize that because, that's, well, Dutch. And my username is "Humbedooh" which is an onomatopoeia that I randomly made up in 2004 for a game called World of Warcraft, where you need a username for this character that you create. And I think I had just listened to "New York, New York", where Frank Sinatra sings "scooby doo bee doo", and I was like, "hum-be-doo-de-doo" and the name just came to me and it stuck ever since. And so for the past 15 years or 16 years, I've been primarily "Hum-beh-doo" online. - By the way, Frank Sinatra sings "zoo-bee-doo-bee-doo", not "scooby-doo-bee-doo" in "Strangers in the Night", but I like your version better. Okay. Well today I learned that. - When and how did you get involved with the ASF? That goes back to 2010, 2011? Again, this beautifully tied us into World of Warcraft because in that game you can make modules, add ons for the game that will do nifty things, like add ons for a Web browser. And this is written in a programming language called Lua, L-U-A, which is Portuguese for "moon". And so I started writing some programs for this game and I had great fun with it, and programing is not my official trade. I was educated in, or studied, human resource management at university actually. But it was my hobby and I had great fun doing it. And this Lua thing just got stuck in me. And then five years later or so I started writing a program for the Apache Web server called mod_pLua, the best way to describe it as if PHP and Lua had a baby. So it would be the same for people that know PHP. It would be the same structure with the less than equal sign and a question mark, and then the same thing to end it on the other end, but with the Lua language instead of the PHP language. So I wrote this program or interpreter for the Apache Web server. And I didn't really think much of it. Obviously it was mostly for my own edification if you will, and for my own use. But I had put this on a site called SourceForge, which at that time had a community manager named Rich Bowen (also Apache HTTP Server PMC Member) who took a liking to this program or this module for the Web server because the Apache Web server community, which he was a part of at that point, have been doing something similar called mod_lua or at that time mod_wombat. And that had stalled. People have interests and then the interests wane and people would move on to new jobs and the person in charge of this mod _lua had found other interests in life. And so this module was just sitting there and not really being worked on. And Rich said, "Why don't you come take a look at this program and maybe this is a place where we can collaborate." And he also got (ASF co-founder and Apache HTTP Server PMC Member) Jim Jagielski very interested in the work I was doing. And so I slowly started on my path to becoming an ASF Committer initially by fixing what's called 404s, which is basically a reference in a Webpage to a link or another page that doesn't exist. Either it never existed or it doesn't exist anymore. So I started fixing a bunch of those just to get on their good side and hopefully they would take me seriously. And I didn't have high hopes, but I think I was probably the fastest person to get committership at the Apache Web Server Project...perhaps the fastest in the 10 years preceding when I got it probably within a week. They had a vote going and I was voted in and… - Within a week? Within a week. - Unheard of. I was pretty much on the path to becoming a Committer. I couldn't believe it. Part of me wanted to believe it, because it was a very big validation for me. Because I had been using the Apache Web Server since 1998 and it always been a project that I looked up to and it had been this mythical "Father of
The Apache News Round-up: week ending 14 August 2020
[this newsletter is available online at https://s.apache.org/le00k ] Hooray for Friday! The Apache community has been busy over the past week; let's review what happened: ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Next Board Meeting: 19 August 2020. Board calendar and minutes https://apache.org/foundation/board/calendar.html ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998. - Registration is open (and free) for ApacheCon@Home 29 September - 1 October https://www.apachecon.com/acna2020/ - Sponsorships available for ApacheCon@Home https://www.apachecon.com/acna2020/sponsors.html ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at 99.76%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/ Apache Code Snapshot – Over the past week, 151 Apache Committers changed 4,892,020 lines of code over 678 commits. Top 5 contributors, in order, are: Sebastian Bazley, Gary Gregory, Nick Vatamaniuc, Liang Zhang, and Kaxil Naik. Apache Project Announcements – the latest updates by category. Big Data -- - Apache Kafka 2.5.1 and 2.6.0 released https://kafka.apache.org/ - Apache ShardingSphere ElasticJob-3.0.0-alpha released https://shardingsphere.apache.org/elasticjob/ - Apache Parquet 1.11.1 released https://parquet.apache.org/ Libraries -- - Apache Commons Imaging 1.0-alpha2 released https://commons.apache.org/imaging/ - Apache Commons NET 3.7 released https://commons.apache.org/net/ - Apache Commons Validator 1.7 released https://commons.apache.org/validator/ Servers -- - Apache HTTP Server 2.4.46 released https://httpd.apache.org/ Web Frameworks -- - Apache Struts CVE-2019-0230 (Possible RCE) and CVE-2019-0233 (DoS) security issues https://lists.apache.org/thread.html/r42ff5f78b46f751c48eee1fe4201a49ab48524f33ac8f8975f2029b8%40%3Cannounce.apache.org%3E Did You Know? - Did you know that tracks for ApacheCon@Home include Big Data, Community, Content Delivery, Fintech, Integration, IoT, Machine Learning, Messaging, Mobile, Natural Language Programming, Observability, Programming Languages, Search, Servers, Streaming, and Usability, as well as emerging innovations from the Apache Incubator? Learn more, including featured projects, at https://www.apachecon.com/acah2020/tracks/ - Did you know that mobile transportation platform Didi Chuxing uses Apache Kylin to return exact distinct count on billions of rows of data with sub-second latency to generate the most accurate picture of its business? http://kylin.apache.org/ - Did you know that the "Trillions and Trillions Served" documentary on The Apache Software Foundation comprised 65 hours of filming over 8 terrabytes of footage? https://s.apache.org/Trillions-Feature Apache Community Notices - Apache Month In Review: July 2020 https://s.apache.org/July2020 - ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport - "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation - The Apache Software Foundation Statement on the COVID-19 Coronavirus Outbreak https://s.apache.org/COVID-19 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership https://s.apache.org/21stAnniversary - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI - Foundation Reports and Statements http://www.apache.org/foundation/reports.html - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache - Inside Infra: the new interview series with members of the ASF infrastructure team --meet Christ Thistlethwaite https://s.apache.org/InsideInfra-Chris | Drew Foulks https://s.apache.org/InsideInfra-Drew | Greg Stein Part I https://s.apache.org/InsideInfra-Greg , Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3 - Did you know that Beam Summit 2020 will be held 24-28 August online and free of charge? https://beamsummit.org/ - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity - Are
Success at Apache: I Became an Apache Solr Committer in 4,662 Days. Here’s how you can do it faster!
[this post (with links) is available online at https://s.apache.org/hney3 ] by Eric Pugh On April 6th, 2020 I was invited to become a committer on the Apache Solr project. My journey to becoming a committer started in earnest 4662 days before that! On July 2nd, 2007, I opened SOLR-284, a ticket for adding content extraction to Solr. A committer on an open source project under the Apache Foundation umbrella is someone who is trusted to contribute code to the project and to help manage and drive its ongoing development. It’s an honour to have been asked and I was very proud to accept the invitation! So, you did the math, and you realized that it took me 153 months, or 13 years (rounding up), to become a committer, and you’re wondering “What if I don’t want to wait that long?” So here’s my quick cheat sheet on ways to become a committer on an open source project, illustrated by my own journey: 1. Start by learning the culture of the project. How are decisions made? What tools do people use? What do the various acronyms mean? Join the mailing lists and read every commit. 2. Start small and work your way in. Some great ways to do this are to: - Take existing patches and test them. Update them to the latest code base. Document what you’ve learned. - Take advantage of being new to a project to bring fresh eyes to the documentation. Every time you find yourself scratching your head on how something works, contribute a fix to the docs. It’s a powerful way to immediately contribute. This is the fastest way to get involved and involves the least cognitive load! See SOLR-2232 or this email thread. - Answer questions on the mailing list! Being able to articulate reasonable responses to questions demonstrates how much you have learned. - Bug fix, bug fix, bug fix! Pick bugs that have an obvious answer so that the “correct” solution is easy to figure out. If the right approach to solving it is very ambiguous, you probably won’t get much traction. Remember to remind committers to apply your fixes when they have the time! See SOLR-13965 and SOLR-11480 and SOLR-2611 and SOLR-2263. 3. Ready to start slinging some code? Don’t go and refactor the core foundations of the project (at least not yet). Instead, be like a pilot fish and latch onto one of the core committers who is being very active in the project. Embrace their vision, and start picking up tasks related to whatever major chunk of work they are doing. Write some unit tests. See about opportunities for refactoring. Do some manual testing over multiple platforms. Once they see that you’re contributing (and accelerating what they are pushing), then work to get some of your own tickets assigned to you under that vision. I’ve seen this lead directly to committership many times, and if I had followed this route, I might have joined sooner! Here’s to the next 4,662 days of being active in the Apache Solr project! Eric Pugh is a member of the ASF and a committer Apache Solr. He co-authored the book Apache Solr Enterprise Search Server. Eric is co-founder and CEO of OpenSource Connections, where he helps OSC clients, especially those in the ecommerce space, build their own search teams by leading projects and by acting as a trusted advisor. He also stewards Quepid, a platform for assessing and improving your search relevance. [this post first appeared at https://opensourceconnections.com/blog/2020/07/10/i-became-a-solr-committer-in-4662-days-heres-how-you-can-do-it-faster/ ] = = = "Success at Apache" is a monthly blog series that focuses on the processes behind why the ASF "just works" https://blogs.apache.org/foundation/category/SuccessAtApache = = = NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
The Apache® Software Foundation Announces Annual Report for 2020 Fiscal Year
[this announcement is available online at https://s.apache.org/FY2020AnnualReport-PR ] World's largest Open Source foundation provides 227M+ lines of code, valued at more than $20B, to the public-at-large at 100% no cost. Wakefield, MA —29 July 2020— The Apache® Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today the availability of the annual report for its 2020 fiscal year (1 May 2019 - 30 April 2020). Now in its 21st year, the world's largest Open Source foundation’s "Apache Way" of community-driven development is the proven process behind thousands of developers successfully collaborating on hundreds of Apache projects. The Apache Way has directly influenced the InnerSource methodology of applying Open Source and open development principles to an organization. The Apache Way has been adopted by countless organizations, including Capital One, Comcast, Ericsson, HP, IBM, Google, Microsoft, PayPal, SAP, T-Mobile, Walmart, and countless others. Valued at more than $20B —and provided to the public-at-large at 100% no cost— Apache software is used in every Internet-connected country on the planet. Apache software comprises 227M+ lines of code, is integral to nearly every end user computing device, manages exabytes of data, executes teraflops of operations, and stores billions of objects in virtually every industry. Countless mission-critical projects in Artificial Intelligence, Big Data, build management, Cloud Computing, content management, DevOps, Deep Learning, IoT and Edge computing, mobile, servers, Web frameworks, and many other categories are powered by Apache. [Learn more about the ASF’s reach and influence at https://s.apache.org/ApacheEverywhere ] Every Apache Top-Level Project (and its sub-projects, if applicable) is overseen by a Project Management Committee (PMC) that guides its day-to-day operations, including community development and product releases. At the close of FY2020, 201 PMCs managed 339 Top-Level Projects and dozens of sub-projects; 9 projects were newly-graduated Top-Level Projects from the Apache Incubator, and 8 projects retired to the Apache Attic. Apache Incubator PMCs mentored 45 projects under development in the Apache Incubator; 6 projects were new entrants to the Incubator, and 3 were retired. FY2020 highlights include: - ~8M lines of Apache code added, valued at approximately $600M worth of work; total code value exceeding $20B (CoCoMo model) - Stewardship of 227M+ lines of code in the Apache repositories; - Foundation operations supported by contributions from 10 Platinum Sponsors, 9 Gold Sponsors, 11 Silver Sponsors, 25 Bronze Sponsors, 6 Platinum Targeted Sponsors, 5 Gold Targeted Sponsors, 3 Silver Targeted Sponsors, 10 Bronze Targeted Sponsors, and more than 500 individual donors; - 34 new individual ASF Members elected, totalling 813; - Exceeded 7,700 code Committers; - 206 Top-Level communities overseeing 339+ Apache projects, plus dozens of sub-projects and initiatives; - 9 newly-graduated Top-Level Projects from the Apache Incubator; - 45 projects currently undergoing development in the Apache Incubator; - Web requests received from every Internet-connected country on the planet; - 35M+ page views per week across apache.org; - ~2 Petabytes source code downloads from Apache mirrors; - Top 5 most active/visited Apache projects: Kafka, Hadoop, Lucene, POI, ZooKeeper; - Top 5 Apache repositories by number of commits: Camel, Flink, Beam, HBase, Lucene Solr; - Top 5 Apache repositories by lines of code: NetBeans, OpenOffice, Flex (combined), Mynewt (combined), Trafodion; - 2,892 Committers changed 60,132,710 lines of code over 174,889 commits; - 12,413 people created 63,172 new issues; 2,868 people closed 54,633 issues - 19,396 authors sent 2,137,560 emails on 907,870 topics across 1,417 mailing lists; - Top 5 most active mailing lists (user@ + dev@): Flink, Tomcat, Royale, Beam, Lucene Solr; - Top Senders: (Apache Projects + Committers): GitBox, AsterixDB, Whimsy, Andrea Cosentino, Mark Thomas - 2,045 git repositories, containing ~250GB of code and repository history; - GitHub traffic: Top 5 most active Apache sources --clones: Thrift, Beam, Cordova, Arrow, Geode; - GitHub traffic: Top 5 most active Apache sources --visits: Spark, Flink, Camel, Kafka, Beam; - 25th anniversary of the Apache HTTP Server (21 years under the ASF umbrella); - 748 Individual Contributor License Agreements (ICLAs) signed; - 33 Corporate Contributor License Agreements signed; - 40 Software Grant Agreements signed; and - ASF was a mentoring organization in Google Summer of Code for the 15th consecutive year. The full report is available online at https://s.apache.org/FY2020AnnualReport About The Apache Software Foundation (ASF) Established in 1999, The Apache Software Foundation (ASF) is the world’s largest Open
Inside Infra: Greg Stein --Part III
[this interview is available online at https://s.apache.org/InsideInfra-Greg3 ] The close of the "Inside Infra" interview with ASF Infrastructure Administrator Greg Stein, who shares his experience with Sally Khudairi, ASF VP Marketing & Publicity. ["Apache is growing: we're just seeing the demand explode and it's a hard problem for us to solve."] PART THREE. - We were talking about ensuring that the team is up to speed with everything required of them... So there certainly are skill gaps; this is one of the things I want to help motivate the team with, where if somebody says, "Hey, I want to go and investigate Ansible as a potential Puppet replacement," I say, "Go forward." This would be similar to Google having their 20% projects. I'm sure you've heard of that. - Oh, yeah. It's almost the same where it's not 20%, maybe 5%, but it's the same as Google, no matter what they want to tell you, because everybody's got their job and you have to be really rigorous to carve out 20% of your time. And strictly speaking, it does actually make your Google manager a little upset if you carve out the entire 20%. But anyways, the concept is similar. So for us it's like, "Well, go in and investigate Ansible, see if it'll work for us and put your notes into the Wiki." That's how we make forward progress, up our game, and learn new skills. If someone says, "I want to go and figure this out," the response is almost always, "Okay. You go do it." There's certainly an allowance for people to learn new skills. But most of the time we simply rely on, say, Gavin (ASF Infrastructure team member Gavin McDonald), knowing more about JIRA configuration than the other guys. - That added component of sharing what you know, and adding it to the JIRA or to the Wiki actually is great because then everyone's learning. This is like the rising tide: everybody's learning about this, whether they're doing it perfectly or not. I think this is a very interesting process. Yes, and that's also where Andrew (technical writer Andrew Wetmore) is helping us out. He’s organizing that information that we have learned, that we have documented, that we memorialized into the Wiki. - Because our (ASF's) legacy is quite Medusa-like over all these years, it's interesting to see how everyone can get caught up and also contribute...you have to go back and deal with the legacy, but you also have to be able to move forward. To be able to bring others with you is brilliant. That's really cool. The infrastructure has grown organically over 25 years from when Brian Behlendorf first said, "Hey, I have this server called hyperreal.org: you can run a CVS repository on it for the Web server." - That computer was under his desk at the Wired offices way back when, wasn’t it... Yes it was. And it's just grown organically over those 25 years. Then we had Minotaur and it did six different things ... now it only does half of one and we've moved the stuff out onto newer machines and newer processes and this and that. But the organic growth means that we've got some really hairy stuff. Our move to Puppet --first Puppet 3, and now to Puppet 6-- at each step we're improving it and making it less hairy and more manageable and something that somebody can come along, look at, pick up and run with it from there. That makes it a lot easier, so that we don't have to spend 100% of our time cross training. - What are your thoughts on products, the hype cycle, where everyone's demanding Kubernetes, to use that as an example. Do you decide which products to provide support for, or is that up to Apache projects in the communities? You mentioned Ansible, just not too long ago, that was your internal decision to move. But I remember not long ago, GitHub entered into the landscape. How did that happen? How did you decide to make a move like that? That's a significant thing. Can you tell me a little bit about that? It's a lot based on community input. So if we see a lot of people asking for a particular tool, we'll like, "Oh, hey, David, can you go and take a look at that and see if that's something…” Not David (ASF VP Infrastructure David Nalley), but Chris (Infrastructure team member Chris Lambertus) or somebody else. "Can you go take a look. Is that something that we can support? Because we're getting some queries about it." And there's a little chicken and egg problem there that if the communities don't know to ask for the egg, we don't know whether to prep the chicken. It's like, “okay, wait, they don't even know to ask for a tool because we haven't said we will make this tool available, because we're not going to make the tool available until somebody asks”. But sometimes people file tickets like, "Can I get this set up?" and we'll go, "No." Then six months later, somebody else will file a ticket
The Apache Software Foundation Announces Apache® APISIX™ as a Top-Level Project
[this announcement is available online at https://s.apache.org/29wd9 ] Open Source, Cloud-native microservices API gateway handles interface traffic for Websites, mobile and IoT applications in Cloud Computing, FinTech, Insurance, Marketplaces, Real Estate, Security, Speech Recognition, and Travel, among other industries. Wakefield, MA —15 July 2020— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® APISIX™ as a Top-Level Project (TLP). Apache APISIX is a Cloud-native API gateway used to handle interface traffic for Websites, mobile and IoT applications. The project was first developed at ZhiLiu Technology, was open-sourced in June 2019, and entered the Apache Incubator in October 2019. "Thanks to the help of our mentors, contributors and the Apache Incubator, Apache APISIX has now graduated as a Top-Level Project," said Ming Wen, Vice President of Apache APISIX. "After entering the Apache incubator, APISIX evolved from being an Open Source project led by a commercial company to a community-led project guided by the Apache Way." Apache APISIX consists of the following three parts: - Data Plane, to dynamically control the request traffic, and implement traffic processing and distribution; - Control Plane, to store and synchronize gateway data configuration; and - AI Plane(TODO), to orchestrate plugins, as well as real-time analysis and processing of request traffic. With more than 30 functions, Apache APISIX includes traffic control, analytics, observability, monitoring, and logging plugins. Features include: - Dynamic routing and plug-in hot loading --particularly suitable for API management under micro-service systems; - Built-in high availability, multiple security plugins --puts stability and security at the forefront with identity authentication and interface verification; - Simple, powerful development interface --easy-to-use, built-in dashboard and a powerful and flexible interface for faster development; - Designed and implemented to meet the highest performance requirements --including routing, IP matcher, JSON schema, built-in plugins, and more; and - Multi-protocol and multi-platform support --HTTP(s), TCP, UDP, HTTP to gRPC transcoding, Websocket, gRPC, Apache Dubbo, and MQTT proxy, as well as ARM64 and others. Apache APISIX is in use at dozens of organizations that include Airwallex, AISpeech, api7.ai, ke.com, Qihoo 360, taikang Cloud, Tencent Cloud, TravelSky, and more. "Congratulations to Apache APISIX!" said Ryan Cao, Principal Architect at Airwallex. "As a global fintech that is transforming the way businesses move and manage money for collections, FX and digital payments, and our financial infrastructure provides a modern tech stack for businesses of all sizes to operate internationally. We have implemented our API gateway based on APISIX, and smoothly evolved our system to a multi-cloud distributed, microservices architecture, with thanks to APISIX's highly optimised, scalable and extensible platform and support from its developer community!" "Our cloud AI technology is open to the world through its API gateway," said Shun Zhang, Senior R Director at AISpeech. "We developed Kubernetes Ingress controllers based on Apache APISIX to replace the Kubernetes native Ingress to handle all north-south container clusters and part of east-west traffic. APISIX's high-performance routing, flexible plugin mechanism, API management and design concepts are just the needs of Cloud-Native architecture. I wish APISIX continued success as the best and most easy-to-use API gateway with the support of the Apache Software Foundation." "I am very happy to see Apache APISIX flourish," said Hui Wang, Senior Engineer at ke.com. "The fast and stable adoption of Apache APISIX within ke.com confirms that APISIX is an excellent project. Congratulations to Apache APISIX and the community for successfully graduating from the Apache Incubator." "Congratulations to Apache APISIX for graduating as an Apache Top-Level Project," said Hui Li, Engineer at Tencent Cloud. "Recent growth in demand for interconnection between mobile applications, enterprise interoperability, and the Internet of Things have expanded backend service support objects from single Web applications to a variety of usage scenarios. This increases both the access pressure and the complexity of backend services. A suitable solution for this issue is an API Gateway: in addition to basic request forwarding, protocol conversion, routing and other functions such as high performance and high stability, it also has good scalability and can continuously enhance the capabilities of the gateway. We evaluated many API gateways, and finally chose Apache APISIX as the core component of our new generation API gateway because of its high performance, high scalability, and
The Apache Software Foundation Announces Apache® Wicket™ v9
[this announcement is available online at https://s.apache.org/lpsmm ] Popular Open Source component-oriented server-side Java Web framework used to create robust Websites with faster and more maintainable code. Wakefield, MA —15 July 2020— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, today announced Apache® WicketTM v9.0.0, the latest version of the Open Source Java framework for creating rich Websites and applications more quickly using less code. Since 2006, Apache Wicket has been the go-to framework for elegant, responsive, and simple HTML pages that are well suited for Web Designers seeking to test the applications they are building. Apache Wicket was listed amongst the "10 Best Java Web Frameworks to Use in 2019 (100% Future-Proof)" by JavaPipe. "Java has deeply changed in the last few years," said Andrea Del Bene, Vice President of Apache Wicket and Apache Wicket v9.0 Release Manager. "In addition to the new release policy, starting with version 9 Java platform went through a massive refactoring aimed to modularize its code base and remove legacy classes and packages. With Wicket 9 we fully embraced this new Java course migrating our codebase to Java 11 LTS, offering a fundamental tool to keep your code up to date with Java evolution." Reflecting the tagline, "Bring the Web into the modern Java world", Apache Wicket 9 features include: - Java 11 is required as a minimum version; CI machines are available to test the Wicket codebase with later versions. For more details see https://wiki.openjdk.java.net/display/quality/Quality+Outreach - Added support for CSP (Content Security Policy) and activated by default. CSP allows Web developers to protect their apps against malicious scripts and unauthorized code execution. Wicket 9 exposes CSP with a flexible API to allow custom levels of CSP. - Wicket has been part of the OpenJDK Quality Outreach (that promotes the testing of open source projects with JDK Early Access builds and with the latest GA version, since January 2019). As of today, Apache Wicket is are one of few projects tested with OpenJDK 11, 14, and 15 (the latter in Early Access) - The internal page storing mechanism has been reworked to implement a better and simpler design. For more details see https://issues.apache.org/jira/browse/WICKET-6563 - A new modern implementation of modal window component, called ModalDialog. The old ModalWindow component is still here but it is deprecated and will be removed in a future version of Wicket. - JUnit has been upgraded to version 5. WicketTester uses it internally. It still supports JUnit 4 via JUnit 5 Vintage Engine - Update CDI (Context and Dependency Injection) to version 2.0 Apache Wicket is widely deployed across numerous organizations worldwide, such as Access Canberra, Apress, Brazilian 4th Regional Labor Court, Burger King, DHL, Facturación Electrónica, Lindenbaum, OneDev, SAP, TVH Group, UK Sciences, and countless others. For a comprehensive list of Apache Wicket implementations, see https://builtwithwicket.tumblr.com/ "Apache Wicket is the most suitable framework for OneDev," said Robin Shen, owner of the OneDev project, "With Wicket I can work with the same set of code from front-end to back-end, with Java's mature libraries and toolings. I must say I gained great productivity with Wicket." "At ParnasSys we work with very private data of millions of students in our student information system," said Robert Kromkamp, manager of software development at ParnasSys. "Since we are very keen about the security and privacy of our customers, we immediately adopted the new content security policy (CSP) feature of Wicket 9, so we can deploy an improved, more secure ParnasSys when the final release hits. Wicket has proven to be resilient and secure through the years, and we are very happy that Wicket continues to adopt new security standards in a developer friendly way." "At ValueCare we use Apache Wicket to build our main interactive web-application, which offers our users insight into their business-data easily," said Rob Audenaerde, Technical Lead at ValueCare. "Apache Wicket is a well structured, object-oriented Java framework that allows for quick extension and customization. This reduces our time to market for new features, because we can rapidly prototype and develop new components as needed." "With Wicket 9 we want to bring Web development into the post-Java 8 world," added Del Bene. "We rewrote our code base to comply with the new Java architecture, taking advantage of all the improvements and new features introduced from Java 8 to 11. Developers can now leave with no worry the safe harbor that Java 8 has been for all these years, and plunge into the modern Java world." Availability and Oversight Apache Wicket software is released under the Apache License v2.0 and
Trillions: It’s a Wrap!
[this post is available online at https://s.apache.org/jigil ] Our fourth, and final, part of the “Trillions and Trillions Served” documentary on the ASF is now live! Watch “Apache Innovation”, our latest segment https://s.apache.org/ApacheInnovation ...and catch up on the other parts - “Apache Everywhere” short https://s.apache.org/ApacheEverywhere - “Trillions and Trillions Served” full feature documentary https://s.apache.org/Trillions-Feature - “Why Apache” Documentary Teaser https://s.apache.org/ASF-Trillions Heartfelt thanks to: ... our filmmakers, (ASF Member) Michael Wechner, Dominik Gehring, and Tobias Kaufmann of Wyona Pictures; ...our film and production assistants Myk Fox, (Apache Committer) Kenneth Paskett, and Katerina Oliveros; ...and all the participants from the Apache community (in alphabetical order): Danny Angus, Mike Bates, Brian Behlendorf, Zaheda Bhorat, Rich Bowen, Danese Cooper, Mark Cox, Adina Crainiceanu, Shane Curcuru, Bertrand Delacretaz, Isabel Drost, Ted Dunning, Christofer Dutz, Lars Eilebrecht, Justin Erenkrantz, Julian Feinauer, Sharan Foga, Lars Francke, Pier Fumagalli, Ruth Holloway, Serge Huber, Julian Hyde, Claus Ibsen, Jim Jagielski, Alex Karasulu, Paul King, Kenneth Knowles, Myrle Krantz, Ted Liu, Samaira Mehta, Ismaël Mejía, Owen O’Malley, Jean-Baptiste Onofré, David Nalley, Jeffery Painter, Stan Paulauskas, Bob Paulin, Daniel Ruggeri, Craig Russell, Patricia Shanahan, Roman Shaposhnik, Andy Shi, Greg Stein, Sander Striker, Mark Thomas, Dirk-Willem van Gulik, and Rohit Yadav. What an opportunity --we appreciate your support, help in spreading the word, and sharing Apache goodness with the world! - - - NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
Inside Infra: Greg Stein --Part II
[this interview is available online at https://s.apache.org/InsideInfra-Greg2 ] The "Inside Infra" interview continues with ASF Infrastructure Administrator Greg Stein, who shares his experience with Sally Khudairi, ASF VP Marketing & Publicity. - - - "Who are these crazy guys spread around the world that are keeping 200 machines up and running for all these different projects and committers and contributors?" - - - PART TWO. - How or what would you describe the Infra "brand" to be? I don't really know. I've never really thought about branding or marketing ourselves, so ... - Well, you guys have a certain persona, you have those funky t-shirts you wear at ApacheCon ...there's definitely some kind of street cred that's different from everybody else. I was curious to see if that's part of your natural sense of hip, or is that something that you guys deliberately planned for. The t-shirts and other things go back to the team bonding kind of thing. We'll give ourselves an identity, but haven't tried to create or market ourselves. I think it is something that we do need to take some control over. We hired a part-time writer in December and he's been organizing our content to provide a better and more useful front to Infrastructure. There were a lot of pages on www.apache.org that have now moved over to infra.apache.org. That creates a more coherent Web space, if you will. We can really talk about those different channels. "How do you reach Infrastructure? Do I go to the Slack channel or do I file a JIRA ticket: how do I decide?" So he's helping to, while I wouldn't say "market a new face", he's certainly helping people figure out who we are, what we do, what we can help with and getting that information organized. - Which is good. That's new. Even to have you guys featured in a project like this, it's unusual and it's refreshing. I'm personally curious, and I'm sure other people are also curious about what's behind Infra. Right, right. Who are these crazy guys spread around the world that are keeping 200 machines up and running for all these different projects and committers and contributors? So Andrew (technical writer Andrew Wetmore) is primarily going to work on the infrastructure docs until those are whipped into shape because a lot of the material that we have, a lot of the Webpages, is really infrastructure related. He has been working with the team on those pages. What's going to be harder though is when he's kind of at a stopping point for that, what to turn his focus to, and that would be www.apache. But then it gets a lot more difficult because when he wants to update the How It Works page, who does he talk to? Who's authoritative? He can do some edits for flow and word consistency, punctuation, clarity, right, but he can't really update the process. - Right. Right. That's the Foundation thing. Yeah. But the problem is we don't really even have a concept of who's in charge of that How It Works page, who is, you know, it's just there's nobody that the foundation is willing to say, "That person controls that process." You know what I mean? - I totally do --I come across the same pages and people go, "Are they yours?" It's hard to determine not only evolving processes, but who signs off on this or who gets it. I hear you. I've recommended for the past year, or three, that Marketing is the owner of DubDubDub (www.), but you know, that's the "face" of Apache. You know? But the raw content, as you point out, who approves the raw content. - One thing that I asked Drew and Chris, and I'm always curious with people who are super busy and juggling 50 things, is to describe a typical workday for you. I wake up, I look for email first, generally, sometimes I'll hop onto Slack because sometimes people ask me directly for something. Then I go look at email and sort through a number of different categories between direct team stuff, operations, the Apache Board, and then Apache in general. And then of course, if there's any vendor email to deal with. So there's a bunch of different categories in priority order. After I get through that initial work, then it's go and read all the back scroll in the team channel, which is anywhere from 200 to 400 lines of back scroll ... - Can you get any work done? Beyond just catching up on the communications? Yes. But it does take like 30 minutes to read that back scroll. For me there's a lot in there about what the guys are doing and what they're working on, how to solve a particular problem when they're asking somebody else, "Hey, can you look at this? Can you help me with this?" But I don't, for the most part, "serve", you know ...they are the technical staff... I can do it: I have technical chops, but I let them do their jobs as they know best. I do like reading the back scroll because I'm also looking a
Re: The Apache News Round-up: week ending 12 June 2020
Code Snapshot Update: this week, 350 committers changed 922,742 lines of code over 2,850 commits. Top 5 committers, in order of commits, are: Andrea Cosentino, Guillaume Nodet, Jark Wu, Raphaël Ouazana, and Michael Vorburger. Have a great weekend! - - - Vice President Marketing & Publicity Vice President Sponsor Relations The Apache Software Foundation Tel +1 617 921 8656 | s...@apache.org On Fri, Jun 12, 2020, at 09:17, Sally Khudairi wrote: > [this newsletter is available online at https://s.apache.org/v5axk ] > > Hurrah for Friday! We've had a great week within the Apache community. > Here's what happened: > > "Trillions and Trillions Served" – the feature documentary on the ASF > filmed onsite at ApacheCon Las Vegas and Berlin in 2019 > https://s.apache.org/Trillions-Feature > > Inside Infra – the third interview in the series with members of the > ASF Infrastructure team. > - Meet Greg Stein --Part I https://s.apache.org/InsideInfra-Greg > > ASF Board – management and oversight of the business affairs of the > corporation in accordance with the Foundation's bylaws. > - Next Board Meeting: 17 June 2020. Board calendar and minutes > https://apache.org/foundation/board/calendar.html > ApacheCon™ – the ASF's official global conference series, bringing > Tomorrow's Technology Today since 1998. > - Notice on Apache 2020 Conferences https://s.apache.org/zgm8m > > ASF Infrastructure – our distributed team on three continents keeps the > ASF's infrastructure running around the clock. > - 7M+ weekly checks yield uptime at 99.98%. Performance checks across > 50 different service components spread over more than 250 machines in > data centers around the world. http://www.apache.org/uptime/ > > Apache Code Snapshot – TODO > > Apache Project Announcements – the latest updates by category. > > Big Data -- > - Apache ShardingSphere 4.1.1 released https://shardingsphere.apache.org/ > - Apache Beam 2.22.0 released https://beam.apache.org/ > - Apache Flink Stateful Functions 2.1.0 released https://flink.apache.org/ > > Content -- > - Apache Jackrabbit 2.20.1 released https://jackrabbit.apache.org/ > - Apache PDFBox 2.0.20 released https://pdfbox.apache.org/ > > Integrated Development Environment -- > - Apache NetBeans 12.0 released https://netbeans.apache.org/ > - Newly Identified Inactive Malware Campaign: Impact on Apache > NetBeans > https://blogs.apache.org/netbeans/entry/newly-identified-inactive-malware-campaign > > > Libraries -- > - Apache Commons IO 2.7 released > https://commons.apache.org/proper/commons-io/ > - Apache Commons BCEL 6.5.0 released > https://commons.apache.org/proper/commons-bcel/ > Messaging -- > - Apache Qpid JMS 0.52.0 released https://qpid.apache.org/ > > Servers -- > - Apache Tomcat 8.5.56, 9.0.36, and 10.0.0-M6 released > https://tomcat.apache.org/ > - Apache HttpComponents Core 5.0.1 GA released https://hc.apache.org/ > > > Did You Know? > > - Did you know that you could help with the next version of Apache > OpenOffice? > https://blogs.apache.org/OOo/entry/apache-openoffice-needs-your-help > > - Did you know that Airflow Summit 2020 will be held 6-17 July online? > https://airflowsummit.org/ > > - Did you know that Beam Summit 2020 will be held 24-28 August online > and free of charge? https://beamsummit.org/ > > > Apache Community Notices > > - The Apache Software Foundation Statement on the COVID-19 Coronavirus > Outbreak https://s.apache.org/COVID-19 > > - The Apache Software Foundation Celebrates 21 Years of Open Source > Leadership https://s.apache.org/21stAnniversary > > - Apache Month In Review: May 2020 – overview of events that have > taken place within the Apache community https://s.apache.org/May2020 > > - The Apache Software Foundation Operations Summary: Q3 FY2020 > (November 2019 - January 2020) https://s.apache.org/r6s5u > > - "Trillions and Trillions Served", the documentary on the ASF, is in > post-production. Catch the teaser at https://s.apache.org/ASF-Trillions > and "Apache Everywhere", the first "Trillions" "short" filmed onsite at > ApacheCon Las Vegas and Berlin this past year > https://youtu.be/nXtIti9jMFI > > - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits > > - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI > > - ASF Operations Summary: Q2 FY2020 (August - October 2019) > https://s.apache.org/2kv2n > > - ASF Founders look back on 20 Years of the ASF > https://blogs.apache.org/foundation/entry/our-founders-look-back-on > > - Foundati
The Apache News Round-up: week ending 12 June 2020
[this newsletter is available online at https://s.apache.org/v5axk ] Hurrah for Friday! We've had a great week within the Apache community. Here's what happened: "Trillions and Trillions Served" – the feature documentary on the ASF filmed onsite at ApacheCon Las Vegas and Berlin in 2019 https://s.apache.org/Trillions-Feature Inside Infra – the third interview in the series with members of the ASF Infrastructure team. - Meet Greg Stein --Part I https://s.apache.org/InsideInfra-Greg ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Next Board Meeting: 17 June 2020. Board calendar and minutes https://apache.org/foundation/board/calendar.html ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998. - Notice on Apache 2020 Conferences https://s.apache.org/zgm8m ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at 99.98%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/ Apache Code Snapshot – TODO Apache Project Announcements – the latest updates by category. Big Data -- - Apache ShardingSphere 4.1.1 released https://shardingsphere.apache.org/ - Apache Beam 2.22.0 released https://beam.apache.org/ - Apache Flink Stateful Functions 2.1.0 released https://flink.apache.org/ Content -- - Apache Jackrabbit 2.20.1 released https://jackrabbit.apache.org/ - Apache PDFBox 2.0.20 released https://pdfbox.apache.org/ Integrated Development Environment -- - Apache NetBeans 12.0 released https://netbeans.apache.org/ - Newly Identified Inactive Malware Campaign: Impact on Apache NetBeans https://blogs.apache.org/netbeans/entry/newly-identified-inactive-malware-campaign Libraries -- - Apache Commons IO 2.7 released https://commons.apache.org/proper/commons-io/ - Apache Commons BCEL 6.5.0 released https://commons.apache.org/proper/commons-bcel/ Messaging -- - Apache Qpid JMS 0.52.0 released https://qpid.apache.org/ Servers -- - Apache Tomcat 8.5.56, 9.0.36, and 10.0.0-M6 released https://tomcat.apache.org/ - Apache HttpComponents Core 5.0.1 GA released https://hc.apache.org/ Did You Know? - Did you know that you could help with the next version of Apache OpenOffice? https://blogs.apache.org/OOo/entry/apache-openoffice-needs-your-help - Did you know that Airflow Summit 2020 will be held 6-17 July online? https://airflowsummit.org/ - Did you know that Beam Summit 2020 will be held 24-28 August online and free of charge? https://beamsummit.org/ Apache Community Notices - The Apache Software Foundation Statement on the COVID-19 Coronavirus Outbreak https://s.apache.org/COVID-19 - The Apache Software Foundation Celebrates 21 Years of Open Source Leadership https://s.apache.org/21stAnniversary - Apache Month In Review: May 2020 – overview of events that have taken place within the Apache community https://s.apache.org/May2020 - The Apache Software Foundation Operations Summary: Q3 FY2020 (November 2019 - January 2020) https://s.apache.org/r6s5u - "Trillions and Trillions Served", the documentary on the ASF, is in post-production. Catch the teaser at https://s.apache.org/ASF-Trillions and "Apache Everywhere", the first "Trillions" "short" filmed onsite at ApacheCon Las Vegas and Berlin this past year https://youtu.be/nXtIti9jMFI - Apache in 2019 - By The Digits https://s.apache.org/Apache2019Digits - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI - ASF Operations Summary: Q2 FY2020 (August - October 2019) https://s.apache.org/2kv2n - ASF Founders look back on 20 Years of the ASF https://blogs.apache.org/foundation/entry/our-founders-look-back-on - Foundation Reports and Statements http://www.apache.org/foundation/reports.html - ApacheCon: Tomorrow's Technology Today since 1998 http://s.apache.org/ApacheCon - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache - Inside Infra: the new interview series with members of the ASF infrastructure team --meet Drew Foulks https://s.apache.org/InsideInfra-Drew - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache Camel, Apache HTTP Server, and more! https://helpwanted.apache.org/ - Are your software solutions
Announcing the release of "Trillions and Trillions Served"
[this announcement is available online at https://s.apache.org/lq3ub ] We are pleased to announce the release of "Trillions and Trillions Served", the documentary feature on The Apache Software Foundation (ASF), the world’s largest Open Source foundation. "'Trillions and Trillions Served' celebrates the diverse experiences from members of the Apache community from around the world," said Sally Khudairi, ASF Vice President Marketing & Publicity and Producer of "Trillions and Trillions Served". "The project is tribute to the innovation and passion that celebrates the ASF's incredible rise over the past 20 years. Watching our projects and their communities expand and thrive over the years has been exhilarating —what a privilege to share our story with the world!" Advancing its mission of providing software for the public good, the ASF's all-volunteer community grew from 21 original Members overseeing the development of the Apache HTTP Server to 813 individual Members, 206 Apache Project Management Committees, and 7,800+ Committers shepherding 300 projects and 200M+ lines of Apache code valued at more than $20B. Apache's breakthrough technology touches every aspect of modern computing, powering most of the Internet, managing exabytes of data, executing teraflops of operations, and storing trillions of objects in virtually every industry. Apache projects are all freely-available, at 100% no cost, and with no licensing fees. The documentary was shot by Wyona Pictures on location in September and October 2019 at ApacheCon North America in Las Vegas and ApacheCon Europe in Berlin. The "Trillions and Trillions Served" feature can be viewed at https://s.apache.org/Trillions-Feature "Why Apache?", the teaser for the documentary, is available at https://s.apache.org/WhyApache "Apache Everywhere", a “Trillions” documentary short, is available at https://s.apache.org/ApacheEverywhere "Apache Innovation", the fourth and final segment from the "Trillions" series, will be released in Summer 2020. The film was directed by ASF Member Michael Wechner, founder of Wyona Pictures, with cinematography by Dominik Gehring and Tobias Kaufmann. To learn more about the ASF, visit http://apache.org/ . To support the ASF through this project, visit https://s.apache.org/trillions # # # NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
Inside Infra: Greg Stein --Part I
[this interview is available online at https://s.apache.org/InsideInfra-Greg ] The third "Inside Infra" interview is with ASF Infrastructure Administrator Greg Stein, who shares his experience with Sally Khudairi, ASF VP Marketing & Publicity. --- "We've got about 200 different machines and each one runs something different" --- - What is your name --how is it pronounced? Greg Stein. "Gregg St-eye-n" - When people need to find you, are you at gstein@? Has that always been your handle for everything? Ever since high school, actually. I was gjs@ for a bit in college, but went back to gstein@. I started at Google early April 2004, and Gmail launched on April 1, so I was able to get my work email ID, gstein@gmail. So it’s great, but also rather annoying, because there are a lot of Gary Steins and Gertrude Steins and George Steins, and I get all of their email ... I get plane tickets, hotel reservations ... I got a proposal from the Gates Foundation once. I had some crazy bitter angry lady yelling at her husband as they were getting divorced, and she could rant. I mean, wow: that lady had a pirate's mouth. - But she didn't have his email address. Apparently not. - When and how did you get involved with the ASF? I left Microsoft in 1998, and the product group I was working in was building WebDAV into various Microsoft products. I thought the concept of WebDAV was very cool, and wanted the Open Source world to have it. That meant writing a module for the Apache Web Server. I think it was September 1998 when I started posting to the Apache mailing list and looking at how to plug in a WebDAV module. That was Apache 1.3 at the time. I developed a module called mod_dav for Apache 1.3, And when we started Apache 2.0 in 2000, I donated the module to Apache, and it became a standard module in Apache 2.0. - I remember that: I did the press release for that way back when. I knew you were connected with mod_dav, but didn't realize the path as to how you got there. It's very interesting. That's what brought me to Apache, when they started putting together the foundation: it was in the Spring of '99. I remember asking Roy if I could be one of the first members of the foundation, and Roy's answer was basically like, "We already had the set of people locked in. You'll probably get nominated and voted in at our first member meeting," which occurred in September 1999. So yes, I was in that first batch of new members rather than the original membership. - You've been a member of the ASF much longer than you've been involved with ASF Infra. What were the previous hats you were wearing at the ASF? You've been here for a while, and have had a lot of different configurations. This is true. So I'm a committer on HTTPd (Apache HTTP Server) and then a PMC Member, an ASF Member. I helped start the APR (Apache Portable Runtime) project with some of the other Web server committers, we pulled that out of HTTPd and created APR, and we used that for 2.0. We used APR, whereas Apache 1.3 was essentially the combination of the two, one big code base. Then Justin Erenkrantz and I started Apache Serf, and that was a high performance C-based client library for HTTP. But we didn't have three people in the community, so it couldn't really be an Apache project. So we took it out of Apache and started working on it on our own, and then eventually Subversion started to use Serf, and so we got more committers on Serf, and the community kind of built up around it because of Subversion. So we ran Serf externally, but just like it was an Apache community, it was Apache licensed and so on. Eventually we wanted to move it back into Apache, and I don't recall off hand, but we went straight to a TLP from our external project back to Apache Serf. Early 2000, it was January or February, (ASF co-Founder) Brian Behlendorf approached me about helping with the network protocol for this new version control system they were starting at CollabNet, because he knew my background in HTTP and WebDAV. That “V” stands for versioning. I got involved with the Subversion project that Spring. That was also run as a very egalitarian Open Source project, very similar to how we run stuff at Apache. I was really the only Apache person, but Karl Fogel just knows how to run a great community, and so all those values that we cherish in communities at Apache were part of Subversion from day one, but was run by CollabNet. I was hired in 2001 to manage their development team. Eventually, CollabNet wanted to turn it into a vendor-neutral thing that wasn't only CollabNet, so they started a small LLC called the Subversion Corporation. Once the IP was transferred to the Subversion Corporation, people said, "Okay, let's move to Apache," because nobody wanted to deal with the overhead of the Subversion Corporation. We approached Apache at the end of 2009, and Su
The Apache Software Foundation Announces Apache® Hudi™ as a Top-Level Project
[this announcement is available online at https://s.apache.org/odtwv ] Open Source data lake technology for stream processing on top of Apache Hadoop in use at Alibaba, Tencent, Uber, and more. Wakefield, MA --4 June 2020-- The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® Hudi™ as a Top-Level Project (TLP). Apache Hudi (Hadoop Upserts Deletes and Incrementals) data lake technology enables stream processing on top of Apache Hadoop compatible cloud stores & distributed file systems. The project was originally developed at Uber in 2016 (code-named and pronounced "Hoodie"), open-sourced in 2017, and submitted to the Apache Incubator in January 2019. "Learning and growing the Apache way in the incubator was a rewarding experience," said Vinoth Chandar, Vice President of Apache Hudi. "As a community, we are humbled by how far we have advanced the project together, while at the same time, excited about the challenges ahead." Apache Hudi is used to manage petabyte-scale data lakes using stream processing primitives like upserts and incremental change streams on Apache Hadoop Distributed File System (HDFS) or cloud stores. Hudi data lakes provide fresh data while being an order of magnitude efficient over traditional batch processing. Features include: - Upsert/Delete support with fast, pluggable indexing - Transactionally commit/rollback data - Change capture from Hudi tables for stream processing - Support for Apache Hive, Apache Spark, Apache Impala and Presto query engines - Built-in data ingestion tool supporting Apache Kafka, Apache Sqoop and other common data sources - Optimize query performance by managing file sizes, storage layout - Fast row based ingestion format with async compaction into columnar format - Timeline metadata for audit tracking Apache Hudi is in use at organizations such as Alibaba Group, EMIS Health, Linknovate, Tathastu.AI, Tencent, and Uber, and is supported as part of Amazon EMR by Amazon Web Services. A partial list of those deploying Hudi is available at https://hudi.apache.org/docs/powered_by.html "We are very pleased to see Apache Hudi graduate to an Apache Top-Level Project. Apache Hudi is supported in Amazon EMR release 5.28 and higher, and enables customers with data in Amazon S3 data lakes to perform record-level inserts, updates, and deletes for privacy regulations, change data capture (CDC), and simplified data pipeline development," said Rahul Pathak, General Manager, Analytics, AWS. “We look forward to working with our customers and the Apache Hudi community to help advance the project." "At Uber, Hudi powers one of the largest transactional data lakes on the planet in near real time to provide meaningful experiences to users worldwide," said Nishith Agarwal, member of the Apache Hudi Project Management Committee. "With over 150 petabytes of data and more than 500 billion records ingested per day, Uber’s use cases range from business critical workflows to analytics and machine learning." "Using Apache Hudi, end-users can handle either read-heavy or write-heavy use cases, and Hudi will manage the underlying data stored on HDFS/COS/CHDFS using Apache Parquet and Apache Avro," said Felix Zheng, Lead of Cloud Real-Time Computing Service Technology at Tencent. "As cloud infrastructure becomes more sophisticated, data analysis and computing solutions gradually begin to build data lake platforms based on cloud object storage and computing resources," said Li Wei, Technical Lead on Data Lake Analytics, at Alibaba Cloud. "Apache Hudi is a very good incremental storage engine that helps users manage the data in the data lake in an open way and accelerate users' computing and analysis." "Apache Hudi is a key building block for the Hopsworks Feature Store, providing versioned features, incremental and atomic updates to features, and indexed time-travel queries for features," said Jim Dowling, CEO/Co-Founder at Logical Clocks. "The graduation of Hudi to a top-level Apache project is also the graduation of the open-source data lake from its earlier data swamp incarnation to a modern ACID-enabled, enterprise-ready data platform." "Hudi's graduation to a top-level Apache project is a result of the efforts of many dedicated contributors in the Hudi community," said Jennifer Anderson, Senior Director of Platform Engineering at Uber. "Hudi is critical to the performance and scalability of Uber's big data infrastructure. We're excited to see it gain traction and achieve this major milestone." "Thus far, Hudi has started a meaningful discussion in the industry about the wide gaps between data warehouses and data lakes. We have also taken strides to bridge some of them, with the help of the Apache community," added Chandar. "But, we are only getting started with our deeply technical roadmap. We
The Apache Software Foundation Announces Apache® CloudStack® v 4.14
[this announcement is available online at https://s.apache.org/l5ps8 ] Mature Open Source Enterprise Cloud platform powers billions of dollars in transactions for the world's largest Cloud providers, Fortune 5 multinationals, educational institutions, and more. Wakefield, MA —28 May 2020— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® CloudStack® 4.14, the latest version of the mature, turnkey enterprise Cloud orchestration platform. Apache CloudStack is the proven, highly scalable IaaS platform of choice to rapidly and easily create private, public, and hybrid Cloud environments: it "just works". CloudStack originated at Cloud.com in 2010, which was acquired by Citrix in 2011. CloudStack was submitted to the Apache Incubator in 2012 and graduated as an Apache Top-Level Project (TLP) in March 2013. Apache CloudStack includes the entire "stack" of features in an IaaS cloud: compute orchestration, Network-as-a-Service, user and account management, full and open native API, resource accounting, and a first-class user interface. "v4.14 is an exciting release for Apache Cloudstack and is the result of many months of collaboration by our community," said Sven Vogel, Vice President of Apache CloudStack. "We are introducing a number of major new features that have been driven by demand by users and operators of CloudStack based IaaS environments. At the same time, we have kept to the project's ethos of having a tightly defined scope and being the platform of choice on which to layer other services." Of particular note are: Cloudstack Kubernetes Service gives operators the ability to deliver CaaS or K8aaS style services with no change to underlying infrastructure or business process VM Ingestion gives operators the ability to easily “import” existing VMware environments into Cloudstack The new backup and recovery framework, allows operators to integrate with any backup platform, giving a seamless user experience from the Cloudstack UI/API "Apache Cloudstack 4.14 ships with a Technical Preview of Cloudstack’s new User Interface," added Vogel. "This presents a new, ‘enterprise feel’ user experience and is earmarked to replace the current UI. We are encouraging all Cloudstack users to explore the Technical Preview and give feedback to the community. Thank you to all of the contributors across our community who have made this release possible." More than 200 new features, enhancements, and fixes include: New modern UI (Project Primate, Technical preview) Backup and Recovery framework Backup and Recovery provider for Veeam VM ingestion CloudStack Kubernetes Service L2 network PVLAN enhancements UEFI support KVM rolling maintenance Enable Direct Download for systemVM templates Template Direct Download support for Local and SharedMountPoint storages VR health checks Download logs and diagnostics data from SSVM/CPVM/VRs Enable additional configuration metadata to virtual machines The full list of new features can be found in the project release notes at http://docs.cloudstack.apache.org/en/4.14.0.0/releasenotes/index.html . Apache CloudStack powers thousands of clouds and billions of dollars in transactions across an array of organizations that include Apple, BT, INRIA, Royal Melbourne Institute of Technology (RMIT), SAP, Taiwan Mobile, Verizon, and WebMD, among others. A list of some of Apache CloudStack’s users are available at http://cloudstack.apache.org/users.html . Highlighted in Forrester’s Enterprise Open Source Cloud Adoption report, Apache CloudStack "sits beneath hundreds of service provider Clouds", and is behind numerous elastic Cloud computing services, including those at Fortune 5 multinationals as well as solutions ranked as Gartner Magic Quadrant leaders. Availability and Oversight Apache CloudStack software is released under the Apache License v2.0 and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. For downloads, documentation, and ways to become involved with Apache CloudStack, visit http://cloudstack.apache.org/ and https://twitter.com/cloudstack . About The Apache Software Foundation (ASF) Established in 1999, the all-volunteer Foundation oversees more than 350 leading Open Source projects, including Apache HTTP Server --the world's most popular Web server software. Through the ASF's meritocratic process known as "The Apache Way," more than 813 individual Members and 7,800 Committers across six continents successfully collaborate to develop freely available enterprise-grade software, benefiting millions of users worldwide: thousands of software solutions are distributed under the Apache License; and the community actively participates in ASF mailing
The Apache Software Foundation Announces Apache® Subversion® 1.14.0-LTS
[this announcement is available online at https://s.apache.org/osr65 ]
Community-led Version Control Software and Source Code Management Tool
Available on Most Integration Servers, Integrated Development Environments,
Issue Tracking Systems, and more.
Wakefield, MA —28 May 2020— The Apache Software Foundation (ASF), the
all-volunteer developers, stewards, and incubators of more than 350 Open Source
projects and initiatives, announced today Apache® Subversion® 1.14.0-LTS, the
latest release of the popular centralized software version control system.
Apache Subversion ("SVN") provides a version controlled backing store for any
kind of data. It records an accurate log of changes made to that data over
time, and keeps track of who made them. Subversion allows users to commit files
and directories, recover previous revisions, and even maintain multiple
variations of their work in parallel. Able to service projects of any size,
from individuals up to large scale collaborative efforts, Subversion is ideal
for work in vast swaths of industries, from software development to
semiconductor design, scientific research to medical technology. An Apache
Top-Level Project for over a decade, Subversion celebrated its 20th Anniversary
earlier this year.
"First and foremost, I'd like to thank all of our developers and community
members who helped make this release possible," said Nathan Hartman, Vice
President of Apache Subversion. "We are excited to publish our latest LTS
release, and the first in the 1.14 line."
As an LTS release, the focus is on stability and availability. These are
achieved through the project's policies. For any change in core code to be
included in updates to 1.14.x, the change must first undergo a process of
nomination and voting for backport. At least three Subversion developers must
support the change, with none having concerns about it.
LTS (Long Term Support) is an industry designation that a particular release
line is planned to be maintained for a longer period of time than regular,
non-LTS releases. For the Subversion project, this means that later updates to
the 1.14.x series may contain bug fixes and security updates only. Any bleeding
edge new features, even if developed during the lifetime of 1.14.x, will have
to be introduced in a separate release line. Server operators and system
administrators usually prefer LTS releases for stability, while end users often
choose the latest release (LTS or not) to get the newest features.
Numerous third parties provide Subversion install packages for Windows, macOS,
Linux, OpenBSD, FreeBSD, and other operating systems. To maximize platform
independence, Subversion is implemented with strict conformance to ISO C90, one
of the most widely supported software coding standards worldwide. In addition,
the Subversion developers provide bindings that enable integrations with
software coded in popular web languages: Java, Ruby, Perl, and Python.
Particularly noteworthy for this release, Subversion's language bindings for
Python received significant attention. Python 3 is supported, up from Python 2
in prior Subversion releases, an oft requested improvement that keeps
Subversion 1.14.0-LTS current with the changing Python landscape. While this
was a major undertaking, the project also tackled the challenge of maintaining
compatibility with the older Python 2. This legacy support is expected to phase
out gradually, as Python 3 continues to gain mindshare across the computing
industry, but the Subversion project has a long tradition of maintaining
compatibility wherever practical, giving operators of legacy systems some
much-needed breathing room as they make the transition.
Among Subversion's strengths are its extensive support for working with giant
repositories. The bedrock of this support is its centralized model, which
allows users to check out only the portions of a repository that they need. The
ASF uses Subversion this way in its own infrastructure, housing more than 80 of
its Apache Top-Level Projects and sub-projects comprising millions of lines of
code, including Subversion itself, in a single Subversion repository that makes
all 1.8 million revisions of that information available to collaborators
worldwide.
When dealing with such vast amounts of data, including all of its revisions,
one might wonder about storage costs. Subversion uses a variety of techniques
to minimize storage, including temporal compression, spacial compression, and
data deduplication.
Another improvement in Subversion 1.14.0-LTS is a new tool in support of
deduplication that could help some administrators reduce future storage costs.
The deduplication feature uses an internal database named rep-cache.db. If
deduplication was previously disabled, the database may not contain all
necessary entries. The new feature, known as the 'svnadmin build-repcache'
command, allows re-adding such missing entries and provides a
The Apache Software Foundation Announces the 10th Anniversary of Apache® HBase™
[this announcement is available online at https://s.apache.org/m2pxf ] Open Source distributed, scalable Big Data store celebrates a decade of processing zettabytes of data across highly scalable large tables for the Apache Hadoop ecosystem Wakefield, MA —13 May 2020— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today the tenth Anniversary of Apache® HBase™, the distributed, scalable data store for the Apache Hadoop Big Data ecosystem. "The success of Apache HBase is the success of Open Source," said Duo Zhang, Vice President of Apache HBase. "Ten years after graduating as a TLP, HBase is still among the most active projects at the ASF. We have hundreds of contributors all around the world. We speak different languages, we have different skills, but we all work together to make HBase better and better. Ten year anniversary is not the end, but a new beginning, I believe our strong community will lead the project to a bright future." HBase originated at Powerset in 2006 as an Open Source system to run on Apache Hadoop’s Distributed File System (HDFS), similar to how BigTable ran on top of the Google File System. In 2007, a significant code contribution was added to the Apache Hadoop codebase and was integrated into the Apache Hadoop 0.15.0 release later that year. Development on HBase continued as a sub-project of Apache Hadoop, and graduated as an Apache Top-Level Project (TLP) in April 2010. An Open Source, versioned, non-relational database, Apache HBase provides low latency random access to very large tables —billions of rows and millions of columns— atop clusters of non-specialized, commodity hardware. HBase reads, writes, and processes structured, semi-structured, and unstructured data in real-time environments. Apache HBase is in use at thousands of organizations, including Adobe, Airbnb, Alibaba, Bloomberg, Flipkart, Huawei, HP, Hubspot, IBM, Microsoft, NetEase, Pinterest, Salesforce, Shopee, Tencent, Twitter, Xiaomi, and Yahoo! (now Verizon Media), among others. Testimonials "Congratulations on the 10th birthday of Apache HBase! Alibaba started to use HBase since January 2011 and has witnessed its growth and come along with the community through the years. The Apache HBase community has always been an open and powerful team that produced many stable, production-ready and widely used versions. Today at Alibaba, we have HBase clusters with more than 10k nodes serving hundreds of petabytes of data, as well as more than 1,000 enterprise HBase users on Alibaba Cloud. We will continue collaborating with and contributing to the HBase community and wish us all ongoing success in future!" —Chunhui Shen and Yu Li, members of the HBase team at Alibaba "I have worked with Apache HBase for many years and I think it is a great product. it does what it says on the tin so to speak. Ironically if you look around the NoSQL competitors, most of them are supported by start-ups, whereas HBase is only supported as part of Apache suite of products by vendors like Cloudera, Hortonworks, MapR, etc. For those who would prefer to use SQL on top, there is Apache Phoenix around which makes life easier for the most SQL-savvy world to work on HBase: problem solved. For TCO, HBase is still value for money compared to others. You don't need expensive RAM or SSD with HBase. That makes it easy to onboard it in no time. Also HBase can be used in a variety of different business applications, whereas other commercial ones are focused on narrower niche markets. Least but last happy 10th anniversary and hope HBase will go from strength to strength and we will keep using it for years to come!" —Dr. Mich Talebzadeh, Chief Data Architect, Big Data "Congratulations on the 10th anniversary of Apache HBase! Xiaomi started to use HBase in 2012, when our business started booming. Many key Xiaomi products and services, as well as Xiaomi's data analytics platform, require a new system to provide quick and random access to billions of rows of structured and semi-structured data. Traditional solutions are not able to handle the large volume of data brought by the quickly increasing Xiaomi user base. Among several available options, we choose HBase not only because it provides a rich set of features and excellent performance specs, but also because it has a very active, open and friendly community. Embracing open source has been part of Xiaomi's engineering culture, and our deep involvement in the development of Apache HBase demonstrates the best practices of Xiaomi's open source strategy. In the past several years, we have contributed tons of bug fixes and important features to HBase, and, in the meantime, we have contributed 9 committers and 3 PMC members to the HBase community. Looking forward, we will continue to work closely with the Apache HBase community to help
Success at Apache: Remote Collaboration in the Time of Coronavirus
[this post is available online at https://s.apache.org/dkffj ] by Marvin Humphrey I "arrived" at the Apache Software Foundation in 2005, unreasonably angry about a bug in Apache Lucene. By "arrived", I mean that I sent the first few emails among several thousand I would go on to send over the next 15 years — the ASF didn't have a physical office where I could show up to buttonhole and berate some unlucky customer service representative. An unreasonably patient Lucene contributor named Doug Cutting talked me down. Because the ASF has always been a virtual organization, the Coronavirus pandemic has had minimal impact on its day-to-day operations. While individual contributors may be personally affected, at the collective level there's been no mad scramble to adapt. Others have not been so fortunate. All around the world organizations have been struggling to revamp their processes and infrastructure to comply with "social distancing" protocols. Sadly, many have already laid off workers, or even closed their doors for good. And yet, there is a huge pool of work which could conceivably be performed remotely but isn't yet — or which is suddenly being performed remotely but inefficiently. If we can accelerate and streamline the transition to remote work, many jobs and businesses could be saved. With some creativity, our interim "new normal" could be more propsperous, and perhaps sooner than we think! Are you an Open Source contributor? If so, you possess expertise in remote operations which is desperately needed in today's challenging economic environment. Let's talk about what we know and how we can help. The Internet Turns People Into Jerks People type things at each other over the internet that they would never say to someone's face. In person, we calibrate our language based on feedback we receive via facial expressions, tone of voice, and body language. But when all communication is written, the feedback loop is broken — and all too easily, vicious words fall out of our fingertips. Suddenly-remote workers may find themselves exposed to this phenomenon as conversations that once took place in the office migrate to Slack, email, and other text-centric communication channels. But it can be tricky learning to recognize when a conversation being conducted via a text channel has gotten overheated — it takes an intuitive leap of empathy, possibly aided by dramatic reading of intemperate material a la Celebrities Read Mean Tweets https://www.youtube.com/playlist?list=PLs4hTtftqnlAkiQNdWn6bbKUr-P1wuSm0 on Jimmy Kimmel. Open Source communities have grappled with incivility for as long as the movement has existed. Over time, "ad hominem" personal attacks have gradually become taboo because of their insidious corrosive effect; there exists broad cultural consensus that you should attack the idea rather than person behind it. Defenses have become increasingly formalized and sophisticated as more and more communities have adopted a "code of conduct". While the primary purpose of such documents is guard gainst harassment and other serious misconduct, they often contain aspirational recommendations about how community members should treat each other — because serious misconduct is more likely to occur in an environment of constant low-grade incivility. Regardless of whether your organization adopts a code of conduct, it won't hurt to raise awareness among remote team members of the suceptibility of text-based communications to incivility — so that they may identify and confront it in themselves and others and shunt everyone towards more constructive patterns of communication. Keeping Everyone "In The Loop" Coordination is a troublesome problem even when everyone works in the same office, but the difficulties are magnified in remote environments where it takes more effort to initiate and conduct conversations. Teams can become fragmented and individuals can become isolated unless a culture is established of keeping everyone "in the loop". At the ASF, the problem is especially acute because its virtual communities are spread out across the globe. Due to time zone differences, it is typically infeasible to get all stakeholders together for a meeting — even a virtual meeting held via conference call or videochat. Additionally, many stakeholders in ASF communities do not have the availability to participate in real-time conversations regularly because they are not employed to to work on projects full-time. "Synchronous" communication channels like face-to-face, videochat, phone, text chat, and so on are good for rapid-fire iteration and refinement of ideas, but they effectively exclude anyone who isn't following along in real-time. Even if conversations are captured, such as with AV-recorded live meetings or logged text chats, it is inefficient and often confusing to review how things went down after the fact. The solution that the ASF
Support Apache: #GivingTuesdayNow
[this post is available online at https://s.apache.org/GivingTuesdayNow2020 ] Support The Apache Software Foundation (ASF) and help the world's largest Open Source foundation continue to provide $20B+ worth of software for the public good at 100% no cost. Apache projects are helping millions of individuals and businesses struggling with the COVID-19 pandemic in numerous ways, including: 1) Accessing one’s desktop remotely whilst working from home; 2) Ordering, warehousing, picking, shipping, dispatching, and tracking critical supplies worldwide; 3) Classifying and integrating 1.5B+ genetic data records; 4) Storing, extracting, linking, and processing terabytes of electronic medical records across thousands of servers; 5) Training large-scale, distributed deep learning libraries over clusters of hospital machines; 6) Developing machine learning cardiovascular disease prediction models; and 7) Supporting biobank research and real-time intensive care data analysis. Your contribution helps ensure The Apache Software Foundation’s 350+ projects and initiatives remain accessible to all, absolutely free of charge. The not-for-profit ASF does not pay for development --all work on Apache projects is done by a volunteer community of more than 7,700+ Committers on six continents. Donate today at https://donate.apache.org/ We thank you for your support during this unprecedented time. #GivingTuesdayNow is a new global day of giving and unity taking place on 5 May 2020 as an emergency response to the unprecedented need caused by the COVID-19 pandemic. The annual GivingTuesday movement takes place on the first Tuesday following Thanksgiving in the United States, and is the second largest giving day of the year. (1 December 2020). # # # NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line.
Success at Apache: bringing the Apache Beam firefly to life
[this post (and accompanying images) are available online at https://s.apache.org/bmq4l ] by Julián Bruno Creating the Apache Beam firefly was the first opportunity I had to contribute my skills as a designer and illustration artist to an open source project. I didn’t know anybody working in open source until I moved to San Francisco from Buenos Aires, Argentina. I knew about open source software for video games, like Unity or Unreal Engine... This allowed gamers to make modifications, like adding new levels or creating new character models, and upload them to the same engine that hosted the original game for other gamers to use. This practice enabled a sense of community, where users can share ideas, passions, and express creativity. There are so many things you can do when you work in collaboration with others. This spirit of community is one of the things that made me excited about contributing to Apache Beam. Living in an area where technology is everywhere really piqued my interest and drove my curiosity to understand how technology evolves. When the opportunity came to contribute to Apache Beam, I was interested right away. I didn’t know about the project before I got involved, and I certainly didn’t know there was a community behind it, working together to build this amazing solution. Building a mascot for a group of people is different from working for a brand because this firefly represents a group of people and what they find valuable. There is an extra layer that makes it more human. For this type of work, designing a mascot is usually a decision reserved for a small group, and the larger community is not involved. It is refreshing and very meaningful that the community had a chance to step into the process. I saw it as an opportunity for self-expression,participation, and one more exercise in community building. In order for this process to be inclusive, I built a group-wide communication system for the community to input during the process. I think that having open and frequent communication was key because, ideally, I wanted everyone to feel that the mascot represents them. I created questions that would help Apache Beam contributors understand what I needed as an illustrator. The questions helped me understand what they liked. This ensured that the mascot was aligned with the community’s taste. Some questions were about colors and visual styles they preferred, if the eyes are too big or small, and preferred line art style. There were 4 rounds of feedback, plus a final vote, where 18 people participated. Engagement increased with every new round. The Apache Way for communities to operate reminded me of a lot of animation forums I participated in the early 2000s. I’m glad to see that some of these practices are still around, because they help make processes more inclusive and build a sense of community. [see images at https://s.apache.org/bmq4l ] This communication with the Apache Beam community helped me to create a mascot with features that are unique to the project. When I started, I was given a few concepts that I needed to work with, such as: cute, innovative, fast, data processing, and futuristic. The first few decisions, like making the mascot look as aerodynamic as possible were easy to make. Conveying "data processing" was a bit harder to figure out, butI eventually chose to communicate this concept by changing the mascot's color. What really gave the mascot its unique identity came from using Pokémon-like character style. I built the rhetoric for Apache Beam's logo by combining two concepts that have nothing to do with each other, Pokémon and data streaming, and created something new. [see images at https://s.apache.org/bmq4l ] In the end, I created the Apache Beam mascot and its model sheet, so that anyone can reproduce it, a version of the mascot learning (a key focus for the project at the moment), and a version of the firefly doing what it does best… stream data! I really enjoyed working for Apache Beam and contributing my skills as an illustration artist to open source. I think the most interesting part is the community: creating something in collaboration with others adds a lot of value to what you are making for the world. [see images at https://s.apache.org/bmq4l ] Julián is a digital artist based in San Francisco, California. He has spent over 10 years in the animation industry and has developed his skills in art direction, 2D animation, illustration, and visual art development. My passions include art and cartoon animation, as well as connecting with people and creating new projects. He was born and raised in Buenos Aires, Argentina, where he studied Graphic Design at University of Buenos Aires (UBA). Find Julián's work on Artstation and Instagram. = = = "Success at Apache" is a monthly blog series that focuses on the processes behind why the ASF "just works"
