The Apache Software Foundation Blog

Friday March 30, 2018

The Apache News Round-up: week ending 30 March 2018

Let's bid March farewell with a look back at the many Apache activities over the past week:

But first: cake and party favors!
 - The Apache® Software Foundation Celebrates 19 Years of Open Source Leadership "The Apache Way" https://s.apache.org/gK4Q
 - Read "Open – For Business – At the ASF" by Merv Adrian, VP Research at Gartner https://blogs.gartner.com/merv-adrian/2018/03/27/open-for-business-at-the-asf/
 - A look at the "Apache at 19" promo at https://youtu.be/Fqk_rlKiVIs

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 18 April. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - ENDS TODAY: CFP for ApacheCon 24-29 September in Montreal http://apachecon.com/
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield kicking performance at 99.98% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 519 Apache contributors changed 897,504 lines of code over 3,230 commits. Top 5 contributors, in order, are: Hanisha Koneru, Carlos Sanchez Gonzalez, Jean-Baptiste Onofré, Till Rohrmann, and Tellier Benoit.

Apache Accumulo™ –a sorted, distributed key/value store that provides robust, scalable data storage and retrieval. 
 - Apache Accumulo 1.7.4 released https://accumulo.apache.org/

Apache Ant™ –a Java library and command-line tool that helps building software.
 - Apache Ant 1.9.11 and 1.10.3 http://ant.apache.org/

Apache Any23™ –Anything To Triples is a library, a web service and a command line tool that extracts structured data in RDF format from a variety of Web documents.
 - Apache Any23 2.2 released http://any23.apache.org/

Apache Commons™ Text –Open Source software library provides a host of algorithms focused on working with strings and blocks of text.
 - Apache Commons Text 1.3 released http://commons.apache.org/

Apache Groovy™ –a multi-facet programming language for the JVM.
 - Apache Groovy 2.4.15 released https://groovy.apache.org/

Apache HTTP Server™ –the world's most popular Web server software.
 - Apache HTTP Server 2.4.33 released http://httpd.apache.org/

Apache Jackrabbit™ Oak – scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Web sites and other demanding content applications.
 - Apache Jackrabbit Oak 1.0.42 released http://jackrabbit.apache.org/

Apache Kafka™ –a distributed, fault tolerant, publish-subscribe messaging.
 - Apache Kafka 1.1.0 released http://kafka.apache.org/

Apache Kudu™ –an Open Source storage engine for structured data that supports low-latency random access together with efficient analytical access patterns.
 - Apache Kudu 1.7.0 released https://kudu.apache.org/

Apache Kylin™ –an Open Source Distributed Analytics Engine designed to provide SQL interface and multi-dimensional analysis (OLAP) on Apache Hadoop, supporting extremely large datasets.
 - Apache Kylin 2.3.1 released https://kylin.apache.org/

Apache PDFBox™ –an Open Source Java tool for working with PDF documents.
 - Apache PDFBox 2.0.9 released http://pdfbox.apache.org/

Apache Qpid™ JMS –AMQP enterprise messaging implementation.
 - Apache Qpid JMS 0.31.0 released http://qpid.apache.org/

Apache Struts™ –a free Open Source framework for creating Java Web applications.
 - Immediately upgrade commons-fileupload to version 1.3.3 http://mail-archives.apache.org/mod_mbox/www-announce/201803.mbox/%3CCAMopvkNu%2BMdh%3DXCDQJmKYfjd%3DbdCFkhNXvWbYzvmXuLNw0aYbg%40mail.gmail.com%3E
 - A crafted XML request can be used to perform a DoS attack when using the Struts REST plugin http://mail-archives.apache.org/mod_mbox/www-announce/201803.mbox/%3CCAMopvkNZoHH3qx%2B9brdRdAoZ7zy9w6QPotjohVwqsopGEk%3Dsgw%40mail.gmail.com%3E

Did You Know?

 - Did you know that HBaseCon and PhoenixCon will be taking place 18 June in San Jose? Contact the Apache HBase and Phoenix project communities for more information http://hbase.apache.org/ and http://phoenix.apache.org/

 - Did you know that Orange Moldova uses Apache Wicket to Orange Moldova to build its Webapps? http://wicket.apache.org/

 - Did you know that new projects in the Apache Incubator include Druid (Big Data), Dubbo (Java RPC framework), ECharts (charts and data visualization tool), among others? http://incubator.apache.org/

Apache Community Notices:

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ApacheCon North America will be held 24-29 September in Montreal http://apachecon.com/ **CFP IS OPEN!**

 - ASF Quarterly Report: Operations Summary: November 2017 - January 2018 https://s.apache.org/UtBD

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday March 23, 2018

The Apache News Round-up: week ending 23 March 2018

It's time to review our weekly activities! The Apache Community has been working on:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Welcome new ASF Board of Directors http://s.apache.org/Opxf
 - The Apache Software Foundation Operations Summary: November 2017 - January 2018 https://s.apache.org/UtBD
 - Next Board Meeting: 18 April. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - ONE WEEK LEFT: CFP for ApacheCon 24-29 September in Montreal http://apachecon.com/
 - Welcome CloudStack Collaboration Conference and Geospatial Track to ApacheCon ...we look forward to seeing your Apache communities there too!
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield stupendous performance at 99.97% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 555 Apache contributors changed 961,293 lines of code over 3,660 commits. Top 5 contributors, in order, are: James Clampffer, Carlos Sanchez Gonzalez, Andrea Cosentino, Claus Ibsen, and Hanisha Koneru.

Apache Arrow™ –a cross-language development platform for in-memory data.
 - A Native Go Library for Apache Arrow http://arrow.apache.org/blog/
 - Apache Arrow 0.9.0 released http://arrow.apache.org/

Apache Calcite™ –a framework for writing data management systems.
- Apache Calcite 1.16.0 released https://calcite.apache.org/

Apache Drill™ – a distributed MPP query layer that supports SQL and alternative query languages against NoSQL and Apache Hadoop data storage systems.
 - Apache Drill 1.13.0 released https://drill.apache.org/

Apache HAWQ (incubating) –an advanced enterprise SQL on Apache Hadoop analytic engine.
 - Apache HAWQ 2.3.0.0-incubating released http://hawq.apache.org/

Apache Log4j™ –a well-known framework for logging application behavior.
 - Apache Log4j2 2.11.0 released https://logging.apache.org/log4j/

Apache MINA™ –a network application framework that helps users easily develop high performance and high scalability network applications.
 - Apache MINA 2.0.17 released http://mina.apache.org/

Apache ODE™ –a WS-BPEL 1.1/2.0 compliant Web Services orchestration engine.
 - Apache ODE 1.3.8 released http://ode.apache.org/

Apache Struts™ –an elegant, extensible framework for creating enterprise-ready Java Web applications.
 - Apache Struts 2.5.16 GA released http://struts.apache.org/

Apache Syncope™ –an Open Source system for managing digital identities in enterprise environments, implemented in Java EE technology.
 - Apache Syncope 1.2.11 and 2.0.8 released http://syncope.apache.org/
 - CVE-2018-1321: Remote code execution by administrators with report and template entitlements http://mail-archives.apache.org/mod_mbox/www-announce/201803.mbox/%3C2412ad22-6e9a-04f4-996f-9f061b678b01%40apache.org%3E
 - CVE-2018-1322: Information disclosure via FIQL and ORDER BY sorting http://mail-archives.apache.org/mod_mbox/www-announce/201803.mbox/%3Cc4057b57-bfac-7765-2a0a-4e726674ceef%40apache.org%3E

Apache Trafodion™ –a Web-scale SQL-on-Hadoop solution enabling transactional or operational workloads on Apache Hadoop.
 - Apache Trafodion 2.2.0 released https://trafodion.apache.org/

Apache UIMA™ DUCC –a component framework supporting development, discovery, composition, and deployment of multi-modal analytics tasked with the analysis of unstructured information. Distributed UIMA Cluster Computing.
 - Apache UIMA DUCC 2.2.2 released https://uima.apache.org/

Did You Know?

 - Did you know that Netflix run 400 microservices with 33,000 network connections per broker using Apache Kafka? http://kafka.apache.org/

 - Did you know that Apache CouchDB run a weekly news series? Catch up today at https://blog.couchdb.org/

 - Did you know that Apache Airflow (incubating) has a podcast series? https://soundcloud.com/the-airflow-podcast/

Apache Community Notices:

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ApacheCon North America will be held 24-29 September in Montreal http://apachecon.com/ **CFP IS OPEN!**

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Thursday March 22, 2018

Announcing New ASF Board of Directors

At The Apache Software Foundation (ASF) Members’ Meeting held this week, the following individuals were elected to the ASF Board of Directors:

 - Rich Bowen
 - Shane Curcuru
 - Bertrand Delacretaz
 - Isabel Drost-Fromm
 - Ted Dunning
 - Brett Porter
 - Roman Shaposhnik
 - Phil Steitz
 - Mark Thomas


The ASF thanks Chris Mattmann and Jim Jagielski who chose not to stand for re-election this year. The Foundation thanks them for their service, and lauds Jagielski's service as a member of the ASF Board for the past 19 years.

An overview of the ASF's governance, along with the complete list of ASF Board of Directors, Executive Officers, and Project/Committee Vice Presidents, can be found at http://apache.org/foundation/

For more information on the Foundation's operations and structure, see http://apache.org/foundation/how-it-works.html#structure

# # #

Saturday March 17, 2018

The Apache Software Foundation Operations Summary: November 2017 - January 2018

FOUNDATION OPERATIONS SUMMARY

Third Quarter, Fiscal Year 2018 (November 2017 - January 2018)

"The unbroken success of Apache still has important lessons to teach us... The Apache community has succeeded not just in developing great code, it has managed to distil the essence of the development process and ethos in such a way that other cognate projects can adopt and adapt it.--Glyn Moody, "Learning from The Apache Way"

> President's Statement:

This quarter included a number of holidays, which generally means that it is relatively quiet time when each area in operations get lower than normal number of requests and can work down their list of things to do. We created four new projects and retired one. Expenses are under control, and income is ahead of plan. We had no major security breach event that we had to respond to like we did last quarter. That's a very good thing: no news is a good news! In general, all systems are running smoothly as we prepare for the next uptake in activity.

> Conferences and Events: In the report period, the ASF did not conduct any events, and thus we have nothing to report. During this period, we investigated options for ApacheCon events in the 2018 calendar year. You can find details about those events at http://apachecon.com/ and in our upcoming Annual Report. At the close of this quarter, we were finalizing our plans for participation in FOSDEM http://fosdem.org/ .

> Community Development: During this quarter our main focus was participation in several existing Open Source related events. Our involvement was not only represented by talks and presentations but also by having a booth so that we could talk directly with conference attendees. In November, we participated at the FOSS Backstage Micro Summit, a new conference that focuses on Open Source communities, governance and legal aspects. These areas are very relevant to the community development effort and several Apache speakers were selected to be part of the program. Feedback was positive and we would like to continue being involved in this event in the future.

Following our participation last year at the OpenExpo in Madrid, we have been invited to participate again at the conference in 2018. This time we have been allocated a keynote and other presentation slots that will help us promote Apache within Spain and the Spanish speaking community. During early December, we participated at the Open Source Summit in Paris. This included a keynote and also a half day Apache track featuring a range of technical presentations for various projects. We also provided some additional talks as part of the community track.

Community Development also ran the Apache booth which attracted a lot of visitors. As this was a predominantly French speaking event, the French version of the ASF brochure was very useful in explaining to people what the foundation does and how it works. Feedback received from attendees was extremely positive and many wanted become involved with various projects. A key focus during January were tasks around the ASF involvement in for Google Summer of Code(GSoC). The Community Development team is a main contact for co-ordinating and managing the ASF involvement as a mentoring organisation. Many ASF projects have already created a list of ideas that prospective students could work on.

Following on from our last update, we have facilitated the introduction of Apache business cards that anyone involved with Apache projects can use when they are promoting their Apache project at an event or representing their Apache project. Two formats have been agreed, one that is a formal ASF role card that is based card n the existing ASF business cards, and another less formal community business card any contributor to an Apache project can use. A wiki page has been setup with information and FAQs to help with the introduction.

Our mailing list traffic remains stable this quarter with the the main focus being discussions related to the Apache events announced for 2018.

> Committers and Contributions: Over the past quarter, 1,715 contributors committed 51,157 changes that amount to 17,995,945 lines of code across Apache projects. The top 5 contributors during this timeframe were: Michał Narajowski (673 commits); Daniel Sun (666 commits); Mark Thomas (592 commits); Andrea Cosentino (514 commits); Junkai Xue (513 commits).


All individuals who are granted write access to the Apache repositories must submit an Individual Contributor License Agreement (ICLA). Corporations that have assigned employees to work on Apache projects as part of an employment agreement may sign a Corporate CLA (CCLA) for contributing intellectual property via the corporation. Individuals or corporations donating a body of existing software or documentation to one of the Apache projects need to execute a formal Software Grant Agreement (SGA) with the ASF. 

During Q3 FY2018, the ASF Secretary processed 203 ICLAs, 13 CCLAs, and 4 Software Grants. Apache committer activity can be seen at http://status.apache.org/#commits

> Brand Management: This quarter has seen the usual stream of questions, potential infringements, permission requests and registration activities to the Brand Management team. Our policies and answers to common questions may be found on online at https://www.apache.org/foundation/marks/resources and we would encourage everyone with a brand related question to review those pages in the first instance.

One of the challenges for the Brand Management team has been finding a way to track open issues without imposing an unnecessary burden on those raising the issue, the Apache project communities the issue relates to or the Brand Management team. Like all communities at Apache, our communication is based on a mailing list --albeit a private one in this case as many of the issues we handle require a degree of confidentiality. It has been clear for some time that the mailing list alone is not sufficient for tracking open issues. Having experimented with various schemes without success over the last six months, we believe we have found a solution. The Brand Management team is now utilizing a shared mailbox and associated labeling system to allow all team members to see, broken down by project, which issues are resolved, which are waiting on other parties and which require action from us. It is still early in the adoption of this new system, but the initial results are promising.

In this quarter the US trademark registration has completed for Tez® and CouchDB® along with a number of renewals of existing marks. Some of these renewals have been for communities that came to the ASF with registrations in a large number of jurisdictions. Given the costs associated with renewing marks in some jurisdictions, we have started to discuss with those communities whether renewal is a cost-effective use of our funds.

Looking forward to the next quarter, we hope that the new issue tracking process fulfills its early promise and we'll be doing detailed planning for the next financial year.

As always, if you do have any comments or questions for the Brand Management team, please do get in touch: https://www.apache.org/foundation/marks/contact


> Legal Affairs:
 The Apache Software Foundation (ASF) Legal Affairs team works diligently with our pro-bono legal counsel and answers legal questions, and addresses policy issues regarding license compatibility for The Apache Software Foundation. In the last quarter, the Legal Affairs team worked on providing guidance on how to update two of our Export Control Classification Number (ECCN) numbers for ASF projects. In addition the following specific questions were answered and the following work was performed:

  • How to deal with commercial attribution and use of ASF software. 
  • How to properly deal with NOTICE and LICENSE files in ASF projects.
  • The inclusion of Apache license short headers in source code files.
  • Answering whether or not Unified Modeling Language (UML) files could be licensed using the Apache License version 2.0 (ALv2).
  • Use of a dependency licensed under the JSON lib license and also a community with a question about the BSD 3 clause (“nuclear”) license.
  • The Eclipse Public License version 2.0 was added to Category-B license list on the legal resolved page.
  • The inclusion of public work files in ASF projects. 
  • Whether design files commercially licensed could be used to build ASF project websites.
  • Discussions surrounding the replacement of our CLA with the DCO+ALv2 agreement were undertaken but did not reach any conclusions. 
  • The use of metrics data collection surrounding the use of ASF projects was discussed.

The committee is a Board committee and reports directly Apache Board of Directors. We are eager to meet and serve the needs of our projects, in collaboration with our pro-bono counsel.

> Infrastructure: The Infrastructure team and its volunteers have been hard at work over the past quarter working on our mail systems, LDAP, cost reduction, build system improvements, and continued migration off of ASF-owned machines to more flexible cloud-based provisioning.

The mail system at the Foundation is a complex system that has evolved over the twenty years of our existence. It serves tens of thousands of users, millions of daily messages, and resides at the very core of how our communities operate under the Apache Way. Yet, this long history and evolution comes with a lot of historical baggage and technical debt that we have been working against for quite a while. We have made great strides this quarter in crafting new archival and access systems, which also assists with our goals for migration and using Puppet for management. We are still testing and qualifying these systems for deployment, next quarter.

The Foundation has been on a long trajectory to consolidating our authentication and authorization mechanisms around a central LDAP-based system. Our initial deployment did not quite serve our needs properly, so we have simplified, upgraded, and applied Puppet to better provide LDAP services across the Foundation's infrastructure.

This process is near completion, and has served to reduce, remove, and simplify much of our historical tooling.

One of our cost reduction efforts has been focused around our domain and certificate management. We have consolidated several providers to just one, and are looking at about a 40% reduction in future costs. At the same time, using the domain registrar's APIs, we've been able to bring more consistent management to our set of domains (we manage about 40, for the Foundation and its projects).

The holiday season was a great time to upgrade our Jenkins build cluster to their latest LTS release, while people were away spending time with family instead of queuing more build jobs. In addition, one of our sponsors helped out by donating many more build machines. Our projects have an ever-increasing need for more builds, so this has been a great quarter to satisfy those needs.

Lastly, we have made some great progress on our movement away from Foundation-owned hardware towards third-party provisioning of hardware and virtual machines. This long-term project is finally seeing the light at the end of the tunnel, and should be finalized during calendar year 2018.


> Financial Statement:



> Fundraising:
 Over this past quarter we have been launching our Targeted Sponsorship program. Targeted sponsorships give our sponsors greater recognition and more flexibility in how they can help our Top-Level Projects. Take a look at http://www.apache.org/foundation/thanks2.html

We are also proud to be working on three Apache events for 2018: ApacheCon 2018 North America in Montreal in September, the Apache 2018 EU Roadshow in Berlin in June and the Apache 2018 US Roadshow in Washington, DC in October. 

Interested in sponsoring?  Please email kmcgrail@apache.org for more details.

Finally, the Foundation relies on our sponsors to exist.  We are not a trade organization but a 100% volunteer-led charity. Donations are tax-deductible to the extent permitted by law.

# # #

Report prepared by Sally Khudairi, Vice President Marketing & Publicity, with contributions by Sam Ruby, ASF President; Rich Bowen, Vice President Conferences; Sharan Foga, Vice President Community Development; Chris Mattmann, Vice President Legal Affairs; Mark Thomas, Vice President Brand Management; Greg Stein, ASF Infrastructure Administrator; Tom Pappas, ASF Member and Vice President, Finance & Accounting at Virtual, Inc.; and Kevin McGrail, Vice President Fundraising.

For more information, subscribe to the announce@apache.org mailing list and visit http://www.apache.org/, the ASF Blog at http://blogs.apache.org/, the @TheASF on Twitter, and https://www.linkedin.com/company/the-apache-software-foundation.

(c) The Apache Software Foundation 2018.

Friday March 16, 2018

The Apache News Round-up: week ending 16 March 2018

It's time for our mid-month review of the Apache Community's activities since last week:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 March. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/
 - CFP is open for ApacheCon 24-29 September in Montreal http://apachecon.com/

Apache Community Development –helps newcomers take their first steps towards being a part of the Apache community.
 - The ASF is a Google Summer of Code Mentoring Organization for the 13th consecutive year. Students: roll up sleeves and get started with dozens of Apache projects at https://community.apache.org/gsoc.html

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield fabulous performance at 99.96% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 499 Apache contributors changed 896,598 lines of code over 3,223 commits. Top 5 contributors, in order, are: Carlos Sanchez Gonzalez, Alex Harui, Gintas Grigelionis, Tellier Benoit, and Iñigo Goiri.

Apache Allura™ –an Open Source implementation of a software "forge" that manages source code repositories, bug reports, discussions, wiki pages, blogs and more for any number of individual projects.
 - [SECURITY] CVE-2018-1319 Apache Allura HTTP response splitting http://mail-archives.apache.org/mod_mbox/www-announce/201803.mbox/%3Cf89f6551-b72e-5a20-6013-8adf5acd752a%40apache.org%3E

Apache Calcite™ Avatica –a framework for building database drivers.
- Apache Calcite Avatica 1.11.0 released https://calcite.apache.org/

Apache Commons™ Compress –working with zip, ar, jar, bz2, cpio, tar, gz, dump, pack200, lzma, 7z, arj and xz files.
 - [SECURITY] CVE-2018-1324 Apache Commons Compress denial of service vulnerability http://mail-archives.apache.org/mod_mbox/www-announce/201803.mbox/%3C87woycifgl.fsf%40v45346.1blu.de%3E

Apache CXF™ –an Open Source services framework.
 - Apache CXF 3.1.15 released http://cxf.apache.org/

Apache Jackrabbit™ Oak –a scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Wb sites and other demanding content applications.
 - Apache Jackrabbit Oak 1.2.29 released http://jackrabbit.apache.org/

Apache Juneau™ –a toolkit for marshalling POJOs to a wide variety of content types using a common framework, and for creating sophisticated self-documenting REST interfaces and microservices using very little code.
 - Apache Juneau 7.1.0 released http://juneau.apache.org/

Apache PredictionIO™ –an open source Machine Learning Server built on top of state-of-the-art open source stack, that enables developers to manage and deploy production-ready predictive services for various kinds of machine learning tasks.
 - Apache PredictionIO 0.12.1 released http://predictionio.apache.org/

Apache SensSoft (incubating) –a user activity logging and analytics system that enables developers to instrument and extract design and user insights from their applications.
 - Apache SensSoft (Incubating) UserALE.js 1.0.0 released http://senssoft.incubator.apache.org/

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies.
 - Apache Tomcat 8.5.29 released http://tomcat.apache.org/
 - [SECURITY] CVE-2018-1323 Apache Tomcat JK ISAPI Connector path traversal http://mail-archives.apache.org/mod_mbox/www-announce/201803.mbox/%3Cadc2b992-cbd1-145d-2812-f0f2cc69c099%40apache.org%3E

Did You Know?

 - Did you know that Apache NetBeans (incubating) Day UK will be held 27 April 2018? https://www.eventbrite.co.uk/e/apache-netbeans-day-uk-2018-tickets-43401128945

 - Did you know that you can participate in the Apache Drill "wishlist" survey? https://twitter.com/ApacheDrill/status/974499942751289344

 - Did you know that Apache Committers receive a 50% discount off registration for DataWorks Summit? Contact apachedwsdiscount(at)hortonworks(dot)com for the code.

Apache Community Notices:

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 13) A Newbie's Narrative https://s.apache.org/A72H 14) Contributing to Open Source even with a high-pressure job https://s.apache.org/lM9O 15) Success at Apache: Open Innovation from a Non-native English Country https://s.apache.org/lh61

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ApacheCon North America will be held 24-29 September in Montreal http://apachecon.com/ **CFP IS OPEN!**

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday March 09, 2018

The Apache News Round-up: week ending 9 March 2018

Happy Friday, everyone! We've been rather busy in ApacheLand with the following activities:

"Success at Apache" –a monthly blog series that focuses on the processes behind why the ASF "just works".
 - Open Innovation from a Non-native English Country by Von Gosling https://s.apache.org/lh61

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 March. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/
 - CFP is open for ApacheCon 24-29 September in Montreal http://apachecon.com/
 - ApacheCon and The Open Geospatial Consortium team up to advance the implementation of geospatial data and processing across Apache projects https://s.apache.org/iUM5

Apache Community Development –helps newcomers take their first steps towards being a part of the Apache community.
 - The ASF is a Google Summer of Code Mentoring Organization for the 13th consecutive year. Students: roll up sleeves and get started with dozens of Apache projects at https://community.apache.org/gsoc.html

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield snapping performance at 99.98% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 545 Apache contributors changed 1,529,153 lines of code over 4,008 commits. Top 5 contributors, in order, are: Sijie Guo, Duo Zhang, Dan Kirkwood, Andrea Cosentino and Tilman Hausherr.

Apache Groovy™ –a multi-facet programming language for the JVM.
 - Apache Groovy 2.6.0-alpha-3 released https://groovy.apache.org/

Apache HBase™ –an Open Source, distributed, versioned, non-relational database.
 - Apache HBase 2.0.0-beta-2 https://hbase.apache.org/

Apache Hivemall (incubating) –a scalable machine learning library implemented as Hive UDFs/UDAFs/UDTFs.
 - Apache Hivemall 0.5.0-incubating released http://hivemall.incubator.apache.org/

Apache Jackrabbit™ –a fully compliant implementation of the Content Repository for Java(TM) Technology API, version 2.0 (JCR 2.0) as specified in the Java Specification Request 283 (JSR 283).
 - Apache Jackrabbit 2.6.10 released http://jackrabbit.apache.org/

Apache Kafka™ –a distributed streaming platform.
 - Apache Kafka 1.0.1 http://kafka.apache.org/

Apache Kylin™ –an Open Source Distributed Analytics Engine designed to provide SQL interface and multi-dimensional analysis (OLAP) on Apache Hadoop, supporting extremely large datasets.
 - Apache Kylin 2.3.0 released https://kylin.apache.org/

Apache Libcloud™ –a Python library that abstracts away the differences among multiple cloud provider APIs.
 - Apache Libcloud 2.3.0 release https://libcloud.apache.org/

Apache Lucene™ –a high-performance, full-featured text search engine library written entirely in Java.
 - Apache Lucene 6.6.3 and Solr 6.6.3 released http://lucene.apache.org/

Apache Parquet™ –a general-purpose columnar file format supporting nested data.
 - Apache Parquet C++ release 1.4.0 released http://parquet.apache.org/

Apache Qpid™ –a messaging library for the Advanced Message Queuing Protocol 1.0 (AMQP 1.0, ISO/IEC 19464, http://www.amqp.org).
 - Apache Qpid JMS 0.30.0, Apache Qpid Proton 0.21.0, and Qpid Broker-J 7.0.2 released http://qpid.apache.org/

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies.
 - Apache Tomcat Connectors 1.2.43 released https://tomcat.apache.org/

Apache UIMA™ –a component architecture and framework for the analysis of unstructured content like text, video and audio data.
 - Apache UIMA Java SDK 3.0.0 released http://uima.apache.org


Did You Know?

 - Did you know that Netflix uses Apache Kafka to scale its architecture across 4,000+ brokers and > 1 trillion messages per day? http://kafka.apache.org/

 - Did you know that Apache NetBeans (incubating) seeks programmers to help test its newest release? http://netbeans.apache.org/

 - Did you know that you can keep up to date with the latest developments on the ASF Community Development (ComDev) activities through their monthly blog? https://blogs.apache.org/comdev/

Apache Community Notices:

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 13) A Newbie's Narrative https://s.apache.org/A72H 14) Contributing to Open Source even with a high-pressure job https://s.apache.org/lM9O 15) Success at Apache: Open Innovation from a Non-native English Country https://s.apache.org/lh61

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday March 02, 2018

The Apache News Round-up: week ending 2 March 2018

Well, hello March. Let's see what the Apache community has been up to:

"Success at Apache" –a monthly blog series that focuses on the processes behind why the ASF "just works".
 - Contributing to Open Source even with a high-pressure job by Anthony Shaw https://s.apache.org/lM9O

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 March. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/
 - CFP is open for ApacheCon 24-29 September in Montreal http://apachecon.com/
 - CFP is also open for the Apache Roadshow Europe 13-14 June in Berlin http://apachecon.com/euroadshow18/

Apache Community Development –helps newcomers take their first steps towards being a part of the Apache community.
 - The ASF is a Google Summer of Code Mentoring Organization for the 13th consecutive year. Students: learn how to get started with dozens of Apache projects at https://community.apache.org/gsoc.html

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield sensational performance at 99.90% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 550 Apache contributors changed 1,430,495 lines of code over 4,052 commits. Top 5 contributors, in order, are: Andi Huber, Jacky Li, Sean Busbey, Matteo Merli, and Tilman Hausherr.

Apache Fluo™ –a distributed processing system built on Apache Accumulo.
 - Apache Fluo 1.2.0 released http://fluo.apache.org/

Apache Geode™ –low latency, high concurrency data management solutions.
 - CVE-2017-15692 Apache Geode unsafe deserialization in TcpServer http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAEwge-EA%3DarmRcEHu5R3zZhyuTm%3DZTLKHNJa5wPrsCYd3AeNfA%40mail.gmail.com%3E
 - CVE-2017-15693 Apache Geode unsafe deserialization of application objects http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAEwge-HwkgJoAUiCKj1S43OfcaU%2B47ZQkw%2BwkNmm0%3DJSH_Y5TA%40mail.gmail.com%3E

Apache Groovy™ –a multi-facet programming language for the JVM.
 - Apache Groovy 2.4.14 released https://groovy.apache.org/

Apache Lucy™ –search engine library provides full-text search for dynamic programming languages.
 - Apache Lucy 0.6.2 and Clownfish 0.6.3 released http://lucy.apache.org/

Apache MXNet (incubating) –a deep learning framework designed for both efficiency and flexibility.
 - Apache MXNet (incubating) 1.1.0 released http://mxnet.incubator.apache.org/

Apache OpenMeetings™ –provides video conferencing, instant messaging, white board, collaborative document editing and other groupware tools using API functions of the Red5 Streaming Server for Remoting and Streaming.
 - Apache OpenMeetings 4.0.2 released http://openmeetings.apache.org
 - CVE-2018-1286 - Apache OpenMeetings - Insufficient Access Controls http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAJmbs8jpHcih%2BA0nzrUQV8gkF65tCVLrjqiq26vLarskarScmw%40mail.gmail.com%3E

Apache PDFBox™ –access to images encoded using the JBIG2 image compression standard.
 - Apache PDFBox JBIG2 ImageIO plugin 3.0.0 released http://pdfbox.apache.org/

Apache Qpid™ Dispatch –a router for the Advanced Message Queuing Protocol 1.0
 - Apache Qpid Dispatch 1.0.1 released http://qpid.apache.org/

Apache Subversion™ –universally recognized and adopted Open Source, centralized version control system.
 - Apache Subversion 1.10.0-rc1 released http://subversion.apache.org/

Did You Know?

 - Did you know that the following Apache projects are celebrating anniversaries this month? mod_perl (18 yrs); Struts (14 yrs); Jackrabbit (12 yrs); Phoenix (11 yrs); Archiva (10 yrs); Felix (11 yrs); Archiva (10 yrs); UIMA (8 yrs); Accumulo, Lucy, Sqoop (8 yrs); Bloodhound, CloudStack, cTAKES (5 yrs); Aurora, Polygene (4 yrs); and Sentry (2 yrs). Many happy returns! https://projects.apache.org/

 - Did you know that Apache CouchDB will be featured at the Women Who Code Boston meetup on 20 March? http://couchdb.apache.org/

 - Did you know that Apache CloudStack users may be impacted by the upcoming retirement of http://download.cloud.com ? http://cloudstack.apache.org/

Apache Community Notices:

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 13) A Newbie's Narrative https://s.apache.org/A72H 14) Contributing to Open Source even with a high-pressure job https://s.apache.org/lM9O

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation