The Apache Software Foundation Blog

Monday May 23, 2022

The Apache News Round-up: week ending 20 May 2022

Happy Friday, everyone --here's what the Apache community has been up to over the past week:

ApacheCon – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - CFP open: ApacheCon Asia - 29-31 July (online) https://apachecon.com/acasia2022/cfp.html
 - CFP open: ApacheCon North America - 3-6 October (New Orleans) https://cfp.apachecon.com/
 - Travel Assistance applications open: for ApacheCon North America. Apply today https://apache.org/travel/

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 15 June 2022. Running Board calendar and minutes are available.

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.91%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 301 Apache Committers and 836 contributors changed 4,481,686 lines of code over 3,397 commits. Top 5 contributors, in order, are: Jiajing Lu, Mark Thomas, Clebert Suconic, Liang Zhang, and Andi Huber.

Apache Project Announcements – the latest updates by category.

APIs --
 - Apache ShenYu (incubating) https://s.apache.org/x1a1q: Regular expression denial of service

Big Data and Machine Learning --
 - The Apache Software Foundation Announces Apache® YuniKorn™ as a Top-Level Project 

Content --
 - Apache Jackrabbit Oak 1.6.x deprecated 
 - Apache Tika CVE-2022-25169: BPGParser Memory Usage DoS
   -- CVE-2022-30126: Regular Expression Denial of Service in Standards Extractor 

Cloud Computing --
 - Apache Kafka 3.1.1 and 3.2.0 released 

Data Management Platform --
 - New Apache Ignite Extensions released

Integration --
 - Apache Camel 3.17.0 released

Libraries --
 - Apache ServiceComb Pack version 0.7.0 released 
 - Apache Commons Imaging 1.0-alpha3 released

Observability --
 - Apache SkyWalking Eyes 0.3.0 released 

Servers --
 -
Apache Tomcat 9.0.63, 10.0.21, 10.1.0-M15 (alpha) released

Web Conferencing --
  - Apache OpenMeetings 6.3.0 released 

Workflow -
 -
New Apache Airflow Providers released https://airflow.apache.org/


Did You Know?

- Did you know that the ASF Security team has opened a paid position for Security Response Program Manager? https://blogs.apache.org/security/entry/position-available-security-response-program

- Did you know that Zhongshang Huimin's eCommerce platform uses Apache ShardingSphere for order transaction processing and fulfillment for over 1 million supermarkets? 

- Did you know that the Airflow Summit local meetup in Tokyo will be held on 24 May?

Apache Community Notices

 - Apache in 2021 - By The Digits + Video highlights 

 - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) "Apache Innovation" [40 min] 

 - ASF Annual Report: FY2021 (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Monday May 16, 2022

The Apache News Round-up: week ending 13 May 2022

Hello, everyone --let's review the Apache community's activities from over the past week:

ApacheCon – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - CFP open: ApacheCon Asia - 29-31 July (online) https://apachecon.com/acasia2022/cfp.html
 - CFP open: ApacheCon North America - 3-6 October (New Orleans) https://cfp.apachecon.com/
 - Travel Assistance applications open: for ApacheCon North America. Apply today https://apache.org/travel/

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 18 May 2022. Running Board calendar and minutes are available.

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 352 Apache Committers and 867 contributors changed 5,014,702 lines of code over 3,393 commits. Top 5 contributors, in order, are: Mark Thomas, Liang Zhang, Claus Ibsen, Jarek Potiuk, and Andi Huber.       

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache Arrow 8.0.0 released 
 - Apache Calcite 1.21.0 released 
 - Apache BookKeeper 4.15.0 released 
 - Apache Flink Table Store 0.1.0 released

Content --
 - Apache UIMA Java SDK 3.3.0 released 
 - Apache OpenOffice 4.1.12 released

Embedded OS --
 - Apache Mynewt 1.10.0 and Apache NimBLE 1.5.0 released

FinTech --
 - Apache Fineract 1.7.0 released

Libraries --
 - Apache Commons Daemon 1.3.1 released

Search --
 - Apache Solr 9.0.0 released

Servers -
 -
Apache Tomcat Native 1.2.33 released 
    -- CVE-2022-29885: EncryptInterceptor DoS 
    -- CVE-2022-25762: Request Mix-up


Did You Know?

- Did you know that China Unicom uses Apache DolphinScheduler for cross-cluster calls in automated billing procedures, including auditing, revenue sharing, and other operations to serve 40 billion voice orders per day? https://dolphinscheduler.apache.org/

- Did you know that Beam Summit (18-20 July/Hybrid) has announced hands-on Workshops?

- Did you know that the Apache Cassandra project is requesting community members to share their experiences of ApacheCon? https://t.co/XumUaVCuTB

Apache Community Notices

 - Apache in 2021 - By The Digits + Video highlights 

 - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) "Apache Innovation" [40 min] 

 - ASF Annual Report: FY2021 (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

The Apache Software Foundation Announces Apache® YuniKorn™ as a Top-Level Project

Open Source universal Big Data and Machine Learning resource scheduler in use at Alibaba, Apple, Cloudera, Lyft, Visa, and Zillow, among others.

Wilmington, DE —16 May 2022— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® YuniKorn™ as a Top-Level Project (TLP).

Apache YuniKorn is a cloud-native, standalone Big Data and Machine Learning resource scheduler for batch jobs and long-running services on large scale distributed systems. The project was originally developed at Cloudera in March 2019, entered the Apache Incubator in January 2020, and graduated as a Top-Level Project in March 2022.

"The Apache YuniKorn community is striving together to solve the resource scheduling problems on the cloud," said Weiwei Yang, Vice President of Apache YuniKorn. "It's really great to see the Apache Way shine in the incubating process of YuniKorn. We are lucky to have such an open, collaborative, and diverse community, which is sympathetic and cares about everyone's success. This motivates us to keep evolving and gets better every day."

Apache YuniKorn natively supports Big Data application workloads and mixed workloads, and provides a unified, cross-platform scheduling experience. Features include:

  • Cloud native —runs on-premise and in a variety of public cloud environments; maximizes resource elasticity with better throughput.

  • Hierarchical resource queues —efficiently manages cluster resources; provides the ability to control the resource consumption for each tenant.

  • Application-aware scheduling —recognizes users, applications, and queues; schedules according to submission order, priority, resource usage, and more.

  • Job ordering —built-in robust scheduling capabilities; supports fairness-based cross-queue preemption, hierarchies, pluggable node sorting policies, preemption, and more.

  • Central management console —monitors performance across different tenants; one-stop-dashboard tracks resource utilization for managed nodes, clusters, applications and queues.

  • Efficiency —reduces resource fragmentation and proactively triggers up-scaling; cloud elasticity lowers overall operational costs.

In addition, the Project has announced the release of Apache YuniKorn v1.0, the fifth update since entering the Apache Incubator. Improvements include: 

  • Decreased memory and cpu usage
  • Extended metrics and diagnostics information
  • New deployment model supporting future upgrades
  • Technical preview of the plugin deployment mode

Optimized to run Apache Spark on Kubernetes (open source software container orchestration system), Apache YuniKorn’s performance makes it an optional replacement to the Kubernetes default scheduler. Apache YuniKorn excelled in benchmark tests with other schedulers in resource sharing, resource fairness, preemption, gang scheduling, and bin packing categories, with throughput exceeding 610 allocations per second across 2,000 nodes. 

YuniKorn is in use at Alibaba, Apple, Cloudera, Lyft, Visa, and Zillow, among others.

"We're thrilled to see this offering come to fruition. Apache YuniKorn powers Apache Spark workloads for Cloudera Data Engineering (CDE), a key Kubernetes-based service supporting the Cloudera Data Platform," said Vinod Kumar Vavilapalli, Senior Director, Engineering at Cloudera and former PMC chair of Apache Hadoop. "As part of Cloudera’s Public and Private Cloud offerings, Apache YuniKorn adds tremendous flexibility and control when running large-scale analytics, enabling customers to better optimize the performance and value of their deployments."

"Apache YuniKorn is an essential infra service for bringing Big Data/ML workloads onto the cloud," said Chunde Ren, Engineering Manager at Alibaba Big Data Open-source team. "YuniKorn brings better scheduling capabilities, performance, elasticity, and usability for running workloads on Kubernetes, especially for Big Data and Machine Learning workloads, which benefits many users on the cloud. It's a great pleasure for us to have participated in the YuniKorn community since its inception and to see it grow up to be a Top-Level Project."

"Apache YuniKorn is becoming a popular choice for those who want to run Big Data workloads on Kubernetes, with more use cases developing," added Yang. "We welcome all who are interested to join the YuniKorn community and work with us on solving these challenging problems."

Catch Apache YuniKorn in action at Kubernetes Batch + HPC Day Europe (17 May 2022 in Valencia, Spain https://sched.co/10F0t ) and Spark AI Summit 2022 (27-30 June in San Francisco and online https://databricks.com/dataaisummit/north-america-2022/agenda/?sessionid=1388 ).

Availability and Oversight
Apache YuniKorn software is released under the Apache License v2.0 and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. For downloads, documentation, and ways to become involved with Apache YuniKorn, visit https://yunikorn.apache.org/ and https://twitter.com/YuniKorn_Sched .

About the Apache Incubator
The Apache Incubator is the primary entry path for projects and codebases wishing to become part of the efforts at The Apache Software Foundation. All code donations from external organizations and existing external projects enter the ASF through the Incubator to: 1) ensure all donations are in accordance with the ASF legal standards; and 2) develop new communities that adhere to our guiding principles. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF. For more information, visit http://incubator.apache.org/ 

About The Apache Software Foundation (ASF)
Established in 1999, The Apache Software Foundation is the world’s largest Open Source foundation, stewarding 227M+ lines of code and providing more than $22B+ worth of software to the public at 100% no cost. The ASF’s all-volunteer community grew from 21 original founders overseeing the Apache HTTP Server to 820+ individual Members and 200 Project Management Committees who successfully lead 350+ Apache projects and initiatives in collaboration with 8,400+ Committers through the ASF’s meritocratic process known as "The Apache Way". Apache software is integral to nearly every end user computing device, from laptops to tablets to mobile devices across enterprises and mission-critical applications. Apache projects power most of the Internet, manage exabytes of data, execute teraflops of operations, and store billions of objects in virtually every industry. The commercially-friendly and permissive Apache License v2 is an Open Source industry standard, helping launch billion dollar corporations and benefiting countless users worldwide. The ASF is a US 501(c)(3) not-for-profit charitable organization funded by individual donations and corporate sponsors that include Aetna, Alibaba Cloud Computing, Amazon Web Services, Anonymous, Baidu, Bloomberg, Capital One, Cloudera, Comcast, Confluent, Didi Chuxing, Facebook, Google, Huawei, IBM, Indeed, LINE Corporation, Microsoft, Namebase, Pineapple Fund, Red Hat, Replicated, Talend, Target, Tencent, Union Investment, VMware, Workday, and Yahoo!. For more information, visit http://apache.org/ and https://twitter.com/TheASF 

© The Apache Software Foundation. "Apache", "YuniKorn", "Apache YuniKorn", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners.

# # #

Monday May 09, 2022

The Apache News Round-up: week ending 6 May 2022

Welcome, May --we're opening the month with another great week. Here's what the Apache community has been up to:

ApacheCon – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - CFP open: ApacheCon Asia - 29-31 July (online) https://apachecon.com/acasia2022/cfp.html
 - CFP open: ApacheCon North America - 3-6 October (New Orleans) https://cfp.apachecon.com/
 - Travel Assistance applications open: for ApacheCon North America. Apply today https://apache.org/travel/

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 18 May 2022. Running Board calendar and minutes are available.

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 298 Apache Committers and 714 contributors changed 2,668,743 lines of code over 3,291 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Gary Gregory, Liang Zhang, Jiajing Lu, and Benoit Tellier. 

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache NiFi 1.16.1 released
   -- CVE-2022-29265: Improper Restriction of XML External Entity References in Multiple Components 
 - Apache Flink 1.15.0 released 

Content --
 - Apache Tika 1.28.2 and 2.4.0 released 
 - Apache PDFBox 3.0.0-alpha3 released 

Integration --
 - Apache Camel 3.11.7 (LTS) and 3.14.3 (LTS) released

Libraries --
 - Apache Jena CVE-2022-28890: Processing external DTDs

Messaging --
 - Apache ActiveMQ 5.16.5 and 5.17.1 released

Workflow --
 - Apache Airflow 2.3.0 released

Web Frameworks -
 -
Apache Wicket 9.10.0 released


Did You Know?

- Did you know that the following Apache projects are celebrating anniversaries this month? Congratulations to Apache Geronimo (18 years); Tomcat (17 years); OpenJPA, POI, TomEE, Turbine (15 years); Libcloud (11 years); Giraph, ManifoldCF (10 years); Phoenix (8 years); Whimsy (7 years); Bahir, TinkerPop, Zeppelin (6 years); SystemDS (5 years); Traffic Control (4 years); Dubbo (3 years); Hudi, Iceberg (2 years). https://projects.apache.org/committees.html?date

- Did you know that the ASF Security team has opened a paid position for Security Response Program Manager? https://blogs.apache.org/security/entry/position-available-security-response-program

- Did you know that Japan's Nara Women's University's Researchers Database webapp is powered by Apache Wicket? https://wicket.apache.org/

Apache Community Notices

 - Apache in 2021 - By The Digits + Video highlights 

 - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) "Apache Innovation" [40 min] 

 - ASF Annual Report: FY2021 (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Monday May 02, 2022

The Apache News Round-up: week ending 29 April 2022

Farewell, April --we're wrapping up the month with another great week. Here are the latest updates on the Apache community's activities:

ApacheCon – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - CFP open: ApacheCon Asia - 29-31 July (online) https://apachecon.com/acasia2022/cfp.html
 - CFP open: ApacheCon North America - 3-6 October (New Orleans) https://cfp.apachecon.com/
 - Travel Assistance applications open: for ApacheCon North America. Apply today https://apache.org/travel/

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 18 May 2022. Running Board calendar and minutes are available.

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 330 Apache Committers and 838 contributors changed 3,654,519 lines of code over 3,500 commits. Top 5 contributors, in order, are: Andi Huber, Liang Zhang, Jean-Baptiste Onofré, Tamas Cservenak, and Tim Allison.    

Apache Project Announcements – the latest updates by category.

Application Servers/Middleware --
 - Apache Karaf 4.3.7 and Karaf runtime 4.4.0 released

Big Data --
 - Apache CouchDB CVE-2022-24706: Remote Code Execution Vulnerability in Packaging 

Libraries --
 - Apache Log4cxx 0.13.0 released

Messaging --
 - Apache Qpid JMS 2.0.0 released 

Observability --
 - Apache SkyWalking Kubernetes Event Exporter 1.0.0 released

Programming Languages --
 - Apache Groovy 4.0.2 released 

Workflow -
 -
New Apache Airflow Providers released 


Did You Know?

- Did you know that enterprises seeking to meet their growing demand for rapid analytics with terabytes of real-time analytical data use Apache Ignite

- Did you know that the CFP for Pulsar Summit (18 August/San Francisco) closes on 21 May?

- Did you know that Airflow Summit will be held 23-27 May online and free of charge? 

Apache Community Notices

 - Apache in 2021 - By The Digits + Video highlights 

 - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) "Apache Innovation" [40 min] 

 - ASF Annual Report: FY2021 (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Monday April 25, 2022

The Apache News Round-up: week ending 22 April 2022

Hello, everyone --let's review the Apache community's activities from over the past week:

ApacheCon – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - CFP open: ApacheCon Asia - 29-31 July (online) https://apachecon.com/acasia2022/cfp.html
 - CFP open: ApacheCon North America - 3-6 October (New Orleans) https://cfp.apachecon.com/
 - Travel Assistance applications open: for ApacheCon North America. Apply today https://apache.org/travel/

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 18 May 2022. Running Board calendar and minutes are available.

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.99%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 306 Apache Committers and 772 contributors changed 17,057,661 lines of code over 3,534 commits. Top 5 contributors, in order, are: Michael Osipov, Benoit Tellier, Olivier Lamy, Gary Gregory, and Henrik Krohns.

Apache Project Announcements – the latest updates by category.

APIs --
 - Apache APISIX 2.13.1 released
    -- CVE-2022-29266: apisix/jwt-auth may leak secrets in the error response 
 - Apache ShenYu (Incubating) 2.4.3 released

Big Data --
 - Apache CouchDB 3.2.2 released 
 - Apache Beam 2.38.0 released 
 - Apache Kyuubi (Incubating) 1.5.1-incubating released 

Confidential Computing --
 - Apache Teaclave (incubating) 0.4.0 and Teaclave TrustZone SDK 0.2.0 released 

Content --
 - Apache PDFBox 2.0.26 released 

Messaging --
 - Apache Pulsar 2.9.2 and 2.10.0 released 

Middleware --
 - Apache Linkis 1.1.0 (incubating) released

Workflow --
 - Apache DolphinScheduler 3.0.0-alpha released 

Servers -
 - Apache TomEE 8.0.11
released 

Did You Know?

- Did you know that recent projects undergoing development in the Apache Incubator include HugeGraph (graph database), Linkis (computational middleware), and SeaTunnel (Big Data integration)? https://incubator.apache.org/projects/

- Did you know that the ASF is the top-ranked Open Source not-for-profit organization with the most stars on GitHub? Also ranked #4 of all organizations https://gitstar-ranking.com/

- Did you know that the CFP for Ignite Summit (14 June - online) is now open? https://ignite-summit.org/

Apache Community Notices

 - Apache in 2021 - By The Digits + Video highlights 

 - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) "Apache Innovation" [40 min] 

 - ASF Annual Report: FY2021 (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Monday April 18, 2022

The Apache News Round-up: week ending 15 April 2022

Happy Friday, everyone --here's what the Apache community has been up to over the past week:

ApacheCon – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - CFP for ApacheCon North America 2022 (taking place 3-6 October in New Orleans) is now open https://blogs.apache.org/conferences/entry/call-for-presentations-apachecon-north
 - Travel Assistance applications for ApacheCon are open until 1 July https://apache.org/travel/

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 20 April 2022. Running Board calendar and minutes are available.

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.99%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 402 Apache Committers and 1,048 contributors changed 17,760,803 lines of code over 5,646 commits. Top 5 contributors, in order, are: Otavio Rodolfo Piske, Andi Huber, Jinrui.Zhang, Liang Zhang, and Dillon Walls.   

Apache Project Announcements – the latest updates by category.

Incubator --where new Apache projects (aka "podlings") are mentored in the Apache Way of community-led development.
 - Apache brpc (incubating) 1.1.0 released

Attic --provides process and solutions when an Apache project has reached its end of life.
 - Apache River is now retired

Big Data --
 - Apache Bigtop 3.0.1 released
 - Apache ShardingSphere 5.1.1 released

Business Intelligence/Data Visualization --
 - Apache Superset CVE-2022-27479: SQL injection vulnerability in chart data API

Messaging --
 - Apache Qpid ProtonJ2 1.0.0-M5 released

Observability --
 - Apache SkyWalking 9.0.0, Client JS version 0.8.0, and Java Agent 8.10.0 released

Web Frameworks --
Apache Struts 2.5.30 released
- Apache Struts CVE-2021-31805: Forced OGNL evaluation ...
Apache Wicket 9.9.1 released

Workflow --
- New Apache Airflow Providers released 

Did You Know?

- Did you know that Apache APISIX Summit Asia will be held online 20-21 May? https://s.apache.org/rhzue 

- Did you know that the next Apache Airflow Community Meetup is taking place on 20 April 2022? https://www.crowdcast.io/e/airflow-meetup-april/register

- Did you know that demand for Apache Syncope identity management artifacts were downloaded 22.5K times over the last month? https://syncope.apache.org/

Apache Community Notices

 - Apache in 2021 - By The Digits + Video highlights 

 - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) "Apache Innovation" [40 min] 

 - ASF Annual Report: FY2021 (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Monday April 11, 2022

The Apache Weekly News Round-up: week ending 8 April 2022

Hello, everyone --let's review the Apache community's activities from over the past week:

The Apache Software Foundation – the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives.
 - The Apache Software Foundation Welcomes 52 New Members https://s.apache.org/2022NewMembers

ApacheCon – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - CFP for ApacheCon North America 2022 (taking place 3-6 October in New Orleans) is now open https://blogs.apache.org/conferences/entry/call-for-presentations-apachecon-north

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 20 April 2022. Running Board calendar and minutes are available.

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 355 Apache Committers changed 17,006,169 lines of code over 3,843 commits. Top 5 contributors, in order, are: Andi Huber, Claus Ibsen, Gary Gregory, Andrea Cosentino, and Chesnay Schepler.   

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache Flink Kubernetes Operator 0.1.0 released 
 - Apache NiFi 1.16.0 released 
   -- CVE-2022-26850: Insufficiently protected credentials 
 - Apache Pinot 0.10.0 released 
   -- CVE-2022-23974: Pinot segment push endpoint has a vulnerability in unprotected environments 

Databases --
 - Apache Impala 3.4.1 released

Libraries --
 - Apache Daffodil VS Code 1.0.0

Observability --
 - Apache SkyWalking CLI 0.10.0 released 

Workflow --
 - Apache Airflow 2.2.5 released

Did You Know?

- Did you know that those interested in attending ApacheCon NA 2022 (3-6 October/New Orleans) but are unable to do so for financial reasons are invited to apply for Travel Assistance support? Applications open until 1 July https://apache.org/travel/

- Did you know that the ASF Infrastructure team launched a new GitBox platform with upgraded features and services? 

- Did you know that Beam Summit will be held both online and in-person in Austin, Texas, 18-20 July? https://2022.beamsummit.org/

Apache Community Notices

 - Apache in 2021 - By The Digits + Video highlights 

 - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min] 

 - ASF Annual Report: FY2021 -- Press release and Report (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Monday April 04, 2022

The Apache Software Foundation Welcomes 52 New Members

The Apache Software Foundation (ASF) welcomes the following new Members who were elected during the annual ASF Members' Meeting on 1 and 3 March 2022:

Akira Ajisaka, Ahmet Altay, Mike Beckerle, Ash Berlin-Taylor, László Bodor, Michael Bolz, Javier Borkenztain, Robert Bradshaw, Etienne Chauchot, Zili Chen, Marcus Christie, Ed Coleman, Lidong Dai, Heng Du, Eric Friedrich, Sunil Govindan, Anshum Gupta, Xiaoqiao He, Alex Herbert, Jim Hughes, Zhiyuan Ju, Zhenxu Ke, Calvin Kirs, Carter Kozak, Benjamin Lerer, Yizhi Liu, Alfonso Nishikawa Muñumer, Lukas Ott, Eric Payne, Brian Proffitt, Lee Rhodes, Kevin Risden, Alexey Romanenko, Ryan Skraba, Mechtilde Stehmann, Michael Stehmann, Kouhei Sutou, Jerry Tan, Zhankun Tang, Chia-Ping Tsai, Isuru Udana, Dimuthu Upeksha, Talat Uyarer, Roger Whitcomb, Liu Xun, Weiwei Yang, Volkan Yazici, Tilmann Zäschke, Stamatis Zampetakis, Wenli Zhang, Yanhui Zhao, Xinyu “Yukon” Zhou.

In addition, ASF Members Eric Pugh and Jason van Zyl have been reinstated from emeritus status.

The ASF incorporated in 1999 with a core membership of 21 individuals who oversaw the progress of the Apache HTTP Server. This group grew with Committers —developers who contributed code, patches, documentation, and other contributions, and were subsequently granted access by the Membership:

  • to "commit" or "write" directly to Apache code repositories as well as make non-code contributions;
  • the right to vote on community-related decisions; and
  • the ability to propose an active contributor for Committership.


Those Committers who demonstrate merit in the Foundation's growth, evolution, and progress are nominated for ASF Membership by existing Members.

This election brings the total number of active ASF Members to 918 today. Individuals elected as ASF Members legally serve as the "shareholders" of the Foundation https://www.apache.org/foundation/governance/members.html

For more information, visit

# # #

The Apache Weekly News Round-up: week ending 1 April 2022

Welcome, April --we're opening the month with another great week. Here's what the Apache community has been up to:

ApacheCon – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - CFP for ApacheCon North America 2022 (taking place 3-6 October in New Orleans) is now open https://blogs.apache.org/conferences/entry/call-for-presentations-apachecon-north

Sponsor Success at Apache – the blog series that focuses on the people and processes behind why the ASF "just works".
 - "My experience with the Apache Way —a perfect society?" by Etienne Chauchot https://s.apache.org/oree2

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 20 April 2022. Running Board calendar and minutes are available.

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 352 Apache Committers changed 26,605,053 lines of code over 3,949 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Brent Bovenzi, Jarek Potiuk, Gary Gregory, and Andrea Cosentino.  

Apache Project Announcements – the latest updates by category.

APIs --
 - Apache APISIX 2.13.0 released
   -- CVE-2022-25757: body_schema check in request-validation plugin can be bypassed

Big Data --
 - Apache Calcite Avatica Go 5.1.0 released 

Cloud --
 - Apache jclouds 2.5.0 released 

Eventing --
 - Apache EventMesh (incubating) 1.4.0 released

Integration --
 - Apache Camel 3.16.0 released

Messaging --
 - Apache Qpid JMS 1.6.0 released

Servers --
 - Apache Tomcat 8.5.78, 9.0.62, 9.0.62, and 10.1.0-M14 (alpha) released 

Security Framework --
 -  Apache Shiro 1.9.0 released 

Web Frameworks --
 - Apache Wicket 9.9.0 released


Did You Know?

- Did you know that the following Apache projects are celebrating anniversaries in April? Congratulations to Apache CXF (14 years); Avro, HBase, Mahout, Nutch, Tika, and Traffic Server (12 years); Creadur and Jena (10 years); DeltaSpike (9 years); ORC and Parquet (7 years); AsterixDB and Johnzon (6 years); CarbonData and Fineract (5 years); NetBeans, PLC4X, and SkyWalking (3 years); and ShardingSphere (2 years) https://projects.apache.org/committees.html?date

- Did you know that you can anonymously take the 2022 Apache Pulsar Website Survey and help improve the new Pulsar Website? https://lists.apache.org/thread/08hchngnrhz79jhc1d96g3rh8ox2x2db

- Did you know that the ASF has been accepted as a Google Summer of Code mentoring organization for the 17th consecutive year? Apache Project mentors welcome! https://lists.apache.org/thread/cbplf0mszmxx2dv6oor0v227h8kfrk2m

Apache Community Notices

 - Apache in 2021 - By The Digits + Video highlights 

 - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min] 

 - ASF Annual Report: FY2021 -- Press release and Report (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Friday April 01, 2022

Your call is important to us: The Apache Software Foundation’s Infrastructure team unveils new support line

The Apache Software Foundation (ASF) Infrastructure team is laser-focused on providing world-class support for ASF Infrastructure, so we’re pleased to announce the Infra team's voice-activated response line at +1 717-7-APACHE (*).


The service allows callers to leave messages for specific Infrastructure team members, to report issues to the whole team, and to access resources ranging from fast facts to tutorials.


The service can take a spoken report of an issue with Apache’s infrastructure and convert it to a ticket in the Jira issue system that Apache uses to track and resolve issues. The goal is to provide an alternative method of delivering reports that may be faster and more convenient than filling out a form at a website. 


The Infrastructure team looks forward to user feedback so it can identify and deal with any issues in the workflow and process requests for enhancements.


The service is available at +1 717-7-APACHE.


(*) +1 717-727-2243

Tuesday March 29, 2022

Success at Apache: My experience with the Apache Way —a perfect society?

by Etienne Chauchot


I have been working in software engineering for more than 15 years. I've always contributed to Open Source software as a user or a developer. But I've been contributing to Apache Software Foundation (ASF) projects such as Apache Flink, Apache Beam or Apache Spark for nearly 6 years. It is long enough for me to say that I find the Apache Way is almost the best way to collaborate on software engineering.


I will not describe the Apache way here as there is a lot of good information about that already. I would rather link to the official Apache documentation. I humbly suggest that you read what it is if you don't know it already. 


My point here is to talk about the Apache Way in practice as I’ve experienced it. Of course, every Apache community is different, but what I wanted to emphasize is that applying the Apache Way by the book could lead to what I'd call a "perfect society" even if this word seems a bit naive and over optimistic, or even utopian.

A perfect society

Actually, working with the Apache way was a revelation to me!

ASF projects are governed by merit: what you do inside the community is noted, you get credit and it can lead to you obtaining more rights (direct access to the project repositories, election of committers etc.). Merit also drives decisions, discussing solutions and building consensus or voting for the best one helps lead to the best possible state of the project in the end. The best idea always wins in the long term.

The software is not driven by companies: no vendor concerns should take precedence over community. Consider how the ASF creates new top-level projects (TLP): a project starts in the Apache Incubator and is mentored by people who have already participated in successful Apache projects. When the mentors agree a project is ready, healthy and following The Apache Way, the ASF Board can approve its graduation from the Incubator to become a self-governing TLP. So the project is managed by the community itself and not by a single company and its private financial considerations. This helps drive the best decisions for the software itself and ensures long term maintenance of the software.

It is inclusive: the key aspect is that every voice matters, and that everyone is considered equal no matter their personal background, education, ethnicity or nationality, every contribution is good to take. Community members recognize that people skills may be different and complementary to theirs. So contributions might come from anyone, from anywhere and in any form (blog post, documentation, talk, code, website...)


ASF communities are welcoming: they are in constant search for new talents to join their forces. Being welcoming is very important to build and grow a community. The Open source community is also a great place for people to grow. The way people collaborate is generally by mentoring. Experienced contributors help newcomers or experts share their thoughts with others. It is really also a good way for mentors to share their passion and inspire mentees. Mentoring is in the DNA of the ASF starting with the Incubator when the podling community profits from the experience and advice of a mentor to grow in the Apache Way and become a top level project


Communities are self-organized: there is no manager but only technical leaders and mentors. Each community has a PMC that guides its governance, but its responsibilities don’t include assigning work and expecting it to be done. People are self-motivated and I must say that it is the best form of motivation ever! I’ve found the decision-making simple and efficient: there is no solely decision, feedback is always very important. People are willing to share their thoughts and solve problems together.


Community members have a collaborative mindset: they are positive, act constructively and their comments are in the best interest of the project and the community. They are  willing to share their thoughts, review PRs, share advice, accept change requests or bug tickets. People are willing to accept criticism without being defensive. The master word is transparency. 


Last but not least, I’ve seen most people behave gently: the fact that every communication is public guides people to communicate in a positive way. Indeed one of the ASF guiding concepts is "what did not happen publicly didn’t happen" – often said as “what didn’t happen on the mailing list, didn’t happen” but of course this concept can be generalized to any communication tool we use. Examples of good communication I’ve seen in open source communities are: asking questions or suggesting rather than affirming or asking for thoughts rather than disagreeing bluntly. An open source contributor should try to put theirself in the other person's shoes, trying to not hurt their feelings and to not demotivate them.


Considering all of this, what I can tell is that it is the way we all would like people and society in general to behave, no?

Daily life

The funny thing is that it goes even further, after some years of applying this philosophy (I was told lately that it felt almost like a religion) at work on a full time basis, I started applying it to daily life outside of work. It started to become my standard way of behaving in society: 

Meritocracy becomes second nature, for example I reward my home builders with gifts and public credit because they did a good job, I reward my kids for good school work etc... 


I also started to give time to others and share knowledge, mentoring becomes  second nature as well. 


      Another big thing which is very visible is that I now always take good care to give positive communication, leading to positive and constructive thinking. Positivism also becomes a key aspect of my daily life.


On a professional basis, an important thing is that merit never expires. So, if you gain committership on a project, or become a PMC member or even an ASF member, it is for life. So your skills are recognized by your peers for your whole career. This is an incredible credit and a tremendous trust mark!

Can be a bit challenging

In order to avoid being seen as a total idealist, I need to temper a bit:

I remember when I first joined an open source community, I felt intimidated. Community members are generally very senior level and very highly skilled developers. But, remember what is written above: every contribution is good to take. And, with time and mentoring, anyone can earn a place inside the community.

The other thing I felt a bit difficult when I joined is to find where to start: some projects are old enough to have a large community so the amount of code is pretty high. But here again mentoring comes into play: mentors can give you pointers on hot topics, starter tickets or simply areas that need maintenance. And with time, you might be recognized as an expert in a given area and the exciting subjects will come to you. 

And if you feel like you want to join a smaller community try joining a project which is still in the incubation phase!

Conclusion

I hope you enjoyed these insights and I hope it gave you the motivation to join an open source community.


Etienne Chauchot has been working in software engineering for more than 15 years and is now specialized in Big Data. He is an Open Source fan, and contributes to Apache projects such as Apache Beam, Apache Flink or Apache Spark. He is also the author of the "Big data Chronicles" blog. He is an Apache Beam committer and PMC member and also an Apache Foundation member.

= = = "Success at Apache" is a blog series that focuses on the processes behind why the ASF "just works".

Monday March 28, 2022

The Apache Weekly News Round-up: week ending 25 March 2022

We're wrapping up another great week with the following activities from the Apache community:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 20 April 2022. Running Board calendar and minutes are available.

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 333 Apache Committers changed 4,901,028 lines of code over 3,786 commits. Top 5 contributors, in order, are: Jean-Louis Monteiro, Jianyun Cheng, Sebastian Bazley, Benoit Tellier, and James Netherton.

Apache Project Announcements – the latest updates by category.

APIs --
 - Apache APISIX 2.13.0 released 

Big Data --
 - Apache Calcite Avatica 1.30.0 released
 - Apache SeaTunnel (Incubating) 2.1.0 released 
 - Apache Kyuubi (Incubating) 1.5.0-incubating released

Blockchain --
 - Apache Tuweni (Incubating) 2.2.0 released 

Content --
 - Apache POI 5.2.2 released 
 - Apache Syncope 2.1.11 released 
 - Apache Sling 12 released

IoT --
 - Apache IoTDB 0.13.0 released 
 - Apache StreamPipes (Incubating) 0.69.0 released

Libraries --
 - Apache OpenJPA 3.2.2 released 
 - Apache Daffodil 3.3.0 released

Messaging --
 - Apache Qpid Proton 0.37.0 and Qpid Dispatch 1.19.0 released 
 - Apache Pulsar 2.8.3 released

Search --
 - Apache Solr Operator v0.5.1 released 
 - Apache Lucene 9.1.0 released

Servers --
 - Apache Tomcat Native 1.2.32 released 


Did You Know?

- Did you know that improvements to Apache Drill 1.20 include backward compatibility with Apache Hadoop 2; connectors for Apache Phoenix; writing to JDBC data sources; support for new data file formats (including Apache Iceberg and SAS files); and API query improvements?

- Did you know that Apache Calcite 1.30 includes Babel support for <=> operator; SQL hints for temporal table join; fixtures so that dependent projects can write parser, validator, and rules tests; and upgrade jsonpath to fix CVE-2021-27568?

- Did you know that the CloudStack European User Group will be held virtually on 7 April? 

Apache Community Notices

 - Apache in 2021 - By The Digits + Video highlights 

 - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min] 

 - ASF Annual Report: FY2021 -- Press release and Report (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Monday March 21, 2022

The Apache Weekly News Round-up: week ending 18 March 2022

Happy Friday! Let's take a look at what the Apache community has been up to over the past week:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 20 April 2022. Running Board calendar and minutes are available.

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 328 Apache Committers changed 10,109,144 lines of code over 3,415 commits. Top 5 contributors, in order, are: Mark Thomas, Chesnay Schepler, Gary Gregory, Jean-Baptiste Onofré, and Claus Ibsen.     

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache Beam 2.37.0 released

Content --
 - Apache Jackrabbit Oak 1.6.23 released 

Cloud Computing --
 - Apache Kafka 3.0.1 released 
 - Apache Libcloud 3.5.0 released 
 - CVE-2022-26779: Apache Cloudstack: insecure random number generation affects project email invitation 

Database --
 - Apache Geode 1.13.8 released 

Integration --
 - Apache Camel 3.11.6 (LTS) released 

Libraries --
 - Apache Commons Daemon 1.3.0 released 

Messaging --
 - Apache ActiveMQ 5.17.0 released
 - Apache Curator 5.2.1 released

Observability --
 - Apache SkyWalking NodeJS 0.4.0 released 

Programming Languages --
 - Apache Groovy 4.0.1 released 

Servers --
 - Apache HTTP Server 2.4.53 released
   -- CVE-2022-23943: mod_sed: Read/write beyond bounds 
   -- CVE-2022-22721: Possible buffer overflow with very large or unlimited LimitXMLRequestBody
   -- CVE-2022-22720: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier
   -- CVE-2022-22719: mod_lua Use of uninitialized value of in r:parsebody
 - Apache Tomcat 8.5.77, 9.0.60, 10.0.18, 10.1.0-M12 (alpha) released
 - Apache Traffic Server 9.1.2 released
 - Apache HttpComponents Core 5.2-beta1 released

Workflow --
 - Apache Airflow Helm Chart 1.5.0 released 


Did You Know?

- Did you know that the Apache Druid community will be holding a hybrid meetup on 29 March? 

- Did you know that the Bangor Australia's Bangor Brumbies Football Club site uses Apache Wicket

- Did you know that you can support the ASF through one-time and recurring tax-deductible donations online using Apple Pay, Google Pay, and Microsoft Pay using your mobile phone? https://donate.apache.org/

Apache Community Notices

 - Apache in 2021 - By The Digits + Video highlights 

 - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min] 

 - ASF Annual Report: FY2021 -- Press release and Report (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Monday March 14, 2022

The Apache Weekly News Round-up: week ending 11 March 2022

Hello, everyone --let's review the Apache community's activities from over the past week:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 16 March 2022. Running Board calendar and minutes are available.

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 336 Apache Committers changed 4,769,139 lines of code over 3,697 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Otavio R. Piske, Gary Gregory, Andrea Cosentino, and Andi Huber.   

Apache Project Announcements – the latest updates by category.

Big Data --
 - CVE-2021-38296: Apache Spark: Key Negotiation Vulnerability

Content --
 - Apache Any23 2.7 released
   -- CVE-2022-25312: An XML external entity (XXE) injection vulnerability exists in the RDFa XSLTStylesheet extractor
 - Apache Jackrabbit 2.20.5 released 

Cloud Computing --
  - Apache CloudStack 4.16.1.0 LTS released 

Database --
 - Apache ZooKeeper 3.8.0 released
 - Apache Geode 1.12.9 released

IDE --
 - Apache NetBeans 13 released

IoT --
 - Apache IoTDB 0.12.5 released

Libraries --
 - Apache Olingo 4.9.0 released

Mail --
 - Apache James 3.7.0 released

Orchestration --
 - Apache Hop 1.2.0 released

Programming Languages --
 - Apache Groovy 2.5.16 and 3.0.10 released


Did You Know?

- Did you know that the next Apache Druid MeetUp will be held both online and in-person in Tel Aviv on 29 March? 

- Did you know that Apache ShardingSphere SQL Parse Format Function allows you to easily understand and automatically format complicated SQL statements?

- Did you know that the next Apache Airflow Community Meetup will be held on 16 March? Sign up to learn about Data Migration Pipeline with Apache Airflow http://bit.ly/3sES9fL

Apache Community Notices

 - Apache in 2021 - By The Digits + Video highlights 

 - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min] 

 - ASF Annual Report: FY2021 -- Press release and Report (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation