Hello all, Many/ all apache project seems to lack a chat room or a way to order the queue of prs and communication it outwards. namely:
Jira used as a bug tracking tool without as much project management focus. Imho I could say the prs i supplied are minutes worth of review. Maybe someone disagrees amd days hours of reviews or days. I lose track of the 4 balls prs, I dont want to start on 4 more balls until the first 4 get merged. I try to stack my work in small focused commits. Lce isnt the "cathedral" . I would hazard a guess that from the state of it the project could use someone that WANTs to deal with it. Hint hint .. im the only fish on the hook so real me in folks On Tuesday, February 10, 2026, Edward Capriolo <[email protected]> wrote: > May one of the committers/ contributors comment. Do we understand what I > am reporting to be a blocker? Risk etc. > > On Monday, February 9, 2026, Edward Capriolo <[email protected]> > wrote: > >> Thanks Chris, >> >> Completely understand " I'm completely focused on resolving 3.5.0 release >> blockers and setting us up with a release candidate to review." >> >> I don't wish to create a "release blocker" to make my issues seem more >> important...however... >> >> https://issues.apache.org/jira/browse/YARN-11920 >> >> In my estimation the current linux-container-executor doesn't work. I >> have posted this on the list now and no one has debunked it with "You are >> doing it wrong". It blocks me quite badly. You cant actually run a >> word-count with linux-container-executor! >> >> As for https://issues.apache.org/jira/browse/YARN-11919, I would say it >> is also a blocker. There isn't a good reason why the code should only work >> on "some linux". I think I see how it happened, if you google the recipe to >> "read the passwd file with c". You find a few "examples" which just dont >> deal with the buffer correctly. They include the comments "#should be big >> enough" it is just written wrong. >> >> Also I posted to another hadoop list (havent heard back), but the bad >> pointer stuff is risky to say the least. >> >> Edward >> >> >> On Wed, Feb 4, 2026 at 4:02 PM Chris Nauroth <[email protected]> wrote: >> >>> Hi Edward, >>> >>> Sorry these have not been reviewed yet. I'm sure this is due to limited >>> committer bandwidth. For myself, I definitely have it in my queue to get >>> back to reviewing #8177. Right now though, I'm completely focused on >>> resolving 3.5.0 release blockers and setting us up with a release candidate >>> to review. >>> >>> If any non-committers have time for a review pass, that would be another >>> way to give these pull requests an initial boost. All the help is >>> appreciated! >>> >>> Chris Nauroth >>> >>> >>> On Tue, Feb 3, 2026 at 2:12 PM Edward Capriolo <[email protected]> >>> wrote: >>> >>>> Yellow elephant friends. Can I get a sponsor to review? I am >>>> chomping at the bit you know. I used all my free AI credits to make the >>>> "MUSL hadoop" logo. Got to get the PRS merged : >>>> >>>> [image: output.jpg] >>>> >>>> On Fri, Jan 23, 2026 at 8:59 AM Edward Capriolo <[email protected]> >>>> wrote: >>>> >>>>> Hey friends, I have been busy. Please when you can take a look at >>>>> these things. The two related to my best friend "container executor" are >>>>> c. >>>>> IF that scares you like it scared me I annotated the PR so it is hopefully >>>>> less scary. >>>>> >>>>> >>>>> Less vulnerabilities. a win for hadoop security! >>>>> https://github.com/apache/hadoop/pull/8188 >>>>> >>>>> Code is not portable and not correct. I annotated the PR with comments >>>>> so non c people can understand why >>>>> https://github.com/apache/hadoop/pull/8177 >>>>> >>>>> The owasp plugin (the thing that helps you detect vulnerable code) is >>>>> old and doesnt work >>>>> https://github.com/apache/hadoop/pull/8186 >>>>> >>>>> In my estimation the container executor has another leak, I also do >>>>> not see how it works at all with the premissions it sets, maybe everyone >>>>> is >>>>> running foks or patches? The code is refined and you can see that the >>>>> method in question is not called during the test suite. hence my added >>>>> tests >>>>> >>>>> https://github.com/apache/hadoop/pull/8184 >>>>> >>>>> >>>>> > > -- > Sorry this was sent from mobile. Will do less grammar and spell check than > usual. > -- Sorry this was sent from mobile. Will do less grammar and spell check than usual.
