The Apache Software Foundation Blog

Friday March 24, 2017

The Apache News Round-up: week ending 24 March 2017

Happy Friday! This week the Apache community has accomplished quite a bit:

ASF Board –management and oversight of the business and affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 15 April 2017. Board calendar and minutes available at http://apache.org/foundation/board/calendar.html
 - ASF Operations Summary - Q3 FY2017 https://s.apache.org/NKFz

Apache Community –our community is 6,000+ contributors strong! https://projects.apache.org/timelines.html
 - Introducing the new Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ Do friend and follow us.

ASF Infrastructure –our distributed team on four continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield steady performance at 97.15% uptime http://status.apache.org/

ApacheCon™ –Tomorrow's Technology Today.
 - Join us! 100+ sessions, 75+ speakers, 4 subconferences, BarCampApache and more. Learn the latest in Big Data, Cloud, Flex, IoT, Tomcat, and dozens of other leading Apache projects https://blogs.apache.org/conferences/entry/apachecon-tomorrow-s-software-today Sign up today and save $200!
 - Become an Apache Community Sponsor at ApacheCon http://events.linuxfoundation.org/events/apachecon-north-america/sponsors/community-sponsor

Apache Gora™ –Open Source framework provides an in-memory data model and persistence for Big Data.
 - Apache Gora 0.7 released http://gora.apache.org/downloads.html

Apache Groovy™ –a powerful, optionally typed and dynamic language, with static-typing and static compilation capabilities, for the Java platform aimed at improving developer productivity thanks to a concise, familiar and easy to learn syntax.
 - Apache Groovy 2.4.10 released http://www.groovy-lang.org/download.html

Apache Knox™ –a REST API Gateway for providing secure access to the data and processing resources of Apache Hadoop clusters.
 - Apache Knox 0.12.0 released http://www.apache.org/dyn/closer.cgi/knox/0.12.0

Apache Kudu™ –an Open Source storage engine for structured data which supports low-latency random access together with efficient analytical access patterns.
 - Apache Kudu 1.3.0 released http://kudu.apache.org/releases/1.3.0/

Apache Mynewt (incubating) –a community-driven module OS for constrained, embedded applications.
 - Apache Mynewt 1.0.0-incubating released http://www.apache.org/dyn/closer.lua/incubator/mynewt/apache-mynewt-1.0.0-incubating

Apache NiFi™ NAR Maven Plugin – helps to build NiFi Archive bundles (NARs) to support the class loader isolation model in NiFi.
 - Apache NiFi nifi-nar-maven-plugin 1.2.0 released https://repository.apache.org/content/repositories/releases/org/apache/nifi/nifi-nar-maven-plugin/1.2.0/

Apache OpenMeetings™ –provides video conferencing, instant messaging, white board, collaborative document editing and other groupware tools using API functions of the Red5 Streaming Server for Remoting and Streaming.
 - Apache OpenMeetings 3.2.1 released http://openmeetings.apache.org/downloads.html

Apache POI™ –APIs for manipulating various file formats based upon Open Office XML (ECMA-376) and Microsoft's OLE 2 Compound Document formats using pure Java; your Java Excel, Word and PowerPoint solution.
 - CVE-2017-5644 - Possible DOS (Denial of Service) in Apache POI versions prior to 3.15 http://mail-archives.apache.org/mod_mbox/www-announce/201703.mbox/%3CCABdJj54TM1tCzA1-YL51d%3DTSOtDQ2L0B87%2Bxbqe3Wur-7Du%2BVg%40mail.gmail.com%3E

Apache Phoenix™ –enables OLTP and SQL-based operational analytics for Apache Hadoop
 - Apache Phoenix 4.10 released http://phoenix.apache.org/download.html

Apache Streams –unifies a diverse world of digital profiles and online activities into common formats and vocabularies, and makes these datasets accessible across a variety of databases, devices, and platforms for streaming, browsing, search, sharing, and analytics use-cases.
 -Apache Streams 0.5-incubating released http://www.apache.org/dyn/closer.cgi/incubator/streams/releases/0.5-incubating/ 

Apache Struts™ –an elegant, extensible framework for creating enterprise-ready Java Web applications.
 - Apache Struts 2.5.10.1 GA with Security Fix released http://struts.apache.org/download.cgi#struts25101
 - Apache Struts Extras secure Multipart plugins GA and GA - versions 1.1 released http://struts.apache.org/download.cgi#struts-extras

Apache Tephra (incubating) –a transaction engine for distributed data stores like Apache HBase.
 - Apache Tephra-0.11.0-incubating released http://www.apache.org/dyn/closer.cgi/incubator/tephra/0.11.0-incubating/src

Apache UIMA™ –a component architecture and framework for the analysis of unstructured content like text, video and audio data.
 - Apache UIMA Java SDK 3.0.0-alpha02 released http://uima.apache.org/d/uimaj-3.0.0-alpha02/version_3_users_guide.html

Did You Know?

 - Did you know that you can help Apache projects and initiatives such as Commons, Community Development, Curator, DataFu (incubating), Directory, HTTP Web Server, JMeter, Mahout, OODT, OpenOffice, POI, Syncope, Tika, and more, ranging from "beginner" to "expert" levels? Check out the tasks listed at https://helpwanted.apache.org/

 - Did you know that Apache Groovy is listed as one of the Top 25 programming languages on StackOverflow, and in the Top 10 of highest paid jobs? https://groovy.apache.org

 - Did you know that the new Apache Incubator logo has been announced? https://blogs.apache.org/incubator/date/20170317


Apache Community Notices:

 - "Success at Apache" is a new monthly blog series that focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk 4) Rule of the Makers https://s.apache.org/yFgQ

 - We have been chosen as a Google Summer of Code (GSoC) Mentoring Organization for the 12th consecutive year --Apache Committer Mentors wanted! https://summerofcode.withgoogle.com/organizations/5416945173135360/

 - Feedback from The Apache Software Foundation on the Free and Open Source Security Audit (FOSSA) https://s.apache.org/romf

 - ASF Operations Summary - Q3 FY2017 https://s.apache.org/NKFz

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - ApacheCon North America + Apache: BigData, CloudStack Collaboration Conferenxe, FlexJS Summit, Apache: IoT, and TomcatCon will be held 16-18 May 2017 in Miami http://apachecon.com/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday March 17, 2017

The Apache News Round-up: week ending 17 March 2017

Welcome Friday (happy St. Patrick's Day, Evacuation Day, Liberalia, and other celebrations)! The global Apache community have been busy this week on:

ASF Board –management and oversight of the business and affairs of the corporation in accordance with the Foundation's bylaws.
 - ASF Operations Summary - Q3 FY2017 https://s.apache.org/NKFz
 - Next Board Meeting: 15 April 2017. Board calendar and minutes available at http://apache.org/foundation/board/calendar.html

ASF Infrastructure –our distributed team on four continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield stable performance at 97.23%% uptime http://status.apache.org/

ApacheCon™ –Tomorrow's Technology Today. https://s.apache.org/F7Hy
 - Conference schedule announced https://blogs.apache.org/conferences/entry/apachecon-tomorrow-s-software-today
 - Introducing a new level of ApacheCon sponsorship: the Apache Community Sponsor http://events.linuxfoundation.org/events/apachecon-north-america/sponsors/community-sponsor

Apache Beam™ –a programming model, SDKs, and runners for defining and executing data processing pipelines.
 - Apache Beam 0.6.0 released https://beam.apache.org/get-started/downloads/

Apache Commons™ Text –Open Source software library provides a host of algorithms focused on working with strings and blocks of text.
 - Apache Commons Text 1.0 released http://commons.apache.org/proper/commons-text/download_text.cgi

Apache Commons™ CLI –provides a simple API for presenting, proecessing and validating a command line interface.
 - Apache Commons CLI 1.4 released http://commons.apache.org/proper/commons-cli/download_cli.cgi

Apache Flex™ –a highly productive, Open Source application framework for building and maintaining expressive applications that deploy consistently on all major browsers, desktops, and devices.
 - Apache Flex 4.16.0 released http://flex.apache.org/download-source.html

Apache log4net™ –a tool to help the programmer output log statements to a variety of output targets.
 - Apache log4net 2.0.8 released https://logging.apache.org/log4net/download_log4net.cgi

Apache PDFBox™ –an Open Source Java tool for working with PDF documents.
 - Apache PDFBox 2.0.5 released http://pdfbox.apache.org/download.cgi

Apache Phoenix™ –enables OLTP and SQL-based operational analytics for Apache Hadoop
 - PhoenixCon 2017 is a go! https://www.eventbrite.com/e/phoenixcon-2017-tickets-32872245772

Apache Qpid™ –implements the latest AMQP specification, the first open standard for enterprise messaging, and provides transaction management, queuing, distribution, security, management, clustering, federation and heterogeneous multi-platform support and a lot more.
 - Apache Qpid Proton-J 0.18.0, Qpid JMS 0.21.0 and Qpid Python 1.36.0 released http://qpid.apache.org/download.html

Apache Struts™ –an elegant, extensible framework for creating enterprise-ready Java Web applications.
 - Apache Struts 2.5.10.1 GA with Security Fix released http://struts.apache.org/download.cgi#struts25101

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and Java Authentication Service Provider Interface for Containers technologies.
 - CVE-2016-8747 Apache Tomcat Information Disclosure http://mail-archives.apache.org/mod_mbox/www-announce/201703.mbox/%3Cecff584e-ce32-e4c3-968f-441f887a75fe%40apache.org%3E
 - Apache Tomcat 6.0.51 released http://tomcat.apache.org/download-60.cgi
 - Apache Tomcat 7.0.76 released http://tomcat.apache.org/download-70.cgi
 - Apache Tomcat 8.0.42 and 8.5.12 released http://tomcat.apache.org/download-80.cgi
 - Apache Tomcat 9.0.0.M18 released http://tomcat.apache.org/download-90.cgi

Did You Know?

 - Did you know that when you shop at smile.amazon.com, a portion of your order is donated to the ASF? 

 - Did you know that Sweden's Helge Library, containing 1 million books, uses Apache Wicket? http://wicket.apache.org/

 - Did you know that ZÜCA luggage's digital commerce platform is powered by Apache OFBiz? http://ofbiz.apache.org/


Apache Community Notices:

 - "Success at Apache" is a new monthly blog series that focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk 4) Rule of the Makers https://s.apache.org/yFgQ

 - We have been chosen as a Google Summer of Code (GSoC) Mentoring Organization for the 12th consecutive year --Apache Committer Mentors wanted! https://summerofcode.withgoogle.com/organizations/5416945173135360/

- Feedback from The Apache Software Foundation on the Free and Open Source Security Audit (FOSSA) https://s.apache.org/romf

 - ASF Operations Summary - Q2 FY2017 https://s.apache.org/oTOF

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - ApacheCon North America + Apache: BigData, CloudStack Collaboration Conferenxe, FlexJS Summit, Apache: IoT, and TomcatCon will be held 16-18 May 2017 in Miami http://apachecon.com/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday March 10, 2017

The Apache News Round-up: week ending 10 March 2017

And it's Friday already! Here's what the Apache community have been working on this week:

ASF Board –management and oversight of the business and affairs of the corporation in accordance with the Foundation's bylaws.
 - ASF Operations Summary - Q3 FY2017 https://s.apache.org/NKFz
 - Next Board Meeting: 15 March 2017. Board calendar and minutes available at http://apache.org/foundation/board/calendar.html

Success at Apache –our fourth installment in the new monthly blog series that focuses on the processes behind why the ASF "just works".
 - Rule of the Makers by Nick Kew https://s.apache.org/yFgQ

ASF Infrastructure –our distributed team on four continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield reliable performance at 99.80% uptime http://status.apache.org/

ApacheCon™ –Tomorrow's Technology Today. https://s.apache.org/F7Hy
 - Conference schedule announced https://blogs.apache.org/conferences/entry/apachecon-tomorrow-s-software-today
 - Introducing a new level of ApacheCon sponsorship: the Apache Community Sponsor http://events.linuxfoundation.org/events/apachecon-north-america/sponsors/community-sponsor
 - Early registration and hotel incentives end 12 March http://events.linuxfoundation.org/events/apachecon-north-america | Apache Committers: register using your apache.org email + discount code to save even more.

Apache Curator™ –Java libraries that make using Apache ZooKeeper much easier and more reliable.
 - Apache Curator 2.12.0 and 3.3.0 released http://www.apache.org/dyn/closer.cgi/curator/

Apache Ignite™ –a high-performance, integrated and distributed in-memory platform for computing and transacting on large-scale data sets in real-time, orders of magnitude faster than possible with traditional disk-based or flash-based technologies.
 - Apache Ignite 1.9.0 released https://ignite.apache.org/download.cgi

Apache Jackrabbit™ Oak – a scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Web sites and other demanding content applications.
 - Apache Jackrabbit 2.15.1 and Jackrabbit Oak 1.2.24, 1.4.14, and 1.6.1 released http://jackrabbit.apache.org/downloads.html

Apache Lucene™ –a high-performance, full-featured text search engine library written entirely in Java.
 - Apache Lucene 6.4.2 released http://www.apache.org/dyn/closer.lua/lucene/java/6.4.2
 - Apache Solr 6.4.2 released http://lucene.apache.org/solr/mirrors-solr-latest-redir.html

Apache Struts™ –an elegant, extensible framework for creating enterprise-ready Java Web applications.
 - Apache Struts 2.5.10.1 GA with Security Fix released http://struts.apache.org/download.cgi#struts25101

Apache UIMA™ –Unstructured Information Management Architecture is a component framework supporting development, discovery, composition, and deployment of multi-modal analytics tasked with the analysis of unstructured information.
 - Apache UIMA Ruta 2.6.0 released http://uima.apache.org/ruta.html


Did You Know?

 - Did you know that you can see how Apache code has evolved over the past year at https://projects.apache.org/statistics.html ?

 - Did you know that we have been chosen as a Google Summer of Code (GSoC) Mentoring Organization for the 12th consecutive year? Apache Committer Mentors wanted! https://summerofcode.withgoogle.com/organizations/5416945173135360/

 - Did you know that the first ASF Committer Diversity Survey (2016) and its results can be found at https://s.apache.org/43aW ?


Apache Community Notices:

 - "Success at Apache" is a new monthly blog series that focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk 4) Rule of the Makers https://s.apache.org/yFgQ

 - Feedback from The Apache Software Foundation on the Free and Open Source Security Audit (FOSSA) https://s.apache.org/romf

 - ASF Operations Summary - Q2 FY2017 https://s.apache.org/oTOF

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - ApacheCon North America + Apache: BigData, CloudStack Collaboration Conferenxe, FlexJS Summit, Apache: IoT, and TomcatCon will be held 16-18 May 2017 in Miami http://apachecon.com/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

 - Show your support for Apache with ASF-approved swag from http://www.zazzle.com/featherwear and http://s.apache.org/landsend --all proceeds benefit the ASF! 

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

The Apache Software Foundation Operations Summary: November 2016 - January 2017

FOUNDATION OPERATIONS SUMMARY

Third Quarter, Fiscal Year 2017 (November 2016 - January 2017)

"The Apache Software Foundation (ASF) is one of the most important and influential players in the modern open-source software development community."
--Sean M. Kerner, eWeek

> President's Statement: We now have an approved FY17 budget, and are working on a five year projection. While things remain running smoothly, the rapid growth of the Foundation has finally reached a point where expenditures are out-pacing income. This doesn't pose any short term problems as we have adequate financial reserves, but it does mean that we need a bit more financial discipline and an increased focus on fundraising. Meanwhile, the Infrastructure team continues to focus on retiring technical debt and is exploring moving services off of ASF-owned hardware. These efforts should, over time, decrease the rate of increase of expenditures in what remains our largest budget line item.

In parallel, brainstorming has begun on fundraising activities. We are exploring ways to be more proactive, and ways to provide more value to Sponsors.

While we remain in a very healthy financial position, it never hurts to take the opportunity to ask for your support. As an individual you can donate to the Foundation http://www.apache.org/foundation/contributing.html, as a corporation you can become a Sponsor http://www.apache.org/foundation/sponsorship.html .

> Conferences and Events: ApacheCon Europe, and Apache: Big Data Europe were held in Seville, Spain, 14-18 November 2016, and were attended by 550 Apache enthusiasts. Many of our projects were represented in these days of technical presentations, keynotes, and unconference BarCamp events. Presentations at the event were recorded, and are posted to Feathercast.org. Presentation slides from the talks may be found at http://events.linuxfoundation.org/events/apache-big- data-europe/program/slides . As at past events, the Travel Assistance Committee (TAC) was able to bring attendees to ApacheCon who would otherwise have been unable to attend. We want to extend a big thank you to the sponsors of these events, and look forward to seeing you at future events. ApacheCon and Apache Big Data will return to North America in 2017, at the Miami Intercontinental, 15-19 May 2017.

ApacheCon has been divided into several topic-specific tracks, for better targeting of audiences. These events are:

Admission to any of these events also grants you access to all of the others.  Further details about the event may be found at http://apachecon.com/ . Sponsorship opportunities are available for these events; see http://apachecon.com/sponsor/ to find out more. Applications for Travel Assistance must be received by March 8th; information is available at https://www.apache.org/travel/#apachecon-and-apache-big-data-north-america-miami-florida-15th-19th-may-2017 . We still need to work on actively increasing attendance, and are currently working on a range of ideas to aimed at increasing participation and attendance. ApacheCon NA Miami will be used to trial some of these new initiatives.

Meanwhile, we continue, as a larger community, to plan and attend an enormous number of meetups and other small events. You can see the weekly list of meetups at http://apache.org/events/meetups.html or by searching for your favorite Apache project on meetup.com.

> Community Development: A key discussion topic this quarter was about re-defining the goal of Apache Community Development. The project was established with the very flexible description of 'helping people to become involved with Apache projects'. In the past it has been difficult to manage and co-ordinate activities without a central or integrated plan. In order to improve this we are now working on defining strategies and plans that will better focus effort in a more cohesive way.

During November and early December we ran our first ever Diversity Survey of Apache Committers. Participation was completely voluntary. In total we received 765 responses (out of a 5,861 committer base at the time the survey was run) which was approx 13% response rate. The survey also received feedback in the form of comments. Our next steps will be to analyse the information and identify any Community Development related actions. Details of the the survey and its results can be found at https://s.apache.org/43aW

A lot of activity was spent this quarter preparing for FOSDEM, an annual event that is held in Brussels, Belgium, and draws 5,000-7,000 people. The ASF was allocated a booth for the second consecutive year which was staffed by a team of volunteers. We used the opportunity to showcase specific projects and talk generally about the ASF with attendees. A new banner featuring all the current Apache project logos was very useful in raising brand awareness as many attendees knew our project names but had not associated them with Apache. This means that there is more work to be done in reinforcing the ASF brand externally.

Another discussion this quarter was around ASF involvement in Google Summer of Code (GSoC) and how we might be able to gather data and statistics that show more clearly how GSoC benefits our projects and communities. We will continue to help co-ordinate efforts to look at ways that this type of data could be collected.

Our Community Development Blog was relaunched in November and we have published 2 further monthly updates https://blogs.apache.org/comdev/ . The aim is to provide simple regular updates to keep people informed about the key things that are happening or planned. Our mailing list traffic has significantly increased this quarter and is a good reflection of the active involvement and discussions that are happening.

> Committers and Contributions: Over the past quarter, 1,616 contributors committed 49,112 changes that amount to 13,837,582 lines of code across Apache projects. The top 5 contributors during this timeframe are: Shad Storhaug (1,217 commits), Dan Kirkwood (732 commits), Claus Ibsen (691 commits), Sebastian Bazley (665 commits), and Mark Thomas (561 commits).


The ASF Secretary processes new Apache Committers' paperwork so that they can continue contributing to our projects. All individuals who are granted write access to the Apache repositories must submit an Individual Contributor License Agreement (ICLA). Corporations that have assigned employees to work on Apache projects as part of an employment agreement may sign a Corporate CLA (CCLA) for contributing intellectual property via the corporation. Individuals or corporations donating a body of existing software or documentation to one of the Apache projects need to execute a formal Software Grant Agreement (SGA) with the ASF. 

During this timeframe, the Secretary processed 226 ICLAs, 10 CCLAs, and 13 Software Grants. The activity of Apache committers, and the community of contributors they serve, can be seen at http://status.apache.org/#commits

> Brand Management: Over the past few years, the Brand Management committee has been working on a comprehensive set of trademark policies and procedures to help our volunteer-run communities best protect their shared brand of Apache project independence. During the holiday lull at the end of the year, we've worked on drafting policies for use of Apache brands in services and hosting, as well as detailed policies for producing merchandise (apparel, stickers, and non-computer goods) using any Apache project's names or logos. This is timely, as a number of apparel vendors have approached us recently for licensing agreements. These products can both provide a way for people to show support for Apache projects, as well as donations of profits from the vendors.

All of the ASF's education and policies around trademark law for Open Source as well as brand management is published online, and we urge project participants and software vendors alike to review and ask us questions about them: http://www.apache.org/foundation/marks/resources

On the registration front, we are facing more potential conflicts with the few projects that request registrations than in the past. The limitations of having a volunteer-run organization with nearly 200 active projects means that managing which registrations to fight for is still a complex problem to work through.

As more Apache brands and projects power more business every year, we look to the many companies that profit from Apache software products to help respect Apache brands. We very much appreciate the companies that pass on their trademark registrations with incoming donations of podlings joining the Incubator. Having existing registrations makes the trademark management process simpler for the ASF.

While many companies continue to properly give credit to our volunteer communities, sadly some companies continue to --or have started to-- take advantage of our non-profit work by unfairly co-opting Apache project brands or by interfering with Apache project governance. Reviewing and correcting these mis-uses is an ongoing effort for the ASF Board, the Brand Management Committee, and all Apache projects.

The Apache Brand Management team welcomes your questions on our private email list: trademarks@apache.org

> Legal Affairs: Through business-friendly licensing and rigorous IP handling, the ASF strives to ensure that our projects' releases are as clean and user-friendly as possible from a legal standpoint. Downstream consumers should be able to integrate works published by ASF projects with high confidence and minimal effort.

The JSON license augments the widely-used MIT license with a single phrase: "The Software shall be used for Good, not Evil."  That's probably a joke.  But what if someone takes it seriously and presses a case?  Even if it can be argued that the risk is remote, the cost of assessing that risk imposes a burden on users. 

Legal Affairs is where our communities come to resolve difficult and subtle issues like this.  Longtime contributor Ted Dunning brought a compelling case against the JSON license to Legal Affairs, and our projects are now banned from incorporating dependencies which use it.

The winners are our users, who won't have to spend time and treasure figuring out what the JSON license means for them.

> Infrastructure: The Infrastructure team and its volunteers have continued their work to build and maintain the systems used by the hundreds of projects, and thousands of active volunteers working under the ASF umbrella. We've seen 10 new contributors this quarter to our Puppet codebase, accounting for roughly 40% of our contributor base. 88 people were new to creating or solving issues, and two of these people also turned into infrastructure code contributors.

Our new teammates, Freddy Barboza and Chris Thistlethwaite, have spent the quarter working hard to learn the multitude of systems and the deep corners of the infrastructure that run the ASF. They are bringing some much-needed hands to support the work of our projects. They have had some hard work over the past quarter, but they have become an integral part of the Infrastructure team.

We saw 580 issues opened during the quarter and 555 closed, leaving us with a net increase of a couple dozen issues. On the whole, the SLA for tickets have been improving steadily as a result of onboarding new staff, and continues to improve. 76 people helped close issues pertaining to infrastructure tasks. Last quarter, we had a similar net increase of a couple dozen issues, but we expect this change rate to diminish as our team and volunteers get better acquainted with approaching and maintaining our array of services.

Our uptime during the quarter had a slight uptick, compared to the previous quarter. We hit an uptime of 99.77% across all of our services. We demand 99.50% for our most critical systems, and less for the others, so we're quite happy to (again) hit the targets needed to support the ASF ecosystem. We had a significant hardware failure on the machine that ran our Moin wiki service, but the team was able to quickly provision, Puppet-ize, and move the service to a new machine.

We had a similar problem with the hardware running Jira, but had thankfully used Puppet to provision that service, so our move was greatly simplified. We have continued with the work, as reported last quarter, to move off of ASF-owned hardware to cloud-provisioned servers. This reduces our hardware maintenance costs, improves our flexibility, and detaches us from critical hardware failure.

The Infrastructure team will be continuing our work on shifting to Puppet for our various systems, and moving those services from our hardware into cloud-based servers. We should complete this work in 2017 and will examine our next moves for service provision.

> Financial Statement:

ASFFinancialStatement-Q3FY2017


> Fundraising:
 It is most appropriate to start the ASF Fundraising report with our most sincere thanks to our Sponsors for their generosity and continued support. Fundraising operates normally, at the same level as in previous quarters, with the VP of Fundraising continuing outreach activities. Conversations with current and potential Sponsors indicate that the ASF and its commitment to providing Open Source technologies to the public at large is strongly supported by Sponsors and the industry at-large.

With the Foundation and the number of projects governed growing, there is a higher need for scaling the services provided by the ASF to its projects. This quarter we started to look at new ideas for improving the Sponsorship program. This effort will continue and we expect implementing changes starting next quarter. Currently most of the Sponsorship funds come from sponsors' marketing budgets. Since ASF Open Source technologies benefit products and operations, we are looking into ways to appeal more to R&D, development and IT budgets and increase the number of our sponsors.

Currently we are enjoying the support of the following Sponsors: 7 Platinum Sponsors: Cloudera, Facebook, Google, LeaseWeb, Microsoft, Pivotal, and Yahoo; 9 Gold Sponsors: ARM, Bloomberg, Comcast, Hewlett Packard, Hortonworks, Huawei, IBM, ODPi, and PhoenixNAP; 14 Silver Sponsors: Alibaba Cloud Computing, Budget Direct, Capital One, CashStore, Cerner, Confluent, InMotion Hosting, iSIGMA, Private Internet Access, Produban, Red Hat Software, Serenata Flowers, Target, and WANdisco; 21 Bronze Sponsors: Airport Rentals, Basis Technology, Binary Option Robot Info, Bluehost, 01Casinos, Casino2k, ChameleonJohn Coupons, Cloudsoft Corporation, Compoare Forex Brokers, HostingAdvice.com, PromoCodeWatch, Samsung, 7 Binay Options, Stags and Hens, Talend, The Linux Foundation, Tobi, Travel Ticker Hotels, Twitter, Web Hosting Secret Revealed, and WebsiteSetup; and 11 Infrastructure Sponsors: OSU Open Source Labs, No-IP, Symantec, Rackspace, Quenda, PagerDuty, Bintray, SURFnet, Sonatype, Freie Universitat Berlin, and HotWax Systems.

We again want to express our deepest gratitude to our generous sponsors along with our promise to continue to strive for excellence.

# # #

Report prepared by Sally Khudairi, Vice President Marketing & Publicity, with contributions by Sam Ruby, ASF President; Rich Bowen, Vice President Conferences; Sharan Foga, ASF Member; Marvin Humphrey, Vice President Legal Affairs; Shane Curcuru, Vice President Brand Management; Greg Stein, ASF Infrastructure Administrator; Tom Pappas, ASF Member and Vice President, Finance & Accounting at Virtual, Inc.; and Hadrian Zbarcea, Vice President Fundraising.

For more information, subscribe to the announce@apache.org mailing list and visit http://www.apache.org/, the ASF Blog at http://blogs.apache.org/, the @TheASF on Twitter, and https://www.linkedin.com/company/the-apache-software-foundation.

(c) The Apache Software Foundation 2017.

Monday March 06, 2017

Success at Apache: Rule of the Makers.

By Nick Kew

I started working on a range of Web applications in the 1990s, the first of them internal to my (then) workplace where it provided an operator interface to the daily processing, archiving and distribution of satellite image data; the second a forerunner of what is now called social media, and my first use of an Apache server. The release of Apache HTTPD 2.0 drew me from server user to developer: in part because I needed to re-implement some existing functions, but more excitingly because I saw tremendous potential for the server itself to become a powerful applications platform. This led me to working on the core software and interacting with the Apache community alongside releasing my own modules and documentation. In 2003 I gave my first ApacheCon presentation, and sometime after that was invited into the Foundation first as a Committer, and became a Member in 2005. Since then my interests have encompassed not just the Web server and related projects, but also the Apache community and its dynamics. I’ve been involved in mentoring several projects through the Incubator. If you were to ask me today about the single goal I’d most like to accomplish, it’s a framework for Identity management that is not merely cryptographically strong, but sufficiently straightforward for the world to use, and robust against social engineering attacks such as phishing, while at the same time free of any centralised authority (such as government) whose motives might come under suspicion. An end to identity fraud, and to password management nightmares.

Much has been said and written about The Apache Way [1]. It typically focusses on the importance of community, and on the democratic and meritocratic elements of project governance. And on the role of an Apache project's formal governing body, the Project Management Committee (PMC), comprising contributors elected by the community on the basis of their track record of contributions and constructive engagement.

In practice, the role of the PMC is largely reactive. The big, interesting questions like "what direction does our project go from here" are discussed in public, where inputs from the wider community are welcomed. A lot of the nitty-gritty detail is determined by the needs of the community as measured by feedback received and seen, and by the needs of individual developers. The latter is often described as "scratch your own itch".

Setting aside the purely reactive, the detail of what actually happens is often determined as much by what a developer is prepared to work on than by any grand plan. If you do the work, then you control what happens. If you need something, you go ahead and make it happen. This has occasionally been described by a clumsy English-Greek hybrid word "do-ocracy". In the hope that it's not too late to nip that in the bud before it becomes as ubiquitous as the Greek/Latin hybrid of which CP Scott memorably told us no good would come [2], I shall instead call it Pratocracy. Rule of the Makers. It applies both within an Apache core team and in the broader community.

So how does a Pratocratic project work?  How does it avoid the chaos of a Tower of Babel?  How does it remain cohesive and focussed? And if an Apache project looks like a good basis for your company's needs, how best can you work with the Pratocracy towards your goals?

Taking the first question first, how does the Pratocracy work? Eric Raymond proposed the contrast of the Cathedral vs the Bazaar: the autocracy of the traditional project vs a free ecosystem. The Bazaar ecosystem is essentially Darwinian, in that the strongest projects prosper and evolve, while a Long Tail go nowhere very much and are forgotten as their authors move on to new things.

The Apache processes are all about ensuring our projects are fit to be among the winners in that ecosystem. An Apache project is a graduate of an incubation process [3] that requires it to build a broad development community, with sufficient diversity to survive the loss not merely of a key individual, but even of a key company team that might have been the originators of the project. The key principle is that if the community is healthy, the software will follow.

Thus the context of the Pratocracy is selective: it is the well-known Meritocracy element of Apache. Members of the core community are elected based on demonstrated commitment to the project. That means they understand the distinction between Apache work and company work, and are comfortable holding multiple allegiances and avoiding or resolving potential conflicts between them.

So, to the crucial question. Suppose I have identified an Apache project that doesn't fully meet my company's needs, but is the ideal starting point for our project. How do I best work with the Pratocracy to make it happen?

Let's consider some possible approaches:
  1. Ask via the development list and issues database.
  2. Approach developers individually to discuss the project.
  3. Just go ahead with the company's in-house developers.

Each of these approaches has merit in its own right. But in many cases, the ideal approach will encompass all the above. In an Apache community, the whole is greater than the sum of the parts. The closer you can work with the community, the more benefits you stand to derive, particularly if your project finds itself wanting to integrate more deeply with the Apache project than is provided for in stable public interfaces, when the alternative to working within the Community is a patched core and the risk of a maintenance nightmare. On the other hand, there are good and bad ways to engage with an Apache community: the right approach can make all the difference to the benefits you can derive from it.

First, it's always worth asking about your needs. Post a question about your requirements to the project's lists, or issues database. Engage in discussion. It may be that someone somewhere has already done the work, or that it's closely aligned with someone's work-in-progress. Even if you draw a blank, it's a start to engaging with the community.

Approaching individuals is most likely to be appropriate if you're looking to hire in expertise. General questions are likely to be redirected to public support fora, but some Apache developers work as consultants and may welcome a professional approach. They can help you figure out the best way to proceed, both technically and in terms of working with the Apache community. But bear in mind the potential for conflicts of interest. If you want your work to happen within the Apache project, your consultant will want to be satisfied that you and your project are indeed a good fit, and won't cause trouble such as unmaintainable software down the line. And of course, any NDA should make it clear you're not laying claim to the consultant's regular Apache work!

If you have the in-house developers for it, you might just task them to go ahead with the work. That's easiest when you can work with public, stable interfaces of the Apache project, harder and messy if you have to hack into the core. When you start that work, the Apache community becomes your team's best resource, so if your developers are any good (and not cowed into keeping their heads down and never talking to outsiders) they'll be interacting with the Apache community as they go along.

Now you're participating in the Pratocracy, albeit (usually) outside the core community. You have something to offer. If you share it with Apache, members of the Apache community will take a look, and may get involved. At best this can lead to a virtuous circle where your developers not merely benefit from the Apache team, but contribute to it, and earn themselves the merit to be invited to join. But this is by no means automatic: both developers and their managers need to be able to see outside corporate control structures. Crucially, individual developers have to be comfortable separating out their Apache hats from their professional allegiances, which means managers have to allow that to happen. But don't try to manage such a process from above: that's herding cats. Just facilitate!

That probably means that at some stage you'll have to sit down with the team and fix boundaries: what belongs in the Apache project vs what belongs in your company's own space. It helps immensely with developers' confidence if they're not forever looking over their shoulders and wrestling with ambiguity. This may be obvious if your project isn't destined to be shared openly with the world, but it's a discussion worth having even if everything is Apache-licensed. In the latter case, the boundaries will focus on what your company expects to sell and/or support commercially and wants to maintain full control on, vs what passes out of your direct control.

Even if your company merely clones or mirrors the Apache project and contributes everything, you'll want to separate out matters of your business model, and customer-facing vs Apache-facing matters.

Note that it's easy to get this kind of thing wrong. Something we sometimes see at Apache is developers who've been told by their managers to join an Apache community, but have no specific tasks and no motivation. That becomes painfully obvious, and leads nowhere useful.
The right approach is to give your developers real-world tasks and let them come to the Apache community - if their course takes them that way - in their own time. If close interaction with the Apache project is an important goal, you may want to approach and maybe hire individual developers having a strong track record with Apache or comparable Open Source environments.

To conclude, let's consider a real-world example from my own experience with HTTPD (the Web server still commonly called "Apache") and APR projects. The history of SQL database integration into the Web server spans many project teams, both within and outside Apache, both corporate and community-driven. Each developer or team just went ahead with something appropriate to its time, and (at least those you or I have heard of) achieved success in their respective contexts.

In the early days, there was a Web server with no SQL support. So any application that required it had to manage its own database connections. A range of third-party modules were developed for purposes such as authentication by SQL, and logging to SQL, both with popular databases such as MySQL and PostgreSQL and in commercially-supported products with commercial databases. Generalised frameworks for Web/SQL applications were provided by scripting modules, pioneered by mod_perl, giving developers a language's own database interfaces, together with a persistent database connection. 

In time, the server and its applications outgrew this ad-hoc approach, with multi-threaded processing and multiple applications in a server. Building on a range of ideas, a native SQL database connection framework was proposed and developed, offering some major efficiency gains to applications through dynamic connection pooling and sharing. It also promoted rationalisation, so in an area like authentication, a whole raft of different database-driven modules could be replaced by a single module for generic SQL authentication. Different SQL databases are handled by per-database drivers which serve all kinds of application in the server.
This work took place within the core Apache team, and propagated more widely as others such as the scripting languages incorporated it as an option for their users. It evolved from minimalist beginnings to provide more capabilities as required by developers "scratching an itch", and has benefited from contributions of database drivers from a range of different sources.

Having said that, it remains intentionally fairly small, and won’t meet the needs of every application. Some projects continue to use SQL their own way. The fact there is now a Right Way to access SQL doesn't mean that other ways are wrong! There are still third-party projects that, for their own reasons, use other ways to access SQL. The fact that someone has done the work and met a need gives them an entirely valid niche in a Pratocratic ecosystem.

The bottom line?  Many Apache users can just use our software off-the-shelf (perhaps after asking around for solutions to problems), others may need to add significantly to it to meet their needs. If you fall into the latter camp, just go ahead and do it: you can discuss and/or share your work at any point you choose! The basic management decision is the tradeoff between control of your work and community input. Interaction with the project's core people is down to how your developers work best. If leaving that to chance is not sufficient --perhaps because you would like to influence the project's core software or introduce new APIs-- that's the point when you'll need to consider your developers' track records in community-driven Open Source, and make sure you have that expertise to hand.

[1] https://www.apache.org/foundation/how-it-works.html
[2] https://en.wikiquote.org/wiki/C._P._Scott
[3] http://incubator.apache.org/incubation/Process_Description.html

# # #

"Success at Apache" is a new monthly blog series that focuses on the processes behind why the ASF "just works":
1) Project Independence https://s.apache.org/CE0V
2) All Carrot and No Stick https://s.apache.org/ykoG
3) Asynchronous Decision Making https://s.apache.org/PMvk

Friday March 03, 2017

The Apache News Round-up: week ending 3 March 2017

Hello, March! The Apache community has had another smashing week:

ASF Board –management and oversight of the business and affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 15 March 2017. Board calendar and minutes available at http://apache.org/foundation/board/calendar.html

ASF Infrastructure –our distributed team on four continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield reliable performance at 99.80% uptime http://status.apache.org/

ApacheCon™ –Tomorrow's Technology Today. https://s.apache.org/F7Hy
 - Travel Assistance applications close 8 March https://www.apache.org/travel/
 - Schedule announced 9 March http://apachecon.com/
 - Early registration and hotel incentives end 12 March http://events.linuxfoundation.org/events/apachecon-north-america | Apache Committers: register using your apache.org email + discount code to save even more.
 - Recordings from ApacheCon Europe 2016 are being uploaded at Feathercast http://feathercast.org

Apache Accumulo™ –sorted, distributed key/value store is a robust, scalable, high performance data storage system that features cell-based access control and customizable server-side processing.
 - Apache Accumulo 1.8.1 released https://accumulo.apache.org/downloads/

Apache Any23™ –Anything To Triples (any23) is a library, a web service and a command line tool that extracts structured data in RDF format from a variety of Web documents.
 - Apache Any23 2.0 released http://any23.apache.org/download.html

Apache Groovy™ –a multi-facet programming language for the JVM.
 - Apache Groovy 2.4.9 released http://www.groovy-lang.org/download.html

Apache jclouds™ –an Open Source multi-cloud toolkit for the Java platform that gives you the freedom to create applications that are portable across clouds while giving you full control to use cloud-specific features.
 - Apache jclouds 2.0.1 released http://www.apache.org/dyn/closer.lua/jclouds

Apache Jackrabbit™ –a fully compliant implementation of the Content Repository for Java Technology API, version 2.0 (JCR 2.0) as specified in the Java Specification Request 283 (JSR 283).
 - Apache Jackrabbit 2.8.5 released http://jackrabbit.apache.org/downloads.html

Apache Kafka™ –a distributed, fault tolerant, publish-subscribe messaging.
 - Apache Kafka 0.10.2.0 released https://www.apache.org/dyn/closer.cgi?path=/kafka/0.10.2.0/kafka-0.10.2.0-src.tgz

Apache Log4j™ –a well known framework for logging application behavior.
 - Apache Log4j 2.8.1 released https://logging.apache.org/log4j/2.x/

Apache NiFi™ –an easy to use, powerful, and reliable system to process and distribute data.
 - Apache NiFi 0.7.2 and 1.1.2 released https://nifi.apache.org/download.html

Apache Tomcat™ Native Library –provides portable API for features not found in contemporary JDK's.
 - Apache Tomcat Native 1.2.12 released http://tomcat.apache.org/download-native.cgi

Apache Yetus™ –a collection of libraries and tools that enable contribution and release processes for software projects.
 - Apache Yetus 0.4.0 released https://yetus.apache.org/downloads/

Did You Know?

 - Did you know that the npm registry, with over 100,000,000,000 package downloads, is powered by Apache CouchDB? http://couchdb.apache.org/

 - Did you know that the following Apache projects are celebrating their anniversaries this month? Apache mod_perl (17 years); Maven (14 years); Struts (13 years); Jackrabbit (11 years); Archiva (9 years); UIMA (7 years); Accumulo, Lucy, and Sqoop (5 years); Bloodhound, CloudStack, and cTAKES (4 years); and Allura, Olingo, and Tajo (3 years)? Many happy returns! https://projects.apache.org/committees.html?date

 - Did you know that Monsanto uses Apache Kafka to update 1M nodes in 90 seconds? http://kafka.apache.org/


Apache Community Notices:

 - "Success at Apache" is a new monthly blog series that focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk

 - Feedback from The Apache Software Foundation on the Free and Open Source Security Audit (FOSSA) https://s.apache.org/romf

 - ASF Operations Summary - Q2 FY2017 https://s.apache.org/oTOF

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - ApacheCon North America + Apache: BigData, CloudStack Collaboration Conferenxe, FlexJS Summit, Apache: IoT, and TomcatCon will be held 16-18 May 2017 in Miami http://apachecon.com/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

 - Show your support for Apache with ASF-approved swag from http://www.zazzle.com/featherwear and http://s.apache.org/landsend --all proceeds benefit the ASF! 

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday February 24, 2017

The Apache News Round-up: week ending 24 February 2017

It's the last Friday in February, and we've had another smashing week:

ASF Board –management and oversight of the business and affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: rescheduled to 27 February 2017. Board calendar and minutes available at http://apache.org/foundation/board/calendar.html

Community over Code --we have passed the 6,000 Apache Committer mark! https://projects.apache.org/timelines.html

Apache Incubator --the hub of innovation for projects and communities intending to become fully-fledged projects under the auspices of the ASF.
 - Welcome new podlings --http://incubator.apache.org/
   - Gobblin: a distributed data integration framework that simplifies common aspects of Big Data integration such as data ingestion, replication, organization and lifecycle management for both streaming and batch data ecosystems.
   - MXNet: a Flexible and Efficient Library for deep learning.
   - Ratis: a Java implementation for RAFT consensus protocol.
 - Community Voting now underway for new Incubator logo http://incubator.apache.org/2017-logo-contest.html

ASF Infrastructure –our distributed team on four continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield solid performance at 99.85% uptime http://status.apache.org/

ApacheCon™ –Tomorrow's Technology Today. https://s.apache.org/F7Hy
 - North America/MIA overview: 15 May - BarCamp Apache | 16-18 May - ApacheCon Core (DevOps, Servers, Web Frameworks, etc.) + Apache: Big Data, CloudStack Collaboration Conference, FlexJS Summit, Apache: IoT, TomcatCon, and more http://apachecon.com/
 - Travel Assistance applications close 8 March https://www.apache.org/travel/
 - Early registration and hotel incentives end 12 March http://events.linuxfoundation.org/events/apachecon-north-america | Apache Committers: register using your apache.org email + discount code to save even more.
 - Recordings from ApacheCon Europe 2016 are being uploaded at Feathercast http://feathercast.org

Apache Attic –provides process and solutions to make it clear when an Apache project has reached its end of life.
 - Apache Stratos retired http://mail-archives.apache.org/mod_mbox/www-announce/201702.mbox/%3CCALGG8z3ZAD6jO%3D_X5atr0E5DPbPYeSgZh8pG3u_Kcae4oPv%2Bmw%40mail.gmail.com%3E

Apache Arrow™ –a columnar in-memory analytics layer designed to accelerate Big Data.
 - Apache Arrow 0.2.0 released https://dist.apache.org/repos/dist/release/arrow/

Apache Bahir™ –extensions to distributed analytic platforms such as Apache Spark.
 - Apache Bahir 2.1.0 released http://bahir.apache.org

Apache Commons™ Validator –provides the building blocks for both client side validation and server side data validation.
 - Apache Commons Validator 1.6 released http://commons.apache.org/proper/commons-validator/download_validator.cgi

Apache Jackrabbit™ –a fully compliant implementation of the Content Repository for Java Technology API, version 2.0 (JCR 2.0) as specified in the Java Specification Request 283 (JSR 283).
 - Apache Jackrabbit 2.8.5 released http://jackrabbit.apache.org/downloads.html

Apache Kafka™ –a distributed, fault tolerant, publish-subscribe messaging.
 - Apache Kafka 0.10.2.0 released https://www.apache.org/dyn/closer.cgi?path=/kafka/0.10.2.0/kafka-0.10.2.0-src.tgz

Apache Lucene™ Solr –the popular, blazing-fast, open source enterprise search platform built on Apache Lucene.
 - Apache Solr Reference Guide for Solr 6.4 released https://dist.apache.org/repos/dist/release/lucene/solr/ref-guide/apache-solr-ref-guide-6.4.pdf

Apache Mynewt (incubating) –a community-driven module OS for constrained, embedded applications.
 - Apache Mynewt 1.0.0-b2-incubating released http://www.apache.org/dyn/closer.lua/incubator/mynewt/apache-mynewt-1.0.0-b2-incubating

Apache RocketMQ (incubating) –a fast, low latency, reliable, scalable, distributed, easy to use message-oriented middleware, especially for processing large amounts of streaming data.
 - Apache RocketMQ 4.0.0 incubating released https://www.apache.org/dyn/closer.cgi?path=incubator/rocketmq/4.0.0-incubating


Did You Know?

 - Did you know that over the past week 7% of all Apache code contributions were made by someone new to the ASF? http://community.apache.org/

 - Did you know that British Gas Connected Home manages its IoT data using Apache Cassandra, Kafka, and Spark? http://cassandra.apache.org/http://kafka.apache.org/http://spark.apache.org

 - Did you know that we'd love to hear how you #LoveApache? Feedback welcome! https://twitter.com/TheASF/status/831134005105979396


Apache Community Notices:

 - "Success at Apache" is a new monthly blog series that focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk

 - Feedback from The Apache Software Foundation on the Free and Open Source Security Audit (FOSSA) https://s.apache.org/romf

 - ASF Operations Summary - Q2 FY2017 https://s.apache.org/oTOF

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - ApacheCon North America + Apache: BigData, CloudStack Collaboration Conferenxe, FlexJS Summit, Apache: IoT, and TomcatCon will be held 16-18 May 2017 in Miami http://apachecon.com/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

 - Show your support for Apache with ASF-approved swag from http://www.zazzle.com/featherwear and http://s.apache.org/landsend --all proceeds benefit the ASF! 

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday February 17, 2017

The Apache News Round-up: week ending 17 February 2017

We've had another cracking week at the ASF. Let's take a peek at what happened:

ASF Board –management and oversight of the business and affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: rescheduled to 27 February 2017. Board calendar and minutes available at http://apache.org/foundation/board/calendar.html

Community over Code --we have just passed the 6,000 Apache Committer mark! https://projects.apache.org/timelines.html

ASF Infrastructure –our distributed team on four continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield "three nines" performance at 99.96% uptime http://status.apache.org/

ApacheCon™ –Tomorrow's Technology Today. https://s.apache.org/F7Hy
 - Travel Assistance applications close 8 March https://www.apache.org/travel/
 - Early registration and hotel incentives end 12 March http://events.linuxfoundation.org/events/apachecon-north-america
 - NEW: BarCamp Apache will be held on 15 May --be sure to plan your travels accordingly!
 - Apache Committers: remember to register using your apache.org address + discount code to save even more!
 - Recordings from ApacheCon Europe 2016 are being uploaded at Feathercast http://feathercast.org

Apache Geode™ –a data management platform that provides a database-like consistency model, reliable transaction processing and a shared-nothing architecture to maintain very low latency performance with high concurrency processing.
 - Apache Geode 1.1.0 released http://geode.apache.org/releases/

Apache Jena™ –an Open Source Java-based framework for building Semantic Web and Linked Data applications.
 - Apache Jena 3.2.0 released with Fuseki 2.5.0 http://jena.apache.org/download/

Apache Lucene™ –a high-performance, full-featured text search engine library written entirely in Java.
 - Apache Lucene 5.5.4 released http://www.apache.org/dyn/closer.lua/lucene/java/5.5.4
 - Apache Solr 5.5.4 released http://www.apache.org/dyn/closer.lua/lucene/solr/5.5.4
 - CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack http://mail-archives.apache.org/mod_mbox/www-announce/201702.mbox/%3C73692BD4-E68A-48AC-895D-4A84B3EA4EF6%40apache.org%3E

Apache MyFaces™ Tobago –standards-based Open Source components library allows developers to quickly and easily create business Web applications without worrying about technical details.
 - The Apache Software Foundation Announces Apache® MyFaces™ Tobago 3 https://s.apache.org/2rTG

Apache OpenMeetings™ –provides video conferencing, instant messaging, white board, collaborative document editing and other groupware tools using API functions of the Red5 Streaming Server for Remoting and Streaming.
 - Apache OpenMeetings 3.2.0 released http://openmeetings.apache.org/downloads.html

Apache SINGA (incubating) –a general distributed deep learning platform for training big deep learning models over large datasets.
 - Apache SINGA 1.1.0 released http://singa.apache.org/en/downloads.html

Apache Storm™ –a distributed, fault-tolerant, and high-performance realtime computation system that provides strong guarantees on the processing of data.
 - Apache Storm 1.0.3 released http://storm.apache.org/downloads.html

Apache Traffic Server™ –a high-performance Web proxy cache that improves network efficiency and performance by caching frequently-accessed information at the edge of the network.
 - Apache Traffic Server 6.2.1 released http://trafficserver.apache.org/downloads


Did You Know?

 - Did you know that over the past 5 days there were 119,591 downloads of #Apache source distributions from 173 countries? 

 - Did you know that standalone tracks taking place alongside ApacheCon include Apache: Big Data, Flex Project Summit, TomcatCon, Apache: IoT, and CloudStack Collaboration Conference? Join us! http://apachecon.com/

 - Did you know that we've launched a new #LoveApache campaign on Twitter? Feedback welcome from individuals, projects, and organizations https://twitter.com/TheASF/status/831134005105979396


Apache Community Notices:

 - "Success at Apache" is a new monthly blog series that focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk

 - Feedback from The Apache Software Foundation on the Free and Open Source Security Audit (FOSSA) https://s.apache.org/romf

 - ASF Operations Summary - Q2 FY2017 https://s.apache.org/oTOF

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - ApacheCon North America + Apache: BigData, CloudStack Collaboration Conferenxe, FlexJS Summit, Apache: IoT, and TomcatCon will be held 16-18 May 2017 in Miami http://apachecon.com/

- Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

 - Show your support for Apache with ASF-approved swag from http://www.zazzle.com/featherwear and http://s.apache.org/landsend --all proceeds benefit the ASF! 

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Tuesday February 14, 2017

The Apache Software Foundation Announces Apache® MyFaces™ Tobago 3

Standards-based Open Source components library allows developers to quickly and easily create business Web applications without worrying about technical details 

Forest Hill, MD —14 February 2017— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today the availability of Apache® MyFaces™ Tobago 3, the user interface components for creating business applications without the need for coding HTML, CSS, or JavaScript.

A sub-project of Apache MyFaces (the Open Source implementation of JavaServer Faces Web application framework that accomplishes the Model-View-Controller paradigm), Tobago is a component library for JavaServer Faces (JSF). The project was originally created at Atanion GmbH in 2002, and was donated to the Apache Incubator in 2005. Tobago graduated as Apache MyFaces sub-project in 2006.

"With a commitment to reduce the time and effort spent on development and deployment, the unofficial Tobago tagline is 'less magic, more standards'," said Udo Schnurpfeil, member of the Apache MyFaces Project Management Committee. "We are are happy that Tobago 3 helps users get their applications up and running even more quickly and easily."

By omitting the need to code HTML, CSS, or JavaScript, Tobago allows users to easily create business Web applications, and emulates the development process of conventional user interfaces (rather than the creation of Web pages) via:
  1. UI components abstracted from HTML, along with any layout information that does not belong to the general page structure. The final output format is determined by the client/user-agent;

  2. A theming mechanism that makes it easy to change the look-and-feel and provides special implementations for certain browsers; and

  3. A layout manager used to arrange the components automatically. This means that no manual laying out using HTML tables or other constructs is needed.

Under The Hood
Apache MyFaces Tobago 3's increased responsiveness and standardization makes it easier to integrate libraries and other projects. Features include:
  • Layout-management moved to CSS and JavaScript to natively achieve layout requirements and make rendering more efficient and responsive;

  • Themes using CSS library Bootstrap 4 make it easy to obtain a modern and rich design; and

  • Use of current technologies such as SCSS, CSS3, HTML5, AJAX, JSF and, Theming on pure CSS base further simplifies the development experience.

Apache Tobago dramatically reduces developer resources and programming time, providing individuals and organizations with improved productivity and ease of implementation.

"For over 10 years we have been working closely with the Tobago team. The close collaboration has been mutually beneficial. Currently we are working on more than 60 intranet applications based on Apache Tobago. We see the new features from Tobago 3 as a significant architectural leap - in particular the innovations with ajax, theming, and responsive design. We expect a fast project adoption - even with the associated migration costs," said Rainer Rohloff, Senior Software Architect at Norddeutsche Landesbank. "We look forward to working on additional projects with the Tobago team in the future."

"It's great to see many users adopt Tobago," added Schnurpfeil. "We welcome new developers and users to join us on our mailing lists, MeetUps, and community events."

Availability and Oversight
Apache MyFaces software is released under the Apache License v2.0 and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. For downloads, release notes, documentation, and more information on Apache MyFaces, visit http://myfaces.apache.org/ and https://twitter.com/MyFacesTeam

About The Apache Software Foundation (ASF)
Established in 1999, the all-volunteer Foundation oversees more than 350 leading Open Source projects, including Apache HTTP Server --the world's most popular Web server software. Through the ASF's meritocratic process known as "The Apache Way," more than 620 individual Members and 5,900 Committers successfully collaborate to develop freely available enterprise-grade software, benefiting millions of users worldwide: thousands of software solutions are distributed under the Apache License; and the community actively participates in ASF mailing lists, mentoring initiatives, and ApacheCon, the Foundation's official user conference, trainings, and expo. The ASF is a US 501(c)(3) charitable organization, funded by individual donations and corporate sponsors including Alibaba Cloud Computing, ARM, Bloomberg, Budget Direct, Capital One, Cerner, Cloudera, Comcast, Confluent, Facebook, Google, Hortonworks, HP, Huawei, IBM, InMotion Hosting, iSigma, LeaseWeb, Microsoft, OPDi, PhoenixNAP, Pivotal, Private Internet Access, Produban, Red Hat, Serenata Flowers, WANdisco, and Yahoo. For more information, visit http://www.apache.org/ and https://twitter.com/TheASF

© The Apache Software Foundation. "Apache", "MyFaces", "Apache MyFaces", "Tobago", "Apache MyFaces Tobago", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners.

# # #

Friday February 10, 2017

The Apache News Round-up: week ending 10 February 2017

It's Friday, and here's what has happened with the Apache community this past week:

ASF Board –management and oversight of the business and affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 15 February 2017. Board calendar and minutes available at http://apache.org/foundation/board/calendar.html

Success at Apache –our third installment in the new monthly blog series that focuses on the processes behind why the ASF "just works".
 - Asynchronous Decision Making by Bertrand Delacretaz https://s.apache.org/PMvk

ASF Infrastructure –our distributed team on four continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield bouncy performance at 99.66% uptime http://status.apache.org/

ApacheCon™ –Tomorrow's Technology Today. https://s.apache.org/F7Hy
 - DEADLINES:
   - CFPs for all events --ApacheCon core, Apache: Big Data, Apache: IoT, CloudStack Collaboration Conference, Flex JS Summit, TomcatCon and more close 11 February https://blogs.apache.org/conferences/entry/final-notice-cfp-for-apachecon
   - Travel Assistance applications close 8 March https://www.apache.org/travel/
   - Early registration and hotel incentives end 12 March http://events.linuxfoundation.org/events/apachecon-north-america
   - Apache Committers: remember to register using your apache.org address + discount code to save even more!
 - Recordings from ApacheCon Europe 2016 are being uploaded at Feathercast http://feathercast.org

New logos/marks wanted –with the launch of the ASF's new visual identity last year, many Apache projects have been freshening up their looks. Calls are open for:
 - Apache Incubator https://s.apache.org/rFii and Apache OpenNLP https://issues.apache.org/jira/browse/OPENNLP-6

Apache Ant™ –a Java library and command-line tool that helps building software.
 - Apache Ant 1.9.9 and 1.10.1 released http://ant.apache.org/bindownload.cgi

Apache Beam™ –a unified programming model for both batch and streaming data processing, enabling efficient execution across diverse distributed execution engines and providing extensibility points for connecting to different technologies and user communities.
 - Apache Beam 0.5.0 released https://beam.apache.org/get-started/downloads/

Apache Commons™ Configuration –software library that provides a generic configuration interface which enables a Java application to read configuration data from a variety of sources.
 - Apache Commons Configuration 2.1.1 released http://commons.apache.org/proper/commons-configuration/download_text.cgi

Apache Commons™ JCS –a distributed, versatile caching system.
 - Apache Commons JCS 2.1 released https://commons.apache.org/proper/commons-jcs/download_jcs.cgi

Apache Jackrabbit™ –a fully compliant implementation of the Content Repository for Java(TM) Technology API, version 2.0 (JCR 2.0) as specified in the Java Specification Request 283 (JSR 283).
 - Apache Jackrabbit 2.6.8 and Jackrabbit Oak 1.4.13 released http://jackrabbit.apache.org/downloads.html

Apache Lucene™ –a high-performance, full-featured text search engine library written entirely in Java.
 - Apache Lucene 6.4.1 released http://www.apache.org/dyn/closer.lua/lucene/java/6.4.1
 - Apache Solr 6.4.1 released http://lucene.apache.org/solr/mirrors-solr-latest-redir.html

Apache MyFaces™ Core –a JavaServer Faces 2.2 implementation as specified by JSR-344.
 - Apache MyFaces Core v2.2.12 released http://myfaces.apache.org/download.html

Apache OpenNLP™ –a machine learning based toolkit for the processing of natural language text.
 - Apache OpenNLP 1.7.2 released http://opennlp.apache.org/cgi-bin/download.cgi

Apache Qpid™ Proton –a messaging library for the Advanced Message Queuing Protocol 1.0 (AMQP 1.0, ISO/IEC 19464).
 - Apache Qpid Proton 0.17.0 and Qpid Proton-J 0.17.0 released http://qpid.apache.org/download.html

Apache Ranger™ –Big Data security management framework for the Apache Hadoop ecosystem in use at ING, Protegrity, and Sprint, among other organizations.
 - The Apache Software Foundation Announces Apache® Ranger™ as a Top-Level Project https://s.apache.org/23CB

Apache Struts™ –an elegant, extensible framework for creating enterprise-ready Java Web applications.
 - Apache Struts 2.5.10 GA released http://struts.apache.org/download.html#struts-ga

Apache Tomcat™ –the Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and Java Authentication Service Provider Interface for Containers technologies.
 - Apache Tomcat 8.5.11 http://tomcat.apache.org/download-80.cgi

Apache Zeppelin™ –a collaborative data analytics and visualization tool for distributed, general-purpose data processing system such as Apache Spark, Apache Flink, etc.
 - Apache Zeppelin 0.7.0 released http://zeppelin.apache.org/download.html


Did You Know?

 - Did you know that the new ASF logo, launched one year ago, along with the new Apache feather and "Powered By" graphics are available for all to use? http://apache.org/foundation/press/kit/

 - Did you know that standalone tracks taking place alongside ApacheCon include Apache: Big Data, Flex Project Summit, TomcatCon, Apache: IoT, and CloudStack Collaboration Conference? Join us! http://apachecon.com/

 - Did you know that the India Goa Directorate of Agriculture uses Apache Wicket? http://wicket.apache.org/


Apache Community Notices:

 - "Success at Apache" is a new monthly blog series that focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk

 - Feedback from The Apache Software Foundation on the Free and Open Source Security Audit (FOSSA) https://s.apache.org/romf

 - ASF Operations Summary - Q2 FY2017 https://s.apache.org/oTOF

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - ApacheCon North America and Apache:BigData will be held 16-18 May 2017 in Miami http://apachecon.com/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

 - Show your support for Apache with ASF-approved swag from http://www.zazzle.com/featherwearand http://s.apache.org/landsend--all proceeds benefit the ASF! 

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Wednesday February 08, 2017

The Apache Software Foundation Announces Apache® Ranger™ as a Top-Level Project

Big Data security management framework for the Apache Hadoop ecosystem in use at ING, Protegrity, and Sprint, among other organizations.

Forest Hill, MD —8 February 2017— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today that Apache® Ranger™ has graduated from the Apache Incubator to become a Top-Level Project (TLP), signifying that the project's community and products have been well-governed under the ASF's meritocratic process and principles.

The latest addition to the ASF’s more than three dozen projects in Big Data, Apache Ranger is a centralized framework used to define, administer and manage security policies consistently across Apache Hadoop components. Ranger also offers the most comprehensive security coverage, with native support for numerous Apache projects, including Atlas (incubating), HBase, HDFS, Hive, Kafka, Knox, NiFi, Solr, Storm, and YARN. 

"Graduating to a Top-Level Project reflects the maturity and growth of the Ranger Community," said Selvamohan Neethiraj, Vice President of Apache Ranger. "We are pleased to celebrate a great milestone and officially play an integral role in the Apache Big Data ecosystem."

Apache Ranger provides a simple and effective way to set access control policies and audit the data access across the entire Hadoop stack by following industry best practices. One of the key benefits of Ranger is that access control policies can be managed by security administrators from a single place and consistently across hadoop ecosystem. Ranger also enables the community to add new systems for authorization even outside Hadoop ecosystem, with a robust plugin architecture, that can be extended with minimal effort. In addition, Apache Ranger provides many advanced features, such as:
  • Ranger Key Management Service (compatible with Hadoop’s native KMS API to store and manage encryption keys for HDFS Transparent Data Encryption);
  • Dynamic column masking and row filtering;
  • Dynamic policy conditions (such as prohibition of toxic joins);
  • User context enrichers (such as geo-location and time of day mappings); and
  • Classification or tag based policies for Hadoop ecosystem components via integration with Apache Atlas.

"As early adopters of Apache Ranger and having contributed to Apache Ranger, we have come to rely upon Apache Ranger as a key part of our security infrastructure for data," said Ferd Scheepers, Chief Information Architect at ING. "We are therefore pleased to learn that the project has now graduated to a TLP project through the efforts of the Apache community. We believe that Apache Ranger represents the best-in-class Open Source security framework for authorization, encryption management, and auditing across Hadoop ecosystem. We laud the community's efforts in building an extensible and enterprise grade architecture for Apache Ranger, and for innovative features such as tag or classification based security (built in conjunction with Apache Atlas). We congratulate the Apache Ranger community on achieving this significant milestone and are confident Apache Ranger will evolve into the de-facto standard for security stack across the Hadoop ecosystem."

"As heavy users of Apache Ranger in production, we are pleased to see the project become a TLP through validation across community efforts," said Timothy R. Connor, Big Data & Advanced Analytics Manager at Sprint. "Apache Ranger has built a next generation ABAC model for authorization along with a robust data-centric Open Source security framework supporting advanced security capabilities such as dynamic row filtering and column masking. All of these point to Apache Ranger maturing into a robust and comprehensive security product for authorization, encryption management and auditing through the Apache community."

"It's great to see Apache Ranger become a TLP," said Dominic Sartorio, Senior Vice President of Products & Development at Protegrity. "Apache Ranger's comprehensive auditing and broad authorization coverage across the Hadoop ecosystem, along with its highly scalable and extensible architecture and rich set of APIs, integrates very well with Protegrity's fine grained data protection capabilities. Our continued collaboration with the Apache Ranger community will help meet the data security requirements of the next generation of enterprise-grade production Hadoop deployments."

"As organizations entrust their enterprise data to Open Source data platforms such as Apache Hadoop, there is a critical need to use the most innovative techniques to safeguard this data," said Alan Gates, Co-Founder of HortonWorks and Apache Ranger incubation mentor. "Apache Ranger community has taken the original, proprietary code base and used it to build a new and successful Apache project that employs an attribute-based approach to define and enforce authorization policies. This modern approach is a combination of subject, action, resource, and environment and goes beyond role-based access control techniques exclusively based on organizational roles - permissions mapping. It has been a pleasure to be their mentor in this process and help them learn the Apache way."

"More and more users are adopting Apache Ranger to secure data in the Hadoop ecosystem," added Neethiraj. "We look forward to welcoming new Ranger users to our mailing lists and community events."

Availability and Oversight
Apache Ranger software is released under the Apache License v2.0 and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. For project updates, downloads, documentation, and ways to become involved with Apache Ranger, visit https://ranger.apache.org/ and @ApacheRanger.

About the Apache Incubator
The Apache Incubator is the entry path for projects and codebases wishing to become part of the efforts at The Apache Software Foundation. All code donations from external organizations and existing external projects wishing to join the ASF enter through the Incubator to: 1) ensure all donations are in accordance with the ASF legal standards; and 2) develop new communities that adhere to our guiding principles. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF. For more information, visit http://incubator.apache.org/

About The Apache Software Foundation (ASF)
Established in 1999, the all-volunteer Foundation oversees more than 350 leading Open Source projects, including Apache HTTP Server --the world's most popular Web server software. Through the ASF's meritocratic process known as "The Apache Way," more than 620 individual Members and 5,900 Committers successfully collaborate to develop freely available enterprise-grade software, benefiting millions of users worldwide: thousands of software solutions are distributed under the Apache License; and the community actively participates in ASF mailing lists, mentoring initiatives, and ApacheCon, the Foundation's official user conference, trainings, and expo. The ASF is a US 501(c)(3) charitable organization, funded by individual donations and corporate sponsors including Alibaba Cloud Computing, ARM, Bloomberg, Budget Direct, Capital One, Cash Store, Cerner, Cloudera, Comcast, Confluent, Facebook, Google, Hortonworks, HP, Huawei, IBM, InMotion Hosting, iSigma, LeaseWeb, Microsoft, OPDi, PhoenixNAP, Pivotal, Private Internet Access, Produban, Red Hat, Serenata Flowers, Target, WANdisco, and Yahoo. For more information, visit http://www.apache.org/ and https://twitter.com/TheASF

© The Apache Software Foundation. "Apache", "Ranger", "Apache Ranger", "HBase", "Apache HBase", "HDFS", "Apache HDFS", "Hive", "Apache Hive", "Kafka", "Apache Kafka", "Knox", "Apache Knox", "NiFi", "Apache NiFi", "Solr", "Apache Solr", "Storm", "Apache Storm", "YARN", "Apache YARN", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners.

# # #


Monday February 06, 2017

Success at Apache: Asynchronous Decision Making

by Bertrand Delacretaz

Asynchronous decision making is a key enabler of our geographically and culturally distributed Open source teams. In this post I'll explain the ingredients that make it work at the ASF.

I became active in the ASF in 2001 via Gianugo Rabellino - he was the one who started the discussions with Apache Fop about me donating the jfor XLS-FO to RTF converter that I had developed earlier. It was already too late to uninvent RTF which is a terrible format, but I digress. I am currently a member of the Board of Directors of the ASF and have been doing a lot of thinking (and presentations) about what makes the ASF tick in terms of collaboration and Shared Neurons.

If synchronous decision-making meetings were required in ASF projects, even using remote channels like IRC or videoconference, we would move forward at a snail-like pace, as just finding a time where all stakeholders are available is almost impossible in an environment that has no managers and no central schedule.

Meetings are also very expensive when you are working on a maker's schedule, as described by Paul Graham [1]. Frequent meetings ruin the productivity of craftsmen, and there's lots of craftmanship in our industry, especially when you're building leading edge stuff.

So, what's needed to enable people to make collective decisions asynchronously, without requiring meetings?

The first thing you need is a central asynchronous communications channel. Which technology you use for that doesn't really matter, but it has to allow everybody to get the same information, and provide a usable way of having threaded discussions, where you can branch off on a topic while ignoring other topics being discussed on the same channel. This can be as simple as a whiteboard if people often visit the same place, or as elaborate as web-based forums, accessible from any mobile device so you can bother^H^H^H^H^H reach people everywhere. At the ASF we use plain mailing lists for that, very successfully when people use them with the right discipline (see the appendix below). Archiving this channel is very useful, to allow newcomers to get a feel for how things work as well as documenting the reasoning that led to each decision and avoid having to repeat things over and over.

The second required tool is a way to build consensus, where you avoid deadlocks and make sure decisions go forward. Unanimity in decisions is ideal of course, but the second best is consensus, defined as widespread agreement among people who have decision power. Requiring unanimity or allowing vetoes in decisions can block progress, so at the ASF vetoes only apply to a very limited set of decisions types, as defined by our voting rules [4]. In companies, decision power can be based on hierarchy to break deadlocks. That has to happen sometimes, but abusing it can cause employees to lose their autonomy and purpose, which kills your team in the long term.

To keep track of each decision, a case management system is ideal. You could work without that, depending on your team's size and the number of decisions that you take, but it's very convenient to be able to discuss the details of a given decision and keep associated information in a single place. You don't need complex software for that, at the ASF we use fairly simple issue trackers. Those are Web-based systems where each case is handled on a single page, with a history of comments and actions. Some non-urgent or very hard decisions can take a long time to reach closure, and it's very useful to keep their history in a single place, if only to avoid having to explain them again to new members of the team. In a low tech environment you could just use a single sheet of paper to briefly document each decision with the key points that led to it, and keep those in binders or physical files.

A nice side effect of using case management software is that each decision gets a simple unique identifier, like FOO-123 for the 123th ticket of the FOO project. This removes any ambiguity as to which issue one's discussing, by mentioning those identifiers in conversations.

So, in summary, the following should allow your group to make decisions asynchronously, without requiring meeting and with a written trace of everything that happens:

  • An archived asynchronous communications channel, where everybody can get the same information and threaded discussions can take place.
  • A way of building consensus, including fair rules for breaking deadlocks.
  • If possible, a case management system to keep track of each decision's details, in a much cleaner way than the often messy discussions that happen on the asynchronous channel. 

Semi-asynchronous decision making at the ASF

I've been a member of the ASF's Board of Directors for a few terms now and I'm still impressed by how efficient our monthly phone conferences are. The meeting regularly lasts only 60 to 90 minutes, during which we approve around 50 project reports, vote on a few resolutions and often address a few discussion items.

Besides a few simple things like good phone discipline and a side channel for less important comments (and jokes), the main reason this meeting is so efficient is that almost everything is decided in advance.

Board members are expected to read the project reports before the meeting, and a dead simple case management system (described below) helps discuss issues in advance, and find out which reports require a more extensive discussion.

Assuming the majority of board members have read the reports in advance, and flagged them as ok or requiring discussion, we don't need any housekeeping time during the meeting. Everybody shows up with a clear view of where difficult discussions might arise, so they have time to prepare for that, including asking others for clarification before the meeting so we can resolve any outstanding issues without delay.

The case management system that we use for this is extremely simple, but in terms of enabling asynchronous (or rather semi-asynchronous) decision making it fullfills its role. Our meeting agenda consists of a single text file in our source control system, with a simple structure that provides for a small discussion space for each report that we have to approve and each resolution that we need to vote on.

The agenda file structure looks roughly like this:

Call to order
Roll call
Officer reports
Project reports, headers and discussion space
Board Resolutions with discussion space
Appendix: Full Project reports and other supporting material

And a project report header and discussion space is as simple as this:

E. Apache Blazinator Project [Bob Blazer / Bertrand]
  See Attachment E
  [ Blazinator.
    approved: bd, mm, dd, db, jc, ldv
    comments:
      bd:  Not sure why LEGAL-123 blocks their release
      ldv: They are waiting for the committer to supply
           an updated iCLA as the received one was 
           incomplete.
      bd:  Ok, thanks, approving the report then.
    ]

This simple block of structured text builds a very simple "case management system" for the case of approving the Blazinator report.

The "approved" line indicates which board members have approved the report, on a single line so that simple text-based tools can validate and count the approvals.

The "comments" section allows stakeholders to comment on the report (which is found in an appendix later in the text file), and reply to each other's comments to hopefully reach closure before the meeting. If this happens, approving this report takes almost no time in the meeting, the chairman can just list the project names ("case identifiers" according to the above terminology) of such pre-approved reports, asking if anybody's opposed to approving them.

Combined with the ASF board's mailing list, this builds a very simple and very efficient system for semi-asynchronous decision making. Most decisions are taken before the meeting, and the participants can spend their time where it actually adds value as opposed to exchanging boring status information during the meeting.

Try it yourself!

Many ASF and other Open Source projects release world-changing software while having no or very few meetings, demonstrating that these techniques work.

If you're bogged down with inefficient or useless meetings, I suggest that you try applying these principles to a meaningful subset of your decision making activities. People will need to hone their skills to work efficiently in this way, but the rewards can be huge for distributed teams.

Appendix: Mailing lists at the ASF

At the ASF we use mailing lists as our central asynchronous communications channel, based on our if it didn't happen on the dev mailing list, it didn't happen rule [2]. Mailing lists might be seen as tools of the past when you compare them with the latest shiny tools, but they remain a ubiquitous way of communicating in loosely coupled remote groups, especially when used with a strong discipline of Precise Quoting [3] and paying attention to meaningful subject lines. Unfortunately I hear some "modern" email clients make a mess of that quoting - just stay away from them.

References

[1] http://www.paulgraham.com/makersschedule.html - Paul Graham, Maker's Schedule, Manager's Schedule, July 2009

[2] https://community.apache.org/apache-way/apache-project-maturity-model.html - The Apache Project Maturity Model, ASF community development team, 2015.

[3] http://s.apache.org/gianugo_quoting_2002 - Gianugo Rabellino "[OT/Rant] Quoting", message to the cocoon-dev mailing list, January 2002

[4] http://www.apache.org/foundation/voting.html - ASF voting rules, created in 1999 probably, or even earlier among the Apache Group.

 # # #

"Success at Apache" is a new monthly blog series that focuses on the processes behind why The Apache Software Foundation (ASF) "just works". First article: Project Independence https://s.apache.org/CE0V Second article: "All Carrot and No Stick" https://s.apache.org/ykoG

Friday February 03, 2017

The Apache News Round-up: week ending 3 February 2017

Hello, February! Here's what the Apache community has been working on this week:

ASF Board –management and oversight of the business and affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 15 February 2017. Board calendar and minutes available at http://apache.org/foundation/board/calendar.html

ASF Infrastructure –our distributed team on four continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield ongoing "three nines" performance at 99.93% uptime http://status.apache.org/

ApacheCon™ –Tomorrow's Technology Today. https://s.apache.org/F7Hy
 - DEADLINES:
   - CFPs close 11 February http://apachecon.com/
   - Travel Assistance applications close 8 March https://www.apache.org/travel/
   - Early registration and hotel rates end 12 March http://events.linuxfoundation.org/events/apachecon-north-america
   - Apache Committers: remember to register using your apache.org address + discount code to save even more!
 - Recordings from ApacheCon Europe 2016 are being uploaded at Feathercast http://feathercast.org

New logos/marks wanted –with the launch of the ASF's new visual identity last year, many Apache projects have been freshening up their looks. Calls are open for:
 - Apache Incubator https://s.apache.org/rFii and Apache OpenNLP https://issues.apache.org/jira/browse/OPENNLP-6

Apache Atlas (incubating) –a scalable and extensible set of core foundational governance services - enabling enterprises to effectively and efficiently meet their compliance requirements within Hadoop and allows integration with the whole enterprise data ecosystem.
 - Apache Atlas 0.7.1-incubating released http://www.apache.org/dyn/closer.cgi/incubator/atlas/0.7.1-incubating/

Apache Bahir™ –provides extensions to distributed analytic platforms such as Apache Spark.
 - Apache Bahir 2.0.2 released http://bahir.apache.org

Apache Jackrabbit™ –a fully compliant implementation of the Content Repository for Java(TM) Technology API, version 2.0 (JCR 2.0) as specified in the Java Specification Request 283 (JSR 283).
 - Apache Jackrabbit 2.4.7 and Jackrabbit Oak 1.6.0 released http://jackrabbit.apache.org/downloads.html

Apache Log4j™ –a well-known framework for logging application behavior
 - Apache Log4j 2.8 released https://logging.apache.org/log4j/2.x/

Apache OpenMeetings™ –provides video conferencing, instant messaging, white board, collaborative document editing and other groupware tools using API functions of the Red5 Streaming Server for Remoting and Streaming.
 - Apache OpenMeetings 3.1.5 released http://openmeetings.apache.org/downloads.html

Apache POI™ –a Java library for reading and writing Microsoft Office files 
 - Apache POI 3.16 beta 2 released https://www.apache.org/dyn/closer.lua/poi/dev/RELEASE-NOTES-3.16-beta2.txt

Apache Syncope™ –an Open Source system for managing digital identities in enterprise environments, implemented in Java EE technology.
 - Apache Syncope 2.0.2 released http://syncope.apache.org/downloads.html

Apache UIMA™ –a component architecture and framework for the analysis of unstructured content like text, video and audio data.
 - Apache UIMA Java SDK 3.0.0-alpha released http://uima.apache.org


Did You Know?

 - Did you know that Apache OpenNLP, a machine learning based toolkit for processing natural language text, can be used with Apache Lucene/Solr to tag words with part-of-speech, extract named entities, and more? https://opennlp.apache.org/

 - Did you know that standalone tracks taking place alongside ApacheCon include Apache: Big Data, Flex Project Summit, TomcatCon, Apache: IoT, and CloudStack Collaboration Conference? Join us! http://apachecon.com/

 - Did you know that Apache CouchDB has its own weekly news round-up? https://blog.couchdb.org/2017/02/02/couchdb-weekly-news-february-2-2017/

Apache Community Notices:

 - "Success at Apache" is a new monthly blog series that focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) "All Carrot and No Stick" https://s.apache.org/ykoG

 - Feedback from The Apache Software Foundation on the Free and Open Source Security Audit (FOSSA) https://s.apache.org/romf

 - ASF Operations Summary - Q2 FY2017 https://s.apache.org/oTOF

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - ApacheCon North America and Apache:BigData will be held 16-18 May 2017 in Miami http://apachecon.com/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

 - Show your support for Apache with ASF-approved swag from http://www.zazzle.com/featherwearand http://s.apache.org/landsend--all proceeds benefit the ASF! 

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday January 27, 2017

The Apache News Round-up: week ending 27 January 2017

We're closing out the month with another week of great work from the Apache community:

ASF Board –management and oversight of the business and affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 15 February 2017. Board calendar and minutes available at http://apache.org/foundation/board/calendar.html

ASF Infrastructure –our distributed team on four continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield "three nines" performance maintained at 99.97% uptime http://status.apache.org/

ApacheCon™ –the official conference series of The Apache Software Foundation.
 - ApacheCon: Tomorrow's Technology Today. https://s.apache.org/F7Hy
 - CFPs for Apache: Big Data and ApacheCon North America 16-18 May 2017/Miami close 11 February http://apachecon.com/
 - Travel Assistance applications now being accepted through 8 March https://www.apache.org/travel/
 - Early registration and hotel incentives available through 12 March http://events.linuxfoundation.org/events/apachecon-north-america
 - Recordings from ApacheCon Europe 2016 are being uploaded at Feathercast http://feathercast.org

New logos/marks wanted –with the launch of the ASF's new visual identity last year, many Apache projects have been freshening up their looks. New logo calls are open for:
 - Apache Incubator https://s.apache.org/rFii
 - Apache OpenNLP https://issues.apache.org/jira/browse/OPENNLP-6

Apache HttpComponents™ Client –a library for client-side HTTP communication built on HttpCore.
 - Apache HttpComponents Client 4.5.3 GA released http://hc.apache.org/downloads.cgi

Apache Impala (incubating) –a high-performance C++ and Java SQL query engine for data stored in Apache Hadoop-based clusters.
 - Apache Impala 2.8.0 released https://impala.incubator.apache.org/downloads.html

Apache Jackrabbit™ –a fully compliant implementation of the Content Repository for Java(TM) Technology API, version 2.0 (JCR 2.0) as specified in the Java Specification Request 283 (JSR 283).
 - Apache Jackrabbit 2.10.5 released http://jackrabbit.apache.org/downloads.html

Apache Kudu™ –a distributed columnar storage engine built for the Apache Hadoop ecosystem.
 - Apache Kudu 1.2.0 released http://kudu.apache.org/releases/1.2.0/

Apache Lucene™ –a high-performance, full-featured text search engine library written entirely in Java.
 - Apache Lucene 6.4.0 released http://lucene.apache.org/core/mirrors-core-latest-redir.html
 - Apache Solr 6.4.0 released http://lucene.apache.org/solr/mirrors-solr-latest-redir.html

Apache Parquet™ –a general-purpose columnar data format with support across processing frameworks, data models, and languages.
 - Apache Parquet 1.8.2 released https://www.apache.org/dyn/closer.cgi/parquet/

Apache Qpid™ –implements the latest AMQP specification, the first open standard for enterprise messaging, and provides transaction management, queuing, distribution, security, management, clustering, federation, and heterogeneous multi-platform support and a lot more.
 - Apache Qpid JMS 0.20.0 released http://qpid.apache.org/download.html

Did You Know?

 - Did you know that the deep learning framework MXNet has entered the Apache Incubator? http://incubator.apache.org/projects/mxnet.html

 - Did you know that the ASF's Twitter account now has 40,000 followers? https://twitter.com/TheASF

 - Did you know that you can help test the Struts 2.5.10 build? http://markmail.org/thread/gp7gdhria7k7kjxs


Apache Community Notices:

 - "Success at Apache" is a new monthly blog series that focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) "All Carrot and No Stick" https://s.apache.org/ykoG

 - Feedback from The Apache Software Foundation on the Free and Open Source Security Audit (FOSSA) https://s.apache.org/romf

 - ASF Operations Summary - Q2 FY2017 https://s.apache.org/oTOF

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - ApacheCon North America and Apache:BigData will be held 16-18 May 2017 in Miami http://apachecon.com/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

 - Show your support for Apache with ASF-approved swag from http://www.zazzle.com/featherwearand http://s.apache.org/landsend--all proceeds benefit the ASF! 

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Thursday January 26, 2017

ApacheCon: Tomorrow's Technology Today.

Since 1999, The Apache Software Foundation (ASF) has been recognized as a leading source for Open Source software and tools that meet the demand for interoperable, adaptable, and sustainable solutions. 

The all-volunteer ASF develops, stewards, and incubates dozens of enterprise-grade Open Source projects that power mission-critical applications in financial services, aerospace, publishing, government, healthcare, research, infrastructure, and more. From Abdera to ZooKeeper, the ASF's reliable, community-driven software continues to grow dramatically across many categories, including Cloud, IoT and Edge Computing, Artificial Intelligence and Deep Learning, Mobile, and Big Data, where the Apache Hadoop ecosystem dominates the marketplace.

Today, many of the ASF's 300+ projects serve as the backbone for some of the world's most visible and widely used applications in Big Data (Cassandra, Hadoop, Spark); Cloud (CouchDB, CloudStack, Mesos); Search and CMS (Derby, Jackrabbit, Lucene/Solr); DevOps and Build Management (Ant, Buildr, Maven); Web Frameworks (Flex, OFBiz, Struts); Servers (HTTP Web Server, Tomcat, Traffic Server); among others.

Apache technologies also command some of the most sought-after career skills. Hiring managers surveyed in the 2016 Open Source Jobs Report state that Open Source recruitment will increase more than any other part of their business over the next six months. Knowing which are the essential skills is simply not enough: keeping current with Apache projects and actively participating in their communities are essential in understanding how to address business needs and how to best apply the tips and tools available.

The ASF's official global conference series, ApacheCon, is one of the most effective ways to quickly gain competitive advantage. Over the past 17 years, ApacheCon has drawn attendees from more than 60 countries to learn about core Open Source technologies directly from Apache project developer and user communities --independent of business interests, corporate biases, or sales pitches. Highlights include:

  • Timely Content --learn first-hand from the largest collection of global Apache project communities through detailed sessions, and standalone tracks such as Apache: Big Data, Flex Project Summit, TomcatCon, Apache: IoT, and CloudStack Collaboration Conference. Breaking industry news? You'll hear it here first.

  • Innovation Insight --presentations from the Apache Incubator (the ASF's hub for Open Source innovations, where a record 64 projects are currently undergoing development) include the latest developments in data science, Cloud, embedded systems, and many other categories, as well as industry-specific areas such as climate, microfinances, and cryptography. Learn what's next.

  • Knowledge Exchange --meet the people behind dozens of Apache projects through ample networking opportunities including BarCampApache, hackathons, BoFs, and corridor discussions. Driving a project in new directions? Starting a new initiative? Ideation sparks here.

  • Education --gain the latest skills with in-depth tutorials, trainings, and workshops with low student-to-instructor ratio. Classes are often led by the original creators and companies behind some of the most popular projects in Open Source.

  • Sponsor Showcase and Expo --engage with some of the commercial products and service providers behind Apache project communities in a friendly, relaxed, non-sales environment. 

Join individual developers, Fortune 500 companies, start ups, educators, consultants, and Open Source enthusiasts at the largest dedicated gathering of the collective Apache community at ApacheCon North America 16-18 May 2016 in Miami, FL.

Important Dates:

 - Call for Participation now open through 11 February 2017 http://apachecon.com/
 - Travel Assistance applications open through 8 March 2017 https://www.apache.org/travel/
 - Conference Schedule published on 9 March 2017
 - Early registration and lodging incentives available through 12 March 2017 http://events.linuxfoundation.org/events/apachecon-north-america/attend/register-

For more information, visit http://apachecon.com/ and https://twitter.com/ApacheCon

# # #

Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation