The Apache Software Foundation Blog

Friday September 29, 2017

The Apache News Round-up: week ending 29 September 2017

So long, September. The Apache community is closing out the week with the following activities:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 18 October. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield fresh performance at 99.14% uptime http://status.apache.org/

ASF Operations Factoid –this week, 555 Committers changed 1,291,551 lines of code over 3,617 commits. Top 5 contributors, in order, are: Claus Ibsen; Jian He; Mark Thomas; Joel Bernstein; and Michael Jumper.

Apache CarbonData™ –BigData file format for faster interactive query using advanced columnar storage, index, compression, and encoding techniques to improve computing efficiency.
 - Apache CarbonData 1.2.0 released http://carbondata.apache.org/

Apache Commons™ Jelly –a tool for turning XML into executable code.
 - Apache Commons Jelly 1.0.1 released http://commons.apache.org/proper/commons-jelly/
 - CVE-2017-12621 Apache Commons Jelly connects to URL with custom doctype definitions http://mail-archives.apache.org/mod_mbox/www-announce/201709.mbox/%3C38CA08B7-2456-4D56-AF60-BE1168ECE522%40apache.org%3E

Apache Jackrabbit™ –a fully conforming implementation of the Content Repository for Java Technology API (JCR).
 - Apache Jackrabbit 2.8.6 and Jackrabbit Oak 1.7.8 released http://jackrabbit.apache.org/

Apache JMeter™ –a 100% pure Java application designed to test server applications.
 - Apache JMeter 3.3 released http://jmeter.apache.org/

Apache Parquet™ –a general-purpose columnar file format supporting nested data.
 - Apache Parquet C++ 1.3.0 released http://parquet.apache.org/

Apache PredictionIO –an Open Source Machine Learning Server built on top of state-of-the-art open source stack, that enables developers to manage and deploy production-ready predictive services for various kinds of machine learning tasks.
 - Apache PredictionIO 0.12.0-incubating released http://predictionio.incubator.apache.org/

Apache Qpid™ JMS –client supporting the Advanced Message Queuing Protocol 1.0, based around the Apache Qpid Proton protocol engine and implementing the AMQP JMS Mapping as it evolves at OASIS.
 - Apache Qpid JMS 0.25.0 released http://qpid.apache.org/

Apache RocketMQ™ –Open Source distributed messaging and streaming Big Data platform.
 - The Apache Software Foundation Announces Apache® RocketMQ™ as a Top-Level Project https://s.apache.org/MLfe

Did You Know?

 - Did you know that Apache Arrow, Kudu, MXNet, Lucene Solr, Spark, Tinkerpop, and Zeppelin have won InfoWorld Bossie Awards this yar? https://www.infoworld.com/article/3227918/application-development/bossies-2017-the-best-of-open-source-software-awards.html

 - Did you know that Apache Airflow (incubating) is a Big Data workflow engine that maximizes value extraction from data? http://airflow.apache.org/

 - Did you know that work is underway to release Apache NetBeans 9? Here's how you can help https://cwiki.apache.org/confluence/display/NETBEANS/List+of+Modules+to+Review


Apache Community Notices:

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg

 - Follow the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation (re-tweets/shares/likes most appreciated!)

 - Presentations from ApacheCon https://s.apache.org/Hli7 and Apache: Big Data https://s.apache.org/tefE are available; as well as videos https://s.apache.org/AE3m and audio recordings https://feathercast.apache.org/

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - The Apache community will be at All Things Open --stop by the ASF booth and say hello! 23-24 October in Raleigh https://allthingsopen.org/

 - Learn about Apache Atlas, AriaTosca (incubating), Hadoop YARN, Kafka, ManifoldCF, Ranger, Spot (incubating), Thrift, and more at Open Source Summit Europe + ELC Europe 2017 23-26 October in Prague https://osseu17.sched.com/

 - Catch the Apache Ignite and Spark communities at the In-Memory Computing Summit 24-25 October in San Francisco https://imcsummit.org/

 - ASF Quarterly Report: Operations Summary Q1 FY2018 https://s.apache.org/cEUm

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Monday September 25, 2017

The Apache Software Foundation Announces Apache® RocketMQ™ as a Top-Level Project

Open Source distributed messaging and streaming Big Data platform in use at Alibaba Group, Didi Chuxing, S.F. Express, WeBank, Peking University, and Chinese Academy of Sciences, among others.

Forest Hill, MD –25 September 2017– The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today that Apache® RocketMQ™ has graduated from the Apache Incubator to become a Top-Level Project (TLP), signifying that the project's community and products have been well-governed under the ASF's meritocratic process and principles.

Apache RocketMQ is an Open Source distributed messaging and streaming Big Data platform with low latency, high performance and reliability, trillion-level capacity and flexible scalability.

"I am very excited to see Apache RocketMQ as a Top-Level Project and I would like to thank our mentors for all their help, the Apache Incubator Project Management Committee for its advice and guidance, everyone in the RocketMQ community, and Alibaba for publishing the research upon which RocketMQ is based," said Xiaorui Wang, Vice President of Apache RocketMQ. "During the incubation process, the RocketMQ community worked very hard to develop high-quality distributed software for messaging and streaming, in an open and inclusive manner in accordance with the Apache Way."

RocketMQ originated at Alibaba in 2012, and, after handling 1.2 trillion concurrent online message transmissions in the Alibaba Nov. 11th Global Shopping Festival, was donated to the Apache Incubator in November 2016. Apache RocketMQ v4.0.0 was released in February 2017.

As a distributed messaging engine, RocketMQ features include:
  • Low latency; more than 99.6% response latency within 1 millisecond under high pressure;
  • Finance-oriented, high availability with tracking and auditing features;
  • Industry-sustainable, trillion-level message capacity guaranteed;
  • Vendor-neutral, support multiple messaging protocols like JMS and OpenMessaging;
  • Big Data friendly, batch transferring with versatile integration for flooding throughput; and
  • Massive accumulation, given sufficient disk space, accumulate messages without performance loss.

"RocketMQ was conceived from the outset as an open-source distributed messaging and streaming platform with low latency, high performance and reliability, trillion-level capacity and flexible scalability," said Von Gosling, original co-creator of RocketMQ and Chief Architect of Aliware MQ at Alibaba Group. "It has been great to witness the growth of the RocketMQ community and codebase as an ASF incubating project, and I look forward to this continuing as a Top-Level Project. Today, more than 100 companies are using Apache RocketMQ, with more feedback coming from the community. According to our data, more than 80% of the project's contributions are from outside the donator Alibaba Group."

In addition to Alibaba Group, Apache RocketMQ is in use at hundreds of companies and research/educational institutions that include Didi Chuxing, S.F. Express, WeBank, Peking University, and Chinese Academy of Sciences, among others.

"Graduation from the Incubator marks an important milestone for the RocketMQ project," said Bruce Snyder, Apache RocketMQ Incubator Mentor and Director of Software Development at SAP Hybris. "This is recognition of the focus and hard work of the project members to learn The Apache Way and drive community around RocketMQ. I am honored to have helped guide the project to a successful graduation."

"At Didi, we have used Apache RocketMQ as storage engine to build MessageQueue service. Based on high availability and high performance of RocketMQ we provide high-quality service," said Neil Qi, Architect at Didi Chuxing. "I believe RocketMQ will become the best MessageQueue project in future."

"New participants are more than welcome to join the project, To serve the community better, we created and maintained two repositories, one as our kernel version and the other one is for community contributions. The community contributed some integrated projects with some other Apache TLPs like Apache Storm, Apache Ignite, Apache Spark and Apache Flume," said Xinyu "yukon" Zhou, member of the Apache RocketMQ Project Management Committee. "We enthusiastically look forward to working together with all contributors to Apache RocketMQ in order to advance the state-of-the-art distributed messaging engine."

Availability and Oversight
Apache RocketMQ software is released under the Apache License v2.0 and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. For downloads, documentation, and ways to become involved with Apache RocketMQ, visit http://rocketmq.apache.org/ and https://twitter.com/ApacheRocketMQ

About the Apache Incubator
The Apache Incubator is the entry path for projects and codebases wishing to become part of the efforts at The Apache Software Foundation. All code donations from external organizations and existing external projects wishing to join the ASF enter through the Incubator to: 1) ensure all donations are in accordance with the ASF legal standards; and 2) develop new communities that adhere to our guiding principles. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF. For more information, visit http://incubator.apache.org/

About The Apache Software Foundation (ASF)
Established in 1999, the all-volunteer Foundation oversees more than 350 leading Open Source projects, including Apache HTTP Server --the world's most popular Web server software. Through the ASF's meritocratic process known as "The Apache Way," more than 650 individual Members and 6,200 Committers across six continents successfully collaborate to develop freely available enterprise-grade software, benefiting millions of users worldwide: thousands of software solutions are distributed under the Apache License; and the community actively participates in ASF mailing lists, mentoring initiatives, and ApacheCon, the Foundation's official user conference, trainings, and expo. The ASF is a US 501(c)(3) charitable organization, funded by individual donations and corporate sponsors including Alibaba Cloud Computing, ARM, Bloomberg, Budget Direct, Capital One, Cash Store, Cerner, Cloudera, Comcast, Facebook, Google, Hortonworks, HP, Huawei, IBM, Inspur, iSigma, LeaseWeb, Microsoft, ODPi, PhoenixNAP, Pivotal, Private Internet Access, Red Hat, Serenata Flowers, Target, WANdisco, and Yahoo. For more information, visit http://apache.org/ and https://twitter.com/TheASF

© The Apache Software Foundation. "Apache", "RocketMQ", "Apache RocketMQ", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners.

# # #

Friday September 22, 2017

The Apache News Round-up: week ending 22 September 2017

Hello, Friday! The Apache community has been busy this week working on:

Support Apache –if your employer has a matching gifts program, you can increase your contribution and help sustain the ASF's mission of providing software for the public good. Every dollar counts. http://apache.org/foundation/contributing.html

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 18 October. Board calendar and minutes http://apache.org/foundation/board/calendar.html
 - ASF Quarterly Report: Operations Summary Q1 FY2018 https://s.apache.org/cEUm

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield clever performance at 99.63% uptime http://status.apache.org/

ASF Operations Factoid –this week, 562 Committers changed 1,427,529 lines of code over 3,425 commits. Top 5 contributors, in order, are: Jian He; Carlo Curino; Dominik Stadler; Semen Boikov; and Claus Ibsen.

Apache Arrow™ –a columnar in-memory analytics layer designed to accelerate Big Data.
 - Apache Arrow 0.7.0 released http://arrow.apache.org/

Apache BookKeeper™ DistributedLog –core library for interacting Apache BookKeeper in log streams and a proxy service for serving large number of logs, fan-in writes and fan-out reads.
 - Apache DistributedLog 0.5.0 released http://bookkeeper.apache.org/

Apache Commons™ BCEL –Byte Code Engineering Library (BCEL) is intended to give users a convenient way to analyze, create, and manipulate (binary) Java class files (those ending with .class).
 - Apache Commons BCEL 6.1 released http://commons.apache.org/ 

Apache Geode™ –Big Data management platform.
 - Apache Geode 1.2.1 released http://geode.apache.org/

Apache Geronimo™ Config –adds support for basic configuration nomenclatures based on the MicroProfile Config specification.
 - Apache Geronimo Config 1.0 released http://geronimo.apache.org/

Apache Gora™ –Open Source framework provides an in-memory data model and persistence for Big Data.
 - Apache Gora 0.8 released http://gora.apache.org/

Apache HBase™ –an Open Source, distributed, versioned, non-relational database.
 - Apache HBase 2.0.0-alpha-3 released http://hbase.apache.org/

Apache Ignite™ –in-memory computing platform that is durable, strongly consistent and highly available with powerful SQL, key-value and processing APIs.
 - Apache Ignite 2.2.0 released https://ignite.apache.org/

Apache Log4j™ –a well-known framework for logging application behavior.
 -Apache Log4j 2.9.1 released https://logging.apache.org/

Apache Lucene™ Solr –the popular, blazing fast, open source NoSQL search platform from the Apache Lucene project.
 - Apache Lucene and Solr 7.0.0 released http://lucene.apache.org/
 - CVE-2017-9803: Security vulnerability in Kerberos delegation token functionality http://mail-archives.apache.org/mod_mbox/www-announce/201709.mbox/%3CCAOOKt53AOScg04zUh0%2BR_fcXD0C9s5mQ-OzdgYdnHz49u1KmXw%40mail.gmail.com%3E

Apache OpenMeetings™ –provides video conferencing, instant messaging, white board, collaborative document editing and other groupware tools using API functions of the Red5 Streaming Server for Remoting and Streaming.
 - Apache OpenMeetings 3.3.2 released http://openmeetings.apache.org

Apache OpenNLP™ –a machine learning based toolkit for the processing of natural language text.
 - Apache OpenNLP 1.8.2 released http://opennlp.apache.org/

Apache POI™ –well-known in the Java field as a library for reading and writing Microsoft Office file formats, such as Excel, PowerPoint, Word, Visio, Publisher and Outlook.
 - Apache POI 3.17 released https://poi.apache.org/

Apache Qpid™ Proton –a messaging library for the Advanced Message Queuing Protocol 1.0 (AMQP 1.0, ISO/IEC 19464, http://www.amqp.org).
 - Apache Qpid Proton-J 0.22.0 released http://qpid.apache.org/

Apache Storm™ –a distributed, fault-tolerant, and high-performance realtime computation system that
provides strong guarantees on the processing of data.
 - Apache Storm 1.0.5 released http://storm.apache.org

Apache Tephra (incubating)™ –a transaction engine for distributed data stores like Apache HBase.
 - Apache Tephra-0.13.0-incubating released http://tephra.apache.org/

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and Java Authentication Service Provider Interface for Containers technologies.
 - CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP upload http://mail-archives.apache.org/mod_mbox/www-announce/201709.mbox/%3C81e3acd3-f335-ff0d-ae89-bf44bb66fca0%40apache.org%3E
 - CVE-2017-12616 Apache Tomcat Information Disclosure http://mail-archives.apache.org/mod_mbox/www-announce/201709.mbox/%3C0b45dcb1-28e2-6e12-6320-5bc6d021063c%40apache.org%3E
 - CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP upload http://mail-archives.apache.org/mod_mbox/www-announce/201709.mbox/%3C81e3acd3-f335-ff0d-ae89-bf44bb66fca0%40apache.org%3E
 - Apache Tomcat Possible additional RCE via JSP upload http://mail-archives.apache.org/mod_mbox/www-announce/201709.mbox/%3Caa9ea974-9acf-e0af-c3d7-46830b45d9fe%40apache.org%3E
 - End of life for Apache Tomcat Native 1.1.x http://mail-archives.apache.org/mod_mbox/www-announce/201709.mbox/%3Cdd2da94b-668b-4a8f-fbc3-845fe12e5907%40apache.org%3E

Apache Wicket™ –an Open Source Java component oriented Web application framework.
 - Apache Wicket 7.9.0 released http://wicket.apache.org

Apache Zeppelin™ –a collaborative data analytics and visualization tool for distributed, general-purpose data processing system such as Apache Spark, Apache Flink, etc.
 - Apache Zeppelin 0.7.3 released http://zeppelin.apache.org/

Did You Know?

 - Did you know that Reddit uses Apache Lucene Solr for its new search functionality for 300M users across 1.1M communities? http://lucene.apache.org/

 - Did you know that 29,334 files in Apache NetBeans (incubating) were re-licensed to the ASF? http://netbeans.apache.org/

 - Did you know that algorithmic IT operations platform StackState uses Apache Tinkerpop Gremlin for analytical queries? http://tinkerpop.apache.org/


Apache Community Notices:

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg

 - Follow the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation (re-tweets/shares/likes most appreciated!)

 - Presentations from ApacheCon https://s.apache.org/Hli7 and Apache: Big Data https://s.apache.org/tefE are available; as well as videos https://s.apache.org/AE3m and audio recordings https://feathercast.apache.org/

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - TomcatCon will be held 25 September in London https://www.eventbrite.com/e/tomcatcon-london-2017-tickets-36683639754

 - The Apache community will be at All Things Open --stop by the ASF booth and say hello! 23-24 October in Raleigh https://allthingsopen.org/

 - Learn about Apache Atlas, AriaTosca (incubating), Hadoop YARN, Kafka, ManifoldCF, Ranger, Spot (incubating), Thrift, and more at Open Source Summit Europe + ELC Europe 2017 23-26 October in Prague https://osseu17.sched.com/

 - Catch the Apache Ignite and Spark communities at the In-Memory Computing Summit 24-25 October in San Francisco https://imcsummit.org/

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday September 15, 2017

The Apache News Round-up: week ending 15 September 2017

It's finally Friday. We've had quite a busy week, so let's get down to reviewing our work:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 20 September. Board calendar and minutes http://apache.org/foundation/board/calendar.html
 - ASF Quarterly Report: Operations Summary Q1 FY2018 https://s.apache.org/cEUm

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield smashing performance at 99.87% uptime http://status.apache.org/

ASF Operations Factoid –this week, 567 Committers changed 1,517,515 lines of code over 3,632 commits. Top 5 contributors, in order, are: Jian Hel; Claus Ibsen; Mingmin Xu; Paul J. Davis; and Daniel Sun.

Apache CloudStack™ –an integrated Infrastructure-as-a-Service (IaaS) software platform that allows users to build feature-rich public and private Cloud environments.
 - Apache CloudStack 4.9.3.0 (LTS) released http://cloudstack.apache.org/

Apache CXF™ –an Open Source framework for building and developing services using frontend programming APIs like JAX-WS and JAX-RS.
 - Apache CXF 3.2.0 released http://cxf.apache.org/

Apache Directory™ Studio –a complete directory tooling platform intended to be used with any LDAP server however it is particularly designed for use with ApacheDS.
 - Apache Directory Studio 2.0-0-M13 released http://directory.apache.org/studio/

Apache HttpComponents™ Core –a set of low level HTTP transport components that can be used to build custom client and server side HTTP services with a minimal footprint.
 - Apache HttpComponents Core 4.4.7 released http://hc.apache.org/

Apache Impala (incubating) –a high-performance C++ and Java SQL query engine for data stored in Apache Hadoop-based clusters.
 - Apache Impala (incubating) 2.10.0 released https://impala.incubator.apache.org/

Apache Jackrabbit™ Oak –a scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Web sites and other demanding content applications.
 - Apache Jackrabbit Oak 1.6.5 and 1.7.7, and Jackrabbit 2.1, 2.14.3 and 2.15.16 released http://jackrabbit.apache.org/

Apache Kafka™ –a distributed streaming platform.
 - Apache Kafka 0.11.0.1 released http://kafka.apache.org/

Apache Kudu™ –an Open Source storage engine for structured data which supports low-latency random access together with efficient analytical access patterns.
 - Apache Kudu 1.5.0 released http://kudu.apache.org/

Apache MXNet (incubating) –a flexible and efficient library for deep learning.
 - Apache MXNet (incubating) 0.11.0 released http://mxnet.incubator.apache.org/

Apache Mynewt a community-driven module OS for constrained, embedded applications.
 - Apache Mynewt 1.2.0 released http://mynewt.apache.org/

Apache Struts™ –Open Source framework for creating Java Web applications.
 - Apache Struts Statement on Equifax Security Breach https://s.apache.org/8thB
 - MEDIA ALERT: The Apache Software Foundation Confirms Equifax Data Breach Due to Failure to Install Patches Provided for Apache® Struts™ Exploit https://s.apache.org/7bip

Apache Syncope™ –an Open Source system for managing digital identities in enterprise environments, implemented in Java EE technology.
 - Apache Syncope 2.0.5 released http://syncope.apache.org/

Did You Know?

 - Did you know that new features in Apache Mynewt include Bluetooth Mesh and LORA support? http://mynewt.apache.org/

 - Did you know that the world's largest mobile network, China Mobile, orchestrates containers and runs long-running services and various jobs at their on-premises data center using Apache Mesos? http://mesos.apache.org/

 - Did you know that Twitter uses Apache Kafka, Storm, Hadoop, and Cassandra to handle 5 billion sessions a day in real time? http://kafka.apache.org/ http://storm.apache.org/ http://hadoop.apache.org/ http://cassandra.apache.org/

Apache Community Notices:

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg

 - Follow the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation (re-tweets/shares/likes most appreciated!)

 - Presentations from ApacheCon https://s.apache.org/Hli7 and Apache: Big Data https://s.apache.org/tefE are available; as well as videos https://s.apache.org/AE3m and audio recordings https://feathercast.apache.org/

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - TomcatCon will be held 25 September in London https://www.eventbrite.com/e/tomcatcon-london-2017-tickets-36683639754

 - Meet members of the Apache Big Data communities at DataWorks/Hadoop Summit 20-21 September in Sydney https://dataworkssummit.com/

 - The Apache community will be at All Things Open --stop by the ASF booth and say hello! 23-24 October in Raleigh https://allthingsopen.org/

 - Learn about Apache Atlas, AriaTosca (incubating), Hadoop YARN, Kafka, ManifoldCF, Ranger, Spot (incubating), Thrift, and more at Open Source Summit Europe + ELC Europe 2017 23-26 October in Prague https://osseu17.sched.com/

 - Catch the Apache Ignite and Spark communities at the In-Memory Computing Summit 24-25 October in San Francisco https://imcsummit.org/

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Thursday September 14, 2017

MEDIA ALERT: The Apache Software Foundation Confirms Equifax Data Breach Due to Failure to Install Patches Provided for Apache® Struts™ Exploit

Who: Apache® Struts™ is a popular Open Source framework for creating enterprise-grade Java Web applications. Apache Struts powers front- and back-end applications and Internet of Things (IoT) devices for many of the world's most visible financial institutions, government organizations, technology service providers, telecommunications agencies, and Fortune 100 companies.

Apache Struts is an Apache Software Foundation Top-Level Project (since 2004) and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases.

What: On 7 September 2017, credit reporting agency Equifax announced a data breach affecting 143 million consumers. https://investor.equifax.com/news-and-events/news/2017/09-07-2017-213000628

Following this announcement, additional claims stated that the breach was caused by CVE-2017-9805, an exploit in Apache Struts that was disclosed on 4 September 2017. https://qz.com/1073221/the-hackers-who-broke-into-equifax-exploited-a-nine-year-old-security-flaw/

On 9 September 2017, the Apache Struts PMC issued a statement on the Equifax data breach that included details on its response process to reported vulnerabilities and also provided recommended security guidelines. https://s.apache.org/8thB

On 13 September 2017, Equifax issued a statement confirming that "The vulnerability was Apache Struts CVE-2017-5638". https://www.equifaxsecurity2017.com/

This vulnerability was patched on 7 March 2017, the same day it was announced. https://cwiki.apache.org/confluence/display/WW/S2-045

In conclusion, the Equifax data compromise was due to their failure to install the security updates provided in a timely manner.

When: Apache Struts CVE-2017-5638 was originally reported on 7 March 2017.

Where: For downloads, documentation (including security guide and bulletins), and how to become involved with Apache Struts, visit http://struts.apache.org/ and https://twitter.com/TheApacheStruts

About The Apache Software Foundation (ASF)
Established in 1999, the all-volunteer Foundation oversees more than 350 leading Open Source projects, including Apache HTTP Server --the world's most popular Web server software. Through the ASF's meritocratic process known as "The Apache Way," more than 650 individual Members and 6,200 Committers across six continents successfully collaborate to develop freely available enterprise-grade software, benefiting millions of users worldwide: thousands of software solutions are distributed under the Apache License; and the community actively participates in ASF mailing lists, mentoring initiatives, and ApacheCon, the Foundation's official user conference, trainings, and expo. The ASF is a US 501(c)(3) charitable organization, funded by individual donations and corporate sponsors including Alibaba Cloud Computing, ARM, Bloomberg, Budget Direct, Capital One, Cash Store, Cerner, Cloudera, Comcast, Facebook, Google, Hortonworks, HP, Huawei, IBM, Inspur, iSigma, LeaseWeb, Microsoft, ODPi, PhoenixNAP, Pivotal, Private Internet Access, Red Hat, Serenata Flowers, Target, WANdisco, and Yahoo. For more information, visit http://apache.org/ and https://twitter.com/TheASF

Media contact:
Sally Khudairi
Vice President
The Apache Software Foundation
Tel/WhatsApp +1 617 921 8656
press(at)apache(dot)org

# # #

© The Apache Software Foundation. "Apache", "Struts", "Apache Struts", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners.

Saturday September 09, 2017

Apache Struts Statement on Equifax Security Breach

UPDATE: MEDIA ALERT: The Apache Software Foundation Confirms Equifax Data Breach Due to Failure to Install Patches Provided for Apache® Struts™ Exploit

The Apache Struts Project Management Committee (PMC) would like to comment on the Equifax security breach, its relation to the Apache Struts Web Framework and associated media coverage.

