Re: Can you help provide a future for Apache Mesos?
Hi Shane, Please hold off on moving Mesos into the attic, Ben and his team members will contribute some substantial code changes to Mesos, thanks Ben and your team! Regards, Qian Zhang On Tue, Nov 14, 2023 at 3:17 PM Charles-François Natali wrote: > Still using Mesos - it's stable, boring - in a good way - and great for > our specific use case. > > I'm a committer, happy to continue reviewing and merging small changes or > address security issues. > > Cheers, > > > > > > On Mon, Nov 13, 2023, 13:34 Andreas Peters wrote: > >> I'm still with Mesos and can do what I done the last years. Keep an eye >> at issues and give support via Slack and Jira. >> >> >> Am 13.11.23 um 13:51 schrieb Shane Curcuru: >> >> As a mature and successful project, Mesos hasn't seen much new >> development in the past couple of years. The question now for everyone on >> these lists is: >> >> - Is Mesos still a maintained project, where even if no new features are >> developed, there's at least a group to respond to security issues and make >> new releases? Or is it time to 'deprecate' Mesos, and move the project as >> a whole to the Apache Attic? [1] >> >> It feels like there are still plenty of users who rely on Mesos; what we >> need now is for enough people here to step up and volunteer to stick around >> and be available to fix security issues in the future. >> >> Thanks to Qian for raising this question in March [2], where several >> people did speak up. I'd like to clarify what the ASF board's requirements >> are for an 'active' Apache project. >> >> We don't actually need people doing active development on a project. >> What's really needed is at least three PMC members who are monitoring the >> project's lists and issues, and who could be available in the future *if* a >> serious security issue or other major bug were discovered. >> >> So we're not looking for people with time to do active development - just >> enough reliable volunteers who could monitor for major issues that are >> reported, and make a new release if security fixes are needed. Does that >> help, and does that make sense? >> >> We will also be running a Roll Call of the PMC [3] now, so the board can >> understand how many PMC members (who have access to security issue details, >> for example) could still stick around to monitor lists. Along with that >> roll call, we'll also be reminding the existing PMC that they can vote in >> any existing committers who will also step up and volunteer. >> >> * What can you do? >> >> If you are still using Mesos, have enough time to check the mailing >> lists/issue tracker periodically for any security or giant breaking bugs >> (i.e. not small bugs), and might be able to help someday with a fix or >> making a new release of Mesos, then speak up now! Be sure to say what >> specific kinds of tasks you might be able to take on if they arise. >> >> Remember: we don't need active development, just some folks making sure >> any security bugs are addressed in the future (if they come up). >> >>
Re: Can you help provide a future for Apache Mesos?
Still using Mesos - it's stable, boring - in a good way - and great for our specific use case. I'm a committer, happy to continue reviewing and merging small changes or address security issues. Cheers, On Mon, Nov 13, 2023, 13:34 Andreas Peters wrote: > I'm still with Mesos and can do what I done the last years. Keep an eye at > issues and give support via Slack and Jira. > > > Am 13.11.23 um 13:51 schrieb Shane Curcuru: > > As a mature and successful project, Mesos hasn't seen much new development > in the past couple of years. The question now for everyone on these lists > is: > > - Is Mesos still a maintained project, where even if no new features are > developed, there's at least a group to respond to security issues and make > new releases? Or is it time to 'deprecate' Mesos, and move the project as > a whole to the Apache Attic? [1] > > It feels like there are still plenty of users who rely on Mesos; what we > need now is for enough people here to step up and volunteer to stick around > and be available to fix security issues in the future. > > Thanks to Qian for raising this question in March [2], where several > people did speak up. I'd like to clarify what the ASF board's requirements > are for an 'active' Apache project. > > We don't actually need people doing active development on a project. > What's really needed is at least three PMC members who are monitoring the > project's lists and issues, and who could be available in the future *if* a > serious security issue or other major bug were discovered. > > So we're not looking for people with time to do active development - just > enough reliable volunteers who could monitor for major issues that are > reported, and make a new release if security fixes are needed. Does that > help, and does that make sense? > > We will also be running a Roll Call of the PMC [3] now, so the board can > understand how many PMC members (who have access to security issue details, > for example) could still stick around to monitor lists. Along with that > roll call, we'll also be reminding the existing PMC that they can vote in > any existing committers who will also step up and volunteer. > > * What can you do? > > If you are still using Mesos, have enough time to check the mailing > lists/issue tracker periodically for any security or giant breaking bugs > (i.e. not small bugs), and might be able to help someday with a fix or > making a new release of Mesos, then speak up now! Be sure to say what > specific kinds of tasks you might be able to take on if they arise. > > Remember: we don't need active development, just some folks making sure > any security bugs are addressed in the future (if they come up). > >
Re: Can you help provide a future for Apache Mesos?
I'm still with Mesos and can do what I done the last years. Keep an eye at issues and give support via Slack and Jira. Am 13.11.23 um 13:51 schrieb Shane Curcuru: As a mature and successful project, Mesos hasn't seen much new development in the past couple of years. The question now for everyone on these lists is: - Is Mesos still a maintained project, where even if no new features are developed, there's at least a group to respond to security issues and make new releases? Or is it time to 'deprecate' Mesos, and move the project as a whole to the Apache Attic? [1] It feels like there are still plenty of users who rely on Mesos; what we need now is for enough people here to step up and volunteer to stick around and be available to fix security issues in the future. Thanks to Qian for raising this question in March [2], where several people did speak up. I'd like to clarify what the ASF board's requirements are for an 'active' Apache project. We don't actually need people doing active development on a project. What's really needed is at least three PMC members who are monitoring the project's lists and issues, and who could be available in the future *if* a serious security issue or other major bug were discovered. So we're not looking for people with time to do active development - just enough reliable volunteers who could monitor for major issues that are reported, and make a new release if security fixes are needed. Does that help, and does that make sense? We will also be running a Roll Call of the PMC [3] now, so the board can understand how many PMC members (who have access to security issue details, for example) could still stick around to monitor lists. Along with that roll call, we'll also be reminding the existing PMC that they can vote in any existing committers who will also step up and volunteer. * What can you do? If you are still using Mesos, have enough time to check the mailing lists/issue tracker periodically for any security or giant breaking bugs (i.e. not small bugs), and might be able to help someday with a fix or making a new release of Mesos, then speak up now! Be sure to say what specific kinds of tasks you might be able to take on if they arise. Remember: we don't need active development, just some folks making sure any security bugs are addressed in the future (if they come up). OpenPGP_0x6A83F12541CFCCF9.asc Description: OpenPGP public key OpenPGP_signature.asc Description: OpenPGP digital signature