We are sorry to hear news that Equifax suffered from a security breach and information disclosure incident that was potentially carried out by exploiting a vulnerability in the Apache Struts Web Framework. At this point in time it is not clear which Struts vulnerability would have been utilized, if any. In an online article published on Quartz.com [1], the assumption was made that the breach could be related to CVE-2017-9805, which was publicly announced on 2017-09-04 [2] along with new Struts Framework software releases to patch this and other vulnerabilities [3][4]. However, the security breach was already detected in July [5], which means that the attackers either used an earlier announced vulnerability on an unpatched Equifax server or exploited a vulnerability not known at this point in time --a so-called Zero-Day-Exploit. If the breach was caused by exploiting CVE-2017-9805, it would have been a Zero-Day-Exploit by that time. The article also states that the CVE-2017-9805 vulnerability exists for nine years now.

We as the Apache Struts PMC want to make clear that the development team puts enormous efforts in securing and hardening the software we produce, and fixing problems whenever they come to our attention. In alignment with the Apache security policies, once we get notified of a possible security issue, we privately work with the reporting entity to reproduce and fix the problem and roll out a new release hardened against the found vulnerability. We then publicly announce the problem description and how to fix it. Even if exploit code is known to us, we try to hold back this information for several weeks to give Struts Framework users as much time as possible to patch their software products before exploits will pop up in the wild. However, since vulnerability detection and exploitation has become a professional business, it is and always will be likely that attacks will occur even before we fully disclose the attack vectors, by reverse engineering the code that fixes the vulnerability in question or by scanning for yet unknown vulnerabilities.

Regarding the assertion that especially CVE-2017-9805 is a nine year old security flaw, one has to understand that there is a huge difference between detecting a flaw after nine years and knowing about a flaw for several years. If the latter was the case, the team would have had a hard time to provide a good answer why they did not fix this earlier. But this was actually not the case here --we were notified just recently on how a certain piece of code can be misused, and we fixed this ASAP. What we saw here is common software engineering business --people write code for achieving a desired function, but may not be aware of undesired side-effects. Once this awareness is reached, we as well as hopefully all other library and framework maintainers put high efforts into removing the side-effects as soon as possible. It's probably fair to say that we met this goal pretty well in case of CVE-2017-9805.

Our general advice to businesses and individuals utilizing Apache Struts as well as any other open or closed source supporting library in their software products and services is as follows:

1. Understand which supporting frameworks and libraries are used in your software products and in which versions. Keep track of security announcements affecting this products and versions.

2. Establish a process to quickly roll out a security fix release of your software product once supporting frameworks or libraries needs to be updated for security reasons. Best is to think in terms of hours or a few days, not weeks or months. Most breaches we become aware of are caused by failure to update software components that are known to be vulnerable for months or even years.

3. Any complex software contains flaws. Don't build your security policy on the assumption that supporting software products are flawless, especially in terms of security vulnerabilities.

4. Establish security layers. It is good software engineering practice to have individually secured layers behind a public-facing presentation layer such as the Apache Struts framework. A breach into the presentation layer should never empower access to significant or even all back-end information resources. 

5. Establish monitoring for unusual access patterns to your public Web resources. Nowadays there are a lot of open source and commercial products available to detect such patterns and give alerts. We recommend such monitoring as good operations practice for business critical Web-based services.

Once followed, these recommendations help to prevent breaches such as unfortunately experienced by Equifax.

For the Apache Struts Project Management Committee,

René Gielen
Vice President, Apache Struts 

[1] https://qz.com/1073221/the-hackers-who-broke-into-equifax-exploited-a-nine-year-old-security-flaw/
[2] https://cwiki.apache.org/confluence/display/WW/S2-052
[3] https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.13
[4] https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.3.34
[5] https://baird.bluematrix.com/docs/pdf/dbf801ef-f20e-4d6f-91c1-88e55503ecb0.pdf

Friday September 08, 2017

The Apache News Round-up: week ending 8 September 2017

Happy Friday! Let's review what the Apache community has been working on over the past week:

Success at Apache –the monthly blog series that focuses on the processes behind why the ASF "just works".
 - Lowering Barriers to Open Innovation by Luke Han https://s.apache.org/dAlg

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 20 September. Board calendar and minutes http://apache.org/foundation/board/calendar.html
 - ASF Quarterly Report: Operations Summary Q1 FY2018 https://s.apache.org/cEUm

ASF Infrastructure –our mighty distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield shazam performance at 99.85% uptime http://status.apache.org/

ASF Operations Factoid –this week, 460 Committers changed 1,011,972 lines of code over 2,764 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Jian He, Samarth Jain, Francesco Chicchiriccò, and Claus Ibsen.

Apache Bahir™ –extensions to distributed analytic platforms such as Apache Spark.
 - Apache Bahir 2.2.0 released http://bahir.apache.org

Apache Chemistry™ cmislib –provides Open Source implementations of the Content Management Interoperability Services (CMIS) specification.
 - Apache Chemistry cmislib 0.6.0 released http://chemistry.apache.org/

Apache Commons™ –Commons CSV reads and writes files in variations of the Comma Separated Value (CSV) format.
 - Apache Commons CSV 1.5 released http://commons.apache.org/proper/commons-csv/

Apache Groovy™ –a multi-facet programming language for the JVM.
 - Apache Groovy 2.6.0-alpha-1 released https://groovy.apache.org/

Apache HttpComponents™ Core –HTTP transport library including support for asynchronous execution based on Java NIO.
 - Apache HttpComponents Core 5.0 alpha4 released http://hc.apache.org/httpcomponents-core/

Apache Jackrabbit™ Oak –a scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Web sites and other demanding content applications.
 - Apache Jackrabbit Oak 1.4.18 and Jackrabbit 2.6.9 released and Jackrabbit 2.4 retired http://jackrabbit.apache.org/

Apache Lucene™ –a high-performance, full-featured text search engine library written entirely in Java.
 - Apache Lucene 6.6.1 and Solr 6.6.1 released https://lucene.apache.org/

Apache MXNet (incubating) –a flexible and efficient library for deep learning.
 - Apache MXNet (incubating) 0.11.0 released http://mxnet.incubator.apache.org/

Apache Olingo™ –a Java library which enables developers to implement OData service providers (server) and consumers (clients).
 - Apache Olingo 4.4.0 released http://olingo.apache.org/

Apache OpenMeetings™ –provides video conferencing, instant messaging, white board, collaborative document editing and other groupware tools using API functions of the Red5 Streaming Server for Remoting and Streaming.
 - Apache OpenMeetings 3.3.1 released http://openmeetings.apache.org

Apache Qpid™ – a messaging library for the Advanced Message Queuing Protocol 1.0 (AMQP 1.0, ISO/IEC 19464, http://www.amqp.org).
 - Apache Qpid Proton-J 0.21.0 released http://qpid.apache.org/

Apache Struts™ –Open Source framework for creating Java Web applications.
 - Apache Struts 2.3.34 and 2.5.13 General Availability with Security Fixes released http://struts.apache.org/

Apache Tomcat™ Native Library –provides portable API for features not found in contemporary JDKs.
 - Apache Tomcat Native 1.2.14 released http://tomcat.apache.org/

Apache Traffic Server™ –a high performance, scalable HTTP Intermediary and proxy cache.
 - Apache Traffic Server v7.1.1 released https://trafficserver.apache.org/

Apache VCL™ –a self-service system used to dynamically provision and broker remote access to a dedicated compute environment for an end-user.
 - Apache VCL 2.5 released http://vcl.apache.org/

Apache Wicket™ –an Open Source Java component oriented Web application framework.
 - Apache Wicket 6.27.1 released http://wicket.apache.org


Did You Know?

 - Did you know that Netflix uses Apache Tinkerpop for storing and querying highly-interconnected data at scale? http://tinkerpop.apache.org/

 - Did you know that The New York Times uses Apache Kafka to store and process every article ever published? http://kafka.apache.org/

 - Did you know that Emirates Reit Real Estate Investment Trust uses Apache Wicket? http://wicket.apache.org/


Apache Community Notices:

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg

 - Follow the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation (re-tweets/shares/likes most appreciated!)

 - Presentations from ApacheCon https://s.apache.org/Hli7 and Apache: Big Data https://s.apache.org/tefE are available; as well as videos https://s.apache.org/AE3m and audio recordings https://feathercast.apache.org/

 - Check out the latest Apache Community Development newsletter https://blogs.apache.org/comdev/entry/community-development-news-july-2017

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - TomcatCon will be held 25 September in London https://www.eventbrite.com/e/tomcatcon-london-2017-tickets-36683639754

 - Meet members of the Apache Big Data communities at DataWorks/Hadoop Summit 20-21 September in Sydney https://dataworkssummit.com/

 - The Apache community will be at All Things Open --stop by the ASF booth and say hello! 23-24 October in Raleigh https://allthingsopen.org/

 - Learn about Apache Atlas, AriaTosca (incubating), Hadoop YARN, Kafka, ManifoldCF, Ranger, Spot (incubating), Thrift, and more at Open Source Summit Europe + ELC Europe 2017 23-26 October in Prague https://osseu17.sched.com/

 - Catch the Apache Ignite and Spark communities at the In-Memory Computing Summit 24-25 October in San Francisco https://imcsummit.org/

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Tuesday September 05, 2017

Success at Apache: Lowering Barriers to Open Innovation

By Luke Han

Over the past decade, I was a Java developer using many Apache projects such as Tomcat, Jakarta, Struts, and Velocity. In 2010 I stepped into the Big Data field and started to actively participate in Apache projects, and became an ASF Member 3 years ago. In addition to being the VP of Apache Kylin, I helped projects such as Apache Eagle and CarbonData move to the ASF, and have been a mentor for Apache Superset, Weex, and RocketMQ. Today, I'm co-founder/CEO of Kyligence (prior to that, I was Big Data Product Lead of eBay, and Chief Consultant of Actuate China).

Apache Kylin, as its name may suggest, originated from China ("Kylin": A powerful yet gentle fire-breathing creature in eastern mythology. Also written as Qilin. "Apache Kylin": OLAP on Hadoop, capable of analyzing petabytes of data within seconds http://kylin.apache.org/ ). I started this project with a few members in early 2015. 

As a pioneer of the first highly-recognized Apache project from the Eastern world, I was proud to see that, within 2 years, Kylin has helped over 500 organizations across the globe to solve their Big Data challenges. 

Before Kylin graduated from the Apache Incubator, the Kylin team faced a lot of cultural challenges. Since a great number of projects from China had failed in the past, we too received many questions and doubts from both eastern and western worlds. As our native language is not English, communication with mentors did become difficult during the coaching process. Fortunately, by fully embracing The Apache Way, Kylin is able to succeed with strong support from the Apache community members. Much more beyond the Kylin software, our team has also worked with those talented people in a way to spread our Chinese voice to the world. 

While developing high-quality software, we are engaging more Westerners to understand the Eastern culture. I had many chances to travel and meet people across the globe since I initiated Kylin. Some of them are Apache directors and mentors, some of them are developers and contributors. Some are from US, Australia, Canada and Chile; some are from Japan and Taiwan. Some are impressed with Kylin, some are curious about Easterners’ attitude toward Open Source software. I asked them a lot of questions about The Apache Way, and they all generously coached me and my team with lovely and detailed answers. We too could reach consensuses after intensive and open arguments. Kylin received much more encouragement and recognition than I expected.

As a VP of a Top-Level Project, my responsibility grew after Kylin graduated from the Apache Incubator. Kylin faced more opportunities as it has been bug-fixed quickly and tested frequently, with the nature of an Open Source software. In the China’s well-knowingly-big market, Apache Kylin has received many users’ feedback and evolved fast. We received many suggestions from both developers’ perspective and products’ perspective. Beyond my expectation, many community members are passionately writing tools for Kylin and helping users better understand and use Kylin. Assembling members’ ideas, we are also sharing our knowledge as a way to give back to the community. 

Thanks to ASF and everyone involved in the Open Source community, I have the opportunity to work with people that I’ve always admired and make a difference in the world all together. I feel I and my team are deeply connected with such warm, global, open community.

= = =

"Success at Apache" is a monthly blog series that focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk 4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo

# # # 

Friday September 01, 2017

The Apache News Round-up: week ending 1 September 2017

Well hello, September ... here's what the Apache community has been working on over the past week:

Support Apache –a great way to help the ASF meet its financial goals is through a corporate matching program. Companies that offer matching gifts receive tax benefits, and their employees' contributions to the ASF can be generously increased. Every dollar counts. http://apache.org/foundation/contributing.html

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 20 September. Board calendar and minutes http://apache.org/foundation/board/calendar.html
 - ASF Quarterly Report: Operations Summary Q1 FY2018 https://s.apache.org/cEUm

ASF Operations Factoid –this week, 440 Committers changed 763,682 lines of code over 2,642 commits. Top 5 contributors, in order, are: Tellier Benoit, Andrea Cosentino, Daniel Gruno, Karl Wright, and Daniel Sun.

Apache Atlas™ –Big Data governance and metadata framework/services.
 - Apache Atlas 0.8.1 released http://atlas.apache.org/

Apache CloudStack™ –an easy-to-deploy IaaS Cloud orchestration platform that "just works".
 - Apache CloudStack 4.10.0.0 released http://cloudstack.apache.org/

Apache CXF™ Fediz –helps secure Web applications and delegates security enforcement to the underlying application server.
 - Apache CXF Fediz 1.4.1 released http://cxf.apache.org/fediz.html

Apache Log4j™ –a well known framework for logging application behavior.
 - Apache Log4j 2.9.0 released https://logging.apache.org/log4j/

Apache MADlib™ –an Open Source library for scalable in-database analytics.
 - Apache MADlib v1.12 released http://madlib.apache.org/

Apache OODT™ –a software framework as well as an architectural style for the rapid construction of scientific data systems.
 - Apache OODT 1.2 released http://oodt.apache.org/

Apache S2Graph (incubating) –graph database designed to handle transactional graph processing at scale.
 - Apache S2Graph 0.2.0-incubating released http://s2graph.incubator.apache.org/

Apache Santuario™ –aimed at providing implementation of the primary security standards for XML, namely XML-Signature Syntax and Processing and XML Encryption Syntax and Processing.
 - Apache Santuario XML Security for Java 2.0.9 and 2.1.0 released http://santuario.apache.org/

Apache UIMA™ –a component framework supporting development, discovery, composition, and deployment of multi-modal analytics tasked with the analysis of unstructured information.
 - Apache UIMA Java SDK 2.10.1 and UIMA DUCC 2.2.1 released https://uima.apache.org/

Apache VCL™ –a self-service system used to dynamically provision and broker remote access to a dedicated compute environment for an end-user.
 - Apache VCL 2.5 released http://vcl.apache.org/


Did You Know?

 - Did you know that the following Apache projects have anniversaries this month? Many happy returns to ServiceMix (10 years); Hive, Pign and Shiro (7 years); Airavata, Bigtop, SIS, and Stanbol (5 years); Curator (4 years); Storm (3 years); and Yetus (2 yrs) https://projects.apache.org/committees.html?date

 - Did you know that Apache NiFi is a great data flow system for fast prototyping of Big Data? http://nifi.apache.org/

 - Did you know that Apache Pulsar (incubating) provides multi-tenancy, geo-replication, and durability guarantees out of the box? http://pulsar.apache.org/


Apache Community Notices:

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk 4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo

 - Follow the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation (re-tweets/shares/likes most appreciated!)

 - Presentations from ApacheCon https://s.apache.org/Hli7 and Apache: Big Data https://s.apache.org/tefE are available; as well as videos https://s.apache.org/AE3m and audio recordings https://feathercast.apache.org/

 - Check out the latest Apache Community Development newsletter https://blogs.apache.org/comdev/entry/community-development-news-july-2017

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - TomcatCon will be held 25 September in London https://www.eventbrite.com/e/tomcatcon-london-2017-tickets-36683639754

 - Meet members of the Apache Big Data communities at DataWorks/Hadoop Summit 20-21 September in Sydney https://dataworkssummit.com/

 - The Apache community will be at All Things Open --stop by the ASF booth and say hello! 23-24 October in Raleigh https://allthingsopen.org/

 - Learn about Apache Atlas, AriaTosca (incubating), Hadoop YARN, Kafka, ManifoldCF, Ranger, Spot (incubating), Thrift, and more at Open Source Summit Europe + ELC Europe 2017 23-26 October in Prague https://osseu17.sched.com/

 - Catch the Apache Ignite and Spark communities at the In-Memory Computing Summit 24-25 October in San Francisco https://imcsummit.org/

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Tuesday August 29, 2017

The Apache Software Foundation Operations Summary: May - July 2017

FOUNDATION OPERATIONS SUMMARY

First Quarter, Fiscal Year 2018 (May - July 2017)

"We love The Apache Way and what Apache has done for us..."
--ASF Platinum Sponsor


> President's Statement:
 Financially, we are on track to meet this year's budget, even after accounting for accounts receivables that didn't manage to close out on time in the last fiscal year. We are still projected to have a manageable deficit, and this will require us to have a multi-year focus on fundraising to resolve. We have redirected resources at both Virtual, Inc. and HALO Worldwide to help out with this effort.

Other highlights: 

  • Conferences is once again at a time of transition as we explore new ways to reach more people;
  • Travel assistance was provided to 10 individuals, bringing the total number of people helped to 131;
  • Brand Management had a relatively quiet quarter, focusing on matters such as registration renewals;
  • Infrastructure is focusing on more user friendly "self serve" tools, and expanding support for projects hosted on GitHub;
  • Marketing and Publicity provided media training, and produced an annual report.

While we remain in a very healthy financial position, it never hurts to take the opportunity to ask for your support. As an individual you can donate to the Foundation http://www.apache.org/foundation/contributing.html , as a corporation you can become a Sponsor http://www.apache.org/foundation/sponsorship.html .


> Conferences and 
Events: ApacheCon North America was held 16-18 May in Miami, Florida, and had about 500 Apache enthusiasts in attendance. Rather than being one monolithic event, it was a convention of smaller events, including:

  • Apache Traffic Server and Traffic Control Summit
  • BarCampApache
  • Apache: Big Data
  • Apache: IoT
  • CloudStack Collaboration Conference
  • FlexJS Summit
  • TomcatCon

Additionally, there were numerous smaller project hackathons and developer summits.

ApacheCon North America 2017 marks the end of our contract with the Linux Foundation, who have been producing our events since ApacheCon Denver, in April of 2014. We will not be holding an ApacheCon in Europe this year, as we investigate various options for how we will resume ApacheCon in 2018.

Meanwhile, we are pursuing closer relationships with the many events that feature Apache Software Foundation content, whether these are events dedicated to a particular Apache project, or events about a particular topic that happens to include Apache content.


> Community Development
: During April and May our main focus was helping prepare for and support ApacheCon NA in Miami. Prior to the event, we began recording interviews with various speakers and key note speakers for our news / podcast channel FeatherCast.

Throughout ApacheCon itself recordings of on-site interviews with attendees and sponsors were also broadcast and published. The audio from many of the ApacheCon conference tracks were also recorded and are available online. We are continually increasing the amount of content available and are finding that FeatherCast is a very valuable and useful resource for helping share and promote Apache and technology related content.

One key discussion raised this quarter was about trying to improve the tools and applications that the Community Development team has at its disposal. This topic was very positively received and resulted in a "Tools Hackathon" session being organized and held at ApacheCon focused on how to use the tools and make them more effective.

In June we were present at the OpenExpo conference in Madrid. The conference was mainly focused at Spanish-speaking audiences and with the help of two local volunteers we continued to promote Apache and its projects. Over 3,000 visitors attended the conference and 300 of them (approx 10%) were actively interested in speaking to us to find out more about Apache.

Community Development has also started to increase its social media presence and we are now active on both Twitter and Facebook. Our monthly Community Development Blog is still being well received and we have published 3 further updates. These regular news summaries give people a brief overview of what is happening or planned. Our mailing list traffic has remained constant during the quarter showing that there are still a lot of active discussions going on.


> Committers and Contributions:
 Over the past quarter, 1,616 contributors committed 49,112 changes that amount to 13,837,582 lines of code across Apache projects. The top 5 contributors during this timeframe are: Jean-Baptiste Onofré (778 commits), Claus Ibsen (749), Colm Ó hÉigeartaigh (703 commits), Mark Thomas (540 commits), and Stephen Mallette (536 commits) during this period.

The ASF Secretary processes new Apache Committers' paperwork so that they can continue contributing to our projects. All individuals who are granted write access to the Apache repositories must submit an Individual Contributor License Agreement (ICLA). Corporations that have assigned employees to work on Apache projects as part of an employment agreement may sign a Corporate CLA (CCLA) for contributing intellectual property via the corporation. Individuals or corporations donating a body of existing software or documentation to one of the Apache projects need to execute a formal Software Grant Agreement (SGA) with the ASF. 

During this timeframe, the Secretary processed 203 ICLAs, 13 CCLAs, and 4 Software Grants. Apache committer activity can be seen at http://status.apache.org/#commits


> Brand Management: 
The summer quarter continues to be traditionally quiet in terms of trademark questions and requests, although we continue to get new kinds of questions coming in with some regularity. Some Apache project PMCs now have experience implementing our trademark policies and have been doing a great job answering basic questions themselves directly with third parties, which is great to see. However as our number of projects grow, so do the number of questions or issues overall which continues to tax our small pool of Brand Management volunteers with broad experience.

All of the ASF's education and policies around trademark law for Open Source as well as brand management is published online, and we urge project participants and software vendors alike to review and ask us questions about them - please review our complete site map: http://www.apache.org/foundation/marks/resources

On the registration front, we have come upon our first large set of trademark registration renewals and maintenance paperwork. Although our legal counsel handles all the actual paperwork with various national trademark registries, this is still an ongoing effort for our volunteer Brand Management team to validate continuing use of these marks - as well as the financial costs for registry fees. In almost all cases we will continue to maintain existing registrations for projects. We continue to have some projects request new registrations as well, and are successfully negotiating some coexistence agreements with potentially similar software brands in the marketplace as well.

As more Apache brands and projects power more business every year, we continue to look to the companies that profit from Apache software products to help respect Apache brands. We very much appreciate the companies that pass on their trademark registrations with incoming donations of podlings joining the Incubator. Having existing registrations makes the trademark management process simpler for the ASF.

While many companies continue to properly give credit to our volunteer communities, sadly some companies continue to --or have started to-- take advantage of our non-profit work by unfairly co-opting Apache project brands or by interfering with Apache project governance.

Reviewing and correcting these mis-uses is an ongoing effort for the ASF Board, the Brand Management Committee, and all Apache projects.

Please contact the Apache Brand Management team https://www.apache.org/foundation/marks/contact with your questions or suggestions!


> Legal Affairs:
 The ASF Legal Affairs team works diligently with our pro-bono legal counsel and answers legal questions, and addresses policy issues regarding license compatibility for The Apache Software Foundation.

We had a busy quarter answering questions related to the use of data to train models in Apache projects.  In addition, regular ASF legal inquiries such as those related to system dependencies are routinely being answered promptly. The ASF registered a Digital Millennium Copyright Act (DCMA) agent for the Foundation so that the ASF can implement a safe harbor policy. VP, Legal Affairs, Chris Mattmann, was registered in this role. Finally, the committee provided clarity on an oft-asked question related to release of binary artifacts, and ASF policy in this area.


> Infrastructure:
 The Infrastructure team and its volunteers provide the machines and services needed by the hundreds of Foundation projects, and the thousands of volunteers working on them. One of our high priority, long-term activities has been to migrate services off our hardware onto third-party infrastructure ("the cloud"; IaaS). Our work in this area has improved stability, repeatability, and lowered our costs.

For the first time, our team was able to meet as an entire group at the ApacheCon held in Miami during May. This was a great time for us to talk at length, and to bond as a team. We will continue the yearly meetups to get work done, and to strengthen that team spirit.

Our uptime over the quarter has met our stated Service Level Agreement, even with our hours of downtime to upgrade our Jira installation and our Jenkins build system. The short answer is that outside of planned maintenance, the Infrastructure team gets by with very little downtime. We have further planned upgrades for primary services (such as Confluence and Jira) to stay current with the continued improvements in these products. 

Two service areas saw significant expansion during the quarter: our use of LDAP as a canonical organizational reference, and our provisioning of GitHub-based tooling to the Foundation's communities.

The LDAP changes have been performed, and made possible, by some great work from the Apache Whimsy community. Older generation, command-line tools have been replaced by friendlier web interfaces. The amount of "self serve" tools has, in turn, reduced the manual workload requested from the Infrastructure team.

Our GitHub tooling is still in a "beta" stage, but has been made available to many more Top Level Projects and to many podlings arriving at the Foundation. These podlings tend to already use GitHub for their development workflow, and our new tooling allows them to continue the workflows their communities have defined. As we continue to sand off the rougher edges of the integration between and the Foundation and the GitHub service, we'll continue to add projects to the program.


> Financial Statement:


> Fundraising:
 The ASF Fundraising team welcomes Kevin A. McGrail to the role of VP Fundraising.  In addition, we'd also like to welcome HostPapa Web Hosting and Inspur to the Apache Family.

Thank you to all our Sponsors http://apache.org/foundation/thanks . As a 501(c)(3), our operations depend on our Sponsors' support!

# # #

Report prepared by Sally Khudairi, Vice President Marketing & Publicity, with contributions by Sam Ruby, ASF President; Rich Bowen, Vice President Conferences; Sharan Foga, ASF Member; Chris Mattmann, Vice President Legal Affairs; Shane Curcuru, Vice President Brand Management; Greg Stein, ASF Infrastructure Administrator; Tom Pappas, ASF Member and Vice President, Finance & Accounting at Virtual, Inc.; and Kevin McGrail, Vice President Fundraising.

For more information, subscribe to the announce@apache.org mailing list and visit http://www.apache.org/, the ASF Blog at http://blogs.apache.org/, the @TheASF on Twitter, and https://www.linkedin.com/company/the-apache-software-foundation.

(c) The Apache Software Foundation 2017.

Friday August 25, 2017

The Apache News Round-up: week ending 25 August 2017

August has simply zipped by —it's hard to believe that it's the last Friday of the month! Per usual, there seems to be little or no rest with Apache community at-large:

Support Apache –help ensure that Apache software projects continue to be freely available to users around the world. Every dollar counts. http://apache.org/foundation/contributing.html

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 20 September. Board calendar and minutes http://apache.org/foundation/board/calendar.html
 - ASF Annual Report for 2017 Fiscal Year https://s.apache.org/IDn5

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield assured performance at 91.79% uptime http://status.apache.org/

ASF Operations Factoid –this week, 357 Committers changed 679,818 lines of code over 1,887 commits. Top 5 contributors, in order, are: Pei He, Michael Stack, Andrea Cosentino, Benjamin Mahler, and Ismaël Mejía.

Apache HBase™ –an Open Source, distributed, versioned, non-relational database.
 - Apache HBase 2.0.0-alpha-2 and 1.1.12 released https://hbase.apache.org/

Apache Jackrabbit™ Oak –a scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Web sites and other demanding content applications.
 - Apache Jackrabbit Oak 1.6.4, 1.0.39, and 1.7.6 released http://jackrabbit.apache.org/

Apache Knox™ –a REST API Gateway for providing secure access to the data and processing resources of Apache Hadoop clusters.
 - Apache Knox 0.13.0 released http://knox.apache.org/

Apache Kylin™ –an Open Source Distributed Analytics Engine designed to provide SQL interface and multi-dimensional analysis (OLAP) on Apache Hadoop, supporting extremely large datasets.
 - Apache Kylin 2.1.0 released https://kylin.apache.org/

Apache MADlib™ –Big Data machine-learning library used for scalable in-database analytics.
 - The Apache Software Foundation Announces Apache® MADlib™ as a Top-Level Project https://s.apache.org/BSrW

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language and Java WebSocket technologies.
 - Apache Tomcat 8.0.46 released http://tomcat.apache.org/

Apache Traffic Server™ –a high-performance Web proxy cache that improves network efficiency and performance by caching frequently-accessed information at the edge of the network.
 - Apache Traffic Server 6.2.2 released http://trafficserver.apache.org/

Apache VCL™ –a self-service system used to dynamically provision and broker remote access to a dedicated compute environment for an end-user.
 - Apache VCL 2.5 released http://vcl.apache.org/


Did You Know?

 - Did you know that half of the Gartner Magic Quadrant Leaders and Challengers for Hybrid Cloud Hosting use Apache CloudStack? http://cloudstack.apache.org/

 - Did you know that Apache Mesos and Apache Spark are up for JAX Innovation Awards? Vote today at https://jaxenter.com/jax-magazine

 - Did you know that Apache RocketMQ (incubating) is the most popular distributed messaging and streaming data platform in China? http://rocketmq.apache.org/


Apache Community Notices:

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 7) Meritocracy. https://s.apache.org/DiEo

 - If you're looking for the ASF on social media, we're @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation (follows/re-tweets/shares/likes appreciated!)

 - Presentations from ApacheCon https://s.apache.org/Hli7 and Apache: Big Data https://s.apache.org/tefE are available; as well as videos https://s.apache.org/AE3m and audio recordings https://feathercast.apache.org/
 - Check out the latest Apache Community Development newsletter https://blogs.apache.org/comdev/entry/community-development-news-july-2017

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - TomcatCon will be held 25 September in London https://www.eventbrite.com/e/tomcatcon-london-2017-tickets-36683639754

 - Meet members of the Apache Big Data communities at DataWorks/Hadoop Summit 20-21 September in Sydney https://dataworkssummit.com/

 - The Apache community will be at All Things Open --stop by the ASF booth and say hello! 23-24 October in Raleigh https://allthingsopen.org/

 - Learn about Apache Atlas, AriaTosca (incubating), Hadoop YARN, Kafka, ManifoldCF, Ranger, Spot (incubating), Thrift, and more at Open Source Summit Europe + ELC Europe 2017 23-26 October in Prague https://osseu17.sched.com/

 - Catch the Apache Ignite and Spark communities at the In-Memory Computing Summit 24-25 October in San Francisco https://imcsummit.org/

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Tuesday August 22, 2017

The Apache Software Foundation Announces Apache® MADlib™ as a Top-Level Project

Big Data machine-learning library used for scalable in-database analytics

Forest Hill, MD –22 August 2017– The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today that Apache® MADlib™ has graduated from the Apache Incubator to become a Top-Level Project (TLP), signifying that the project's community and products have been well-governed under the ASF's meritocratic process and principles.

Apache MADlib is a comprehensive library for scalable in-database analytics. It provides parallel implementations of machine learning, graph, mathematical and statistical methods for structured and unstructured data.

"Graduating as a Top-Level Project is a very important milestone for Apache MADlib," said Aaron Feng, Vice President of Apache MADlib. "During the incubation process, the MADlib community worked very hard to develop high quality software for in-database analytics, in an open and inclusive manner in accordance with the Apache Way."

MADlib grew out of discussions between database engine developers, data scientists, IT architects and academics interested in new approaches to scalable, sophisticated in-database analytics. These discussions were written up in a paper from VLDB 2009 [1] that coined the term "MAD Skills" for data analysis. The MADlib software project began the following year as a collaboration between researchers at UC Berkeley and engineers and computer scientists at Pivotal (formerly EMC/Greenplum). In September 2015, MADlib joined the ASF community as an incubating project.

MADlib is deployed on a wide variety of industry and academic projects across many different verticals, including automotive, consumer, finance, government, healthcare, and telecommunications.

"MADlib was conceived from the outset as an open-source meeting ground for software developers, computing researchers and data scientists to collaborate on scalable, in-database machine learning and statistics," said Joe Hellerstein, Professor of Computer Science at UC Berkeley, Co-Founder and Chief Strategy Officer at Trifacta, and one of the original authors of MADlib. "It has been great to witness the growth of the MADlib community and codebase as an ASF incubating project, and I look forward to this continuing as a Top-Level Project."

"At Pivotal, we have seen our customers successfully deploy MADlib on large scale data science projects across a wide variety of industry verticals," said Elisabeth Hendrickson, Vice President, R&D for Data at Pivotal. "As MADlib graduates to a Top-Level Project at the ASF, we anticipate increased adoption in the enterprise given the mature level of the codebase and the active developer community."

"The potential of the Apache MADlib project is unbounded," said Jim Jagielski, Vice Chairman of the ASF. "The ability to perform in-depth and detailed analytics, on both structured and unstructured data, using SQL enables MADlib to be applicable in scenarios where others simply can't compete. As not only interest in, but real-world usage of, machine learning becomes common place, MADlib joins the growing roster of Apache projects that define innovation."

"Apache MADlib is a great example of the diversity at Apache," said Ted Dunning, Apache MADlib Incubator Mentor and Member of the ASF Board of Directors. "MADlib does state-of-the-art machine learning, but does as an inherent part of a database. This is a radical approach that can provide important design flexibility. I am excited to see MADlib become a fully fledged project at Apache."

"New participants are more than welcome to join the project," added Feng. "We enthusiastically look forward to working together with all contributors to Apache MADlib in order to advance the state-of-the-art of scale-out data science tools."

[1] http://dl.acm.org/citation.cfm?id=1687576

Availability and Oversight
Apache MADlib software is released under the Apache License v2.0 and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. For downloads, documentation, and ways to become involved with Apache MADlib, visit http://madlib.apache.org/ and https://twitter.com/ApacheMADlib

About the Apache Incubator
The Apache Incubator is the entry path for projects and codebases wishing to become part of the efforts at The Apache Software Foundation. All code donations from external organizations and existing external projects wishing to join the ASF enter through the Incubator to: 1) ensure all donations are in accordance with the ASF legal standards; and 2) develop new communities that adhere to our guiding principles. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF. For more information, visit http://incubator.apache.org/

About The Apache Software Foundation (ASF)
Established in 1999, the all-volunteer Foundation oversees more than 350 leading Open Source projects, including Apache HTTP Server --the world's most popular Web server software. Through the ASF's meritocratic process known as "The Apache Way," more than 650 individual Members and 6,200 Committers across six continents successfully collaborate to develop freely available enterprise-grade software, benefiting millions of users worldwide: thousands of software solutions are distributed under the Apache License; and the community actively participates in ASF mailing lists, mentoring initiatives, and ApacheCon, the Foundation's official user conference, trainings, and expo. The ASF is a US 501(c)(3) charitable organization, funded by individual donations and corporate sponsors including Alibaba Cloud Computing, ARM, Bloomberg, Budget Direct, Capital One, Cash Store, Cerner, Cloudera, Comcast, Facebook, Google, Hortonworks, HP, Huawei, IBM, Inspur, iSigma, LeaseWeb, Microsoft, ODPi, PhoenixNAP, Pivotal, Private Internet Access, Red Hat, Serenata Flowers, Target, WANdisco, and Yahoo. For more information, visit http://apache.org/ and https://twitter.com/TheASF

© The Apache Software Foundation. "Apache", "MADlib", "Apache MADlib", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners.

# # #

Friday August 18, 2017

The Apache News Round-up: week ending 18 August 2017

Hello, Friday — let's review what the Apache community has been up to over the past week:

Support Apache –individual donations, corporate matching gifts, online shopping, and Sponsorship help sustain the ASF's day-to-day operations. Every dollar counts. http://apache.org/foundation/contributing.html

Success at Apache –a new blog series that focuses on the processes behind why the ASF "just works".
 - Success at Apache: Meritocracy. by Kevin A. McGrail https://s.apache.org/DiEo

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - The Apache Software Foundation Welcomes Phil Steitz as Chairman https://s.apache.org/n7YT
 - Next Board Meeting: 20 September. Board calendar and minutes http://apache.org/foundation/board/calendar.html
 - ASF Annual Report for 2017 Fiscal Year https://s.apache.org/IDn5

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield assured performance at 91.78% uptime http://status.apache.org/

Apache Arrow™ –a columnar in-memory analytics layer designed to accelerate Big Data.
 - Apache Arrow 0.6.0 released http://arrow.apache.org/

Apache BookKeeper™ –a reliable replicated log service for Big Data.
 - Apache BookKeeper 4.5.0 released http://bookkeeper.apache.org/

Apache Commons™ JCS –a distributed, versatile caching system.
 - Apache Commons JCS 2.2 released https://commons.apache.org/

Apache Wicket™ –an Open Source Java component oriented web application framework.
 - Apache Wicket 8.0.0-M7 released http://wicket.apache.org


Did You Know?

 - Did you know that Netherlands-based Finalist IT Group manages the identity of more than 2 million accounts using Apache Syncope? http://syncope.apache.org/

 - Did you know that Apache Cayenne is becoming a dependency-free Java Object/Relational Mapping (ORM) framework? http://cayenne.apache.org/

 - Did you know that you can meet members of the Apache community in Germany at FrOSCon https://www.froscon.de/ and Solutions Hamburg https://solutions.hamburg/ ?


Apache Community Notices:

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 7) Meritocracy. https://s.apache.org/DiEo

 - If you're looking for the ASF on social media, we're @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation (follows/re-tweets/shares/likes appreciated!)

 - Presentations from ApacheCon https://s.apache.org/Hli7 and Apache: Big Data https://s.apache.org/tefE are available; as well as videos https://s.apache.org/AE3m and audio recordings https://feathercast.apache.org/
 - Check out the latest Apache Community Development newsletter https://blogs.apache.org/comdev/entry/community-development-news-july-2017

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Meet members of the Apache Big Data communities at DataWorks/Hadoop Summit 20-21 September in Sydney https://dataworkssummit.com/

 - The Apache community will be at All Things Open --stop by the ASF booth and say hello! 23-24 October in Raleigh https://allthingsopen.org/

 - Catch the Apache Ignite and Spark communities at the In-Memory Computing Summit 24-25 October in San Francisco https://imcsummit.org/

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Thursday August 17, 2017

The Apache Software Foundation Welcomes Phil Steitz as Chairman

At yesterday's Board meeting, Phil Steitz was named Chairman of the ASF. Steitz, a 12-year ASF Member and former Vice Chairman, succeeds Brett Porter, who has served as ASF Chairman since June 2013. Porter will continue in his role as a member of the ASF Board of Directors.

"I am super excited to have Phil take on the role of ASF Chairman, for his depth of experience in the Apache community, significant experience in the industry, and clear understanding of Open Source and open development," said Brett Porter. "I thank the ASF Membership for giving me the opportunity to serve as chair over the last few years --it's been great!"

In addition, ASF co-founder Jim Jagielski has been appointed Vice Chairman. Jagielski has held every officer position since the ASF incorporated in 1999.

ASF Members elect the Board of Directors to run the Foundation and to set and ensure policy. The Board of Directors are: Rich Bowen, Shane Curcuru, Bertrand Delacretaz, Ted Dunning, Jim Jagielski, Chris Mattmann, Brett Porter, Phil Steitz, and Mark Thomas.

In addition to Steitz and Jagielski, the ASF's corporate officers include:

 - President Sam Ruby
 - Executive Vice President Ross Gardler
 - Treasurer Ulrich Stärk
 - Secretary Craig Russell

The complete officer roster is available at http://apache.org/foundation/

# # #

Tuesday August 15, 2017

Success at Apache: Meritocracy.

By Kevin A. McGrail

The Apache Software Foundation is not a democracy.

It's an elitist organization that does not support an innate right to vote. We aren't capitalists because you can't buy a seat on our board. We aren't socialists since we place building working communities over software. Monarchy doesn't fit because Kings and Pawns work together as equals.

What we are is a Meritocracy. To be able to have a say, you have to prove your worth in a system of merit. Meritocracy is a key part of The Apache Way. With it, the ASF creates amazing software with amazing people that continues to change the way the world computes.

Merit has no basis on Age, Sex, Religion, Ethnicity, Race, Country of Origin, Sexual Preference, Social Status, Income Level, Lineage, and/or Physical/Cultural Traits*.

In honor of The Apache Way, the ASF has created two wristbands to share with the tech community. The first is silver and announces our Meritocracy. 

The second, because merit is NOT rooted in biological differences, is brash and bold in Red announcing "do I.T. like a girl".  The idea comes from Code Like A Girl wristbands coupled with a small bit of double entendre to start a conversation about improving inclusion.

If you'd like some wristbands, they'll be debossed in a single color like the pictures below. Just send me an email at kmcgrail(at)apache(dot)org. I'll try and send out as many as I can for free. If you like/hate the idea, feel free to send me an email as well and tell me what you would do differently.



* NOTE: We do take into serious account whether you are a Cat or a Dog person.

Kevin A. McGrail is a cybersecurity expert and Open Source advocate who loves stopping spammers. He got involved with the ASF when the Apache SpamAssassin project joined the foundation in 2004. Today he still helps the SpamAssassin project while also serving as an executive officer and VP of Fundraising.

= = =

"Success at Apache" is a new monthly blog series that focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk 4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be

Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation