The Apache Software Foundation Blog

Tuesday April 10, 2018

Success at Apache: Am I there yet? A n00b's perspective

by Charles Givre

Let me start out by saying that I am not a developer. I do have a technical background, but I hadn't coded in Java for at least 10 years before I got involved in the Apache Drill project. One has to wonder how, as a non-developer, I ended up as a committer for the Drill project. In this blog post, I'd like to share with you how I came to be involved with the Drill project.

But first, why Drill?

I first heard about Drill at an industry conference several years ago. I was speaking with Dr. Ellen Friedman about some data issues we were having and she casually mentioned have I tried Drill? I had not heard of it at that point, so I did some research and it seemed as if Drill could solve a lot of problems that my clients were having. But then, I tried using it and kept getting stuck.  

If you aren't familiar with Apache Drill, Drill is an SQL engine which allows you to query any kind of self-describing data. After experimenting with Drill for a while, I was impressed enough to thing that the tool had major potential in security. One of the biggest problems that Drill solves is the need to Extract, Transform, Load (ETL) data into an analytic tool before actually doing analysis of that data. This ETL process adds no value to anything really, and costs large enterprises literally millions of dollars as well as adding unnecessary delays between the time data is ingested and when the data is actually available for analysis. In security applications, this delay directly translates into risk. The longer it takes to make your data available, the more time it will take to potentially find malicious activity and hence, more risk. Therefore, if you're able to query the data without having to do any kind of ETL or ingestion, you are lowering your risk as well as potentially saving millions of dollars.

Getting Involved

Unfortunately, when I started using Drill, I saw this potential, but I couldn't get it to work. My next step from here was to try to get assistance at my company. I pitched the ideas to my company leadership, but it proved very difficult to get the company to pull Java developers from revenue generating projects to work on this "pie-in-the-sky", unproven project. After spending several months on this, I got really frustrated and decided that I was going to try to do it myself, however, I really had no idea what I was doing. I hadn't coded in Java for at least 10 years at the time, and had zero experience with all the modern Java development tools such as Maven and Git. What I did have was persistence, so I started asking for help and decided that I was going to dive right in and start adding the functionality that I felt Drill needed to be useful in security applications. I started working on something that someone else started—the HTTPD format plugin for Drill. Most of the coding was done, but there was still enough there for me to get my hands dirty and start figuring things out.

What I learned

I still would not consider myself a developer, but after getting that particular item committed to the codebase, I learned a lot about how open source projects actually work as well as writing production quality code. Since then, I've tried to add at least one bit of new functionality to each Drill release. I would encourage anyone who is interested in contributing to an Open Source project at the Apache Software Foundation, to dive right in, and start. There are still a lot of ideas I have for Drill, and with time, I hope to have the time to see them through to implementation.

In conclusion, I'm fairly certain that my involvement with Drill and the Apache Software Foundation is really just beginning. I'm currently working on the O'Reilly book about Apache Drill with a fellow Drill committer. It is my hope that the book will spark additional interest in Apache Drill. Open Source software is at the heart of the ongoing data revolution which is dramatically expanding what is possible with data. I firmly believe that Apache Drill will have a role to play in this data revolution and I'm honored to have the opportunity to play a small role in developing Drill.

Charles Givre CISSP is a Lead Data Scientist at Deutsche Bank where he works in the Chief Information Security Office (CISO). Mr. Givre is an active data science instructor and regularly teaches classes about data science and security at various industry conferences, such as BlackHat. Mr. Givre is a committer for the Apache Drill project and together with Mr. Paul Rogers, is working on the forthcoming O’Reilly book about Apache Drill. He can be reached at cgivre(at)apache(dot)org.  

= = =

"Success at Apache" is a monthly blog series that focuses on the processes behind why the ASF "just works" https://blogs.apache.org/foundation/category/SuccessAtApache

# # #

Friday April 06, 2018

The Apache News Round-up: week ending 6 April 2018

Here comes April with quite a few Apache activities:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 18 April. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - Three official Apache events will be taking place this year: 1) Apache Roadshow Europe/Berlin; 2) ApacheCon North America/Montreal; and 3) Apache Roadshow and Job Far/Fairfax http://apachecon.com/
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield smashing "four nines" performance at 99.99% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 528 Apache contributors changed 1,006,554 lines of code over 3,263 commits. Top 5 contributors, in order, are: Carlos Sanchez Gonzalez, Daniel Sun, Paul King, Karl Heinz Marbaise, and Matt Sicker.

Apache FreeMarker™ –a template engine: a Java library to generate text output (HTML web pages, e-mails, configuration files, source code, etc.) based on templates and changing data.
 - Apache FreeMarker 2.3.28 released https://freemarker.apache.org/

Apache Hive™ –Big Data warehouse software that facilitates querying and managing large datasets residing in distributed storage.
 - [SECURITY] CVE-2018-1315 'COPY FROM FTP' statement in HPL/SQL can write to arbitrary location if the FTP server is compromised http://mail-archives.apache.org/mod_mbox/www-announce/201804.mbox/%3CCABDpyChQXi-JSh%3DbytOLsdq7o%2BeSst6hU_s8RN4jQoPzLR2vLQ%40mail.gmail.com%3E
 - [SECURITY] CVE-2018-1282 JDBC driver is susceptible to SQL injection attack if the input parameters are not properly cleaned http://mail-archives.apache.org/mod_mbox/www-announce/201804.mbox/%3CCABDpyCjSKaT9bVNajr0L52b_abuxHL0xWLB%3D5%2B%2BytUzD_JyCRg%40mail.gmail.com%3E
 - [SECURITY] CVE-2018-1284: Hive UDF series UDFXPathXXXX allow users to pass carefully crafted XML to access arbitrary files http://mail-archives.apache.org/mod_mbox/www-announce/201804.mbox/%3CCABDpyChmEOPSBAxb%2BipyGVfhuS4Zq%2Bw0CFn-EANy%2B_TD0o-8%2Bw%40mail.gmail.com%3E

Apache Jackrabbit™ Oak –a scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Web sites and other demanding content applications.
 - Apache Jackrabbit Oak 1.4.21 released http://jackrabbit.apache.org/

Apache Lucene™ Solr™ –an Open Source enterprise search server based on the Lucene Java search library. 
 - Reference Guide for Solr 7.3 released https://lucene.apache.org/solr/guide/7_3

Apache Qpid™ –a cross-platform messaging solution that implements the Advanced Message Queuing Protocol.
- Apache Qpid C++ 1.38.0, Qpid Proton 0.22.0, Qpid Broker-J 7.0.3, and Apache Qpid for Java 6.1.6 released http://qpid.apache.org/

Apache ServiceComb (incubating) –a Restful based service-registry that provides micro-services discovery and micro-service management.
 - Apache Service-Center (incubating) 0.1.0, 1.0.0-m1 and Apache ServiceComb Java-Chassis (incubating) version 1.0.0-m1 released http://servicecomb.incubator.apache.org/

Did You Know?

 - Did you know that the following Apache projects are celebrating anniversaries this month? CXF (10 yrs); Avro, HBase, Mahout, Nutch, Tika, and Traffic Server (8 yrs); Creadur and Jena (6 yrs); DeltaSpike (5 yrs); ORC and Parquet (3 yrs); Apex, AsterixDB, and Johnzon (2 yrs); and CarbonData, Fineract, and Metron (1 yr) --many happy returns! https://projects.apache.org/committees.html?date

 - Did you know that Microsoft Azure's CosmosDB supports Apache Tinkerpop's graph traversal language? http://tinkerpop.apache.org/

 - Did you know that Apache NetBeans Day UK will take place 2 April 2018? https://jaxenter.com/netbeans/apache-netbeans-day-uk-2018

Apache Community Notices:

 - The Apache®Software Foundation Celebrates 19 Years of Open Source Leadership "The Apache Way" https://s.apache.org/gK4Q

 - Read "Open – For Business – At the ASF" by Merv Adrian, VP Research at Gartner https://blogs.gartner.com/merv-adrian/2018/03/27/open-for-business-at-the-asf/

 - A look at the "Apache at 19" promo at https://youtu.be/Fqk_rlKiVIs

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up the Apache Roadshow Europe with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ApacheCon North America will be held 24-29 September in Montreal http://apachecon.com/

 - Save the Date: Apache Roadshow DC and Open Source/Government/Cyber/Job Fair - 8 October 2018 in Fairfax, VA http://apachecon.com/

 - ASF Quarterly Report: Operations Summary: November 2017 - January 2018 https://s.apache.org/UtBD

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday March 30, 2018

The Apache News Round-up: week ending 30 March 2018

Let's bid March farewell with a look back at the many Apache activities over the past week:

But first: cake and party favors!
 - The Apache® Software Foundation Celebrates 19 Years of Open Source Leadership "The Apache Way" https://s.apache.org/gK4Q
 - Read "Open – For Business – At the ASF" by Merv Adrian, VP Research at Gartner https://blogs.gartner.com/merv-adrian/2018/03/27/open-for-business-at-the-asf/
 - A look at the "Apache at 19" promo at https://youtu.be/Fqk_rlKiVIs

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 18 April. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - ENDS TODAY: CFP for ApacheCon 24-29 September in Montreal http://apachecon.com/
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield kicking performance at 99.98% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 519 Apache contributors changed 897,504 lines of code over 3,230 commits. Top 5 contributors, in order, are: Hanisha Koneru, Carlos Sanchez Gonzalez, Jean-Baptiste Onofré, Till Rohrmann, and Tellier Benoit.

Apache Accumulo™ –a sorted, distributed key/value store that provides robust, scalable data storage and retrieval. 
 - Apache Accumulo 1.7.4 released https://accumulo.apache.org/

Apache Ant™ –a Java library and command-line tool that helps building software.
 - Apache Ant 1.9.11 and 1.10.3 http://ant.apache.org/

Apache Any23™ –Anything To Triples is a library, a web service and a command line tool that extracts structured data in RDF format from a variety of Web documents.
 - Apache Any23 2.2 released http://any23.apache.org/

Apache Commons™ Text –Open Source software library provides a host of algorithms focused on working with strings and blocks of text.
 - Apache Commons Text 1.3 released http://commons.apache.org/

Apache Groovy™ –a multi-facet programming language for the JVM.
 - Apache Groovy 2.4.15 released https://groovy.apache.org/

Apache HTTP Server™ –the world's most popular Web server software.
 - Apache HTTP Server 2.4.33 released http://httpd.apache.org/

Apache Jackrabbit™ Oak – scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Web sites and other demanding content applications.
 - Apache Jackrabbit Oak 1.0.42 released http://jackrabbit.apache.org/

Apache Kafka™ –a distributed, fault tolerant, publish-subscribe messaging.
 - Apache Kafka 1.1.0 released http://kafka.apache.org/

Apache Kudu™ –an Open Source storage engine for structured data that supports low-latency random access together with efficient analytical access patterns.
 - Apache Kudu 1.7.0 released https://kudu.apache.org/

Apache Kylin™ –an Open Source Distributed Analytics Engine designed to provide SQL interface and multi-dimensional analysis (OLAP) on Apache Hadoop, supporting extremely large datasets.
 - Apache Kylin 2.3.1 released https://kylin.apache.org/

Apache PDFBox™ –an Open Source Java tool for working with PDF documents.
 - Apache PDFBox 2.0.9 released http://pdfbox.apache.org/

Apache Qpid™ JMS –AMQP enterprise messaging implementation.
 - Apache Qpid JMS 0.31.0 released http://qpid.apache.org/

Apache Struts™ –a free Open Source framework for creating Java Web applications.
 - Immediately upgrade commons-fileupload to version 1.3.3 http://mail-archives.apache.org/mod_mbox/www-announce/201803.mbox/%3CCAMopvkNu%2BMdh%3DXCDQJmKYfjd%3DbdCFkhNXvWbYzvmXuLNw0aYbg%40mail.gmail.com%3E
 - A crafted XML request can be used to perform a DoS attack when using the Struts REST plugin http://mail-archives.apache.org/mod_mbox/www-announce/201803.mbox/%3CCAMopvkNZoHH3qx%2B9brdRdAoZ7zy9w6QPotjohVwqsopGEk%3Dsgw%40mail.gmail.com%3E

Did You Know?

 - Did you know that HBaseCon and PhoenixCon will be taking place 18 June in San Jose? Contact the Apache HBase and Phoenix project communities for more information http://hbase.apache.org/ and http://phoenix.apache.org/

 - Did you know that Orange Moldova uses Apache Wicket to Orange Moldova to build its Webapps? http://wicket.apache.org/

 - Did you know that new projects in the Apache Incubator include Druid (Big Data), Dubbo (Java RPC framework), ECharts (charts and data visualization tool), among others? http://incubator.apache.org/

Apache Community Notices:

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ApacheCon North America will be held 24-29 September in Montreal http://apachecon.com/ **CFP IS OPEN!**

 - ASF Quarterly Report: Operations Summary: November 2017 - January 2018 https://s.apache.org/UtBD

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Monday March 26, 2018

The Apache® Software Foundation Celebrates 19 Years of Open Source Leadership "The Apache Way"

World's largest Open Source foundation's all-volunteer community makes a difference in the lives of billions of users. 

[click for "Apache at 19" promo]

Wakefield, MA —26 March 2018— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today its 19th Anniversary, and its meritocratic, community-driven process known as "The Apache Way" as the key to its success.

asf-19-screenshot.jpg

The world's largest Open Source foundation is home to dozens of freely-available (no cost), enterprise-grade Apache projects that serve as the backbone for some of the most visible and widely used applications in Artificial Intelligence and Deep Learning, Big Data, Build Management, Cloud Computing, Content Management, DevOps, IoT and Edge Computing, Mobile, Servers, and Web Frameworks, among many other categories. Examples of the breadth of applications that are "Powered by Apache" include:

  • 80M+ Websites that use the Apache HTTP Server;
  • the 2.6-terabyte, Pulitzer Prize-winning Panama Papers investigation;
  • system-wide information management at the US Federal Aviation Administration; 
  • 500+B daily event capture each day at Netflix;
  • mobile application development unification across Android/Blackberry/iOS/Ubuntu/Windows/Windows Phone/OS X platforms; 
  • request processing at Facebook’s 300-petabyte data warehouse;
  • powering clouds for Apple, Disney, Huawei, Tata, and countless others; and 
  • accessing content across multi-mission, multi-instrument science data systems at NASA Jet Propulsion Laboratory.

"As we celebrate 19 years of Open Source collaboration, we have a lot to be thankful for at the ASF," said ASF Chairman Phil Steitz. "First, the many volunteers who contribute to our projects.  Some have been contributing continuously since inception and many more join us every year. We now have 6,618 committers, with 504 added just in the last year. Second, we are fortunate to have the constant inflow of new people and communities keeping  the ASF on the cutting edge of new technologies. Finally, we receive generous support from 48 corporate sponsors and thousands of individual donors. As we approach the end of our 'teenage' years, the ASF stands as a vibrant, healthy, leading organization committed to our mission of providing software for the public good by supporting collaborative, open development communities."

Highlights of the Apache community's successes over the past 12 months include:

  • continued guardianship of 190M+ lines of code in the Apache repositories;
  • 9M+ source code downloads from Apache mirrors (excl. convenience binaries);
  • 3,255 Committers changed 71,186,324 lines of code over 225,500 commits;
  • 194 Top-Level Project committees managing 319 projects;
  • 20 new Top-Level Projects graduated from the Apache Incubator;
  • 54 podlings currently undergoing development in the Apache Incubator;
  • 21,893 authors sent 1,771,557 emails on 662,661 topics across 1,131 mailing lists;
  • Web requests received from every Internet-connected country on the planet; and
  • 35M page views per week across apache.org.

"The Apache Software Foundation’s extraordinary contribution to the economic refactoring of software stacks seems to be gaining more momentum with every passing year," wrote Merv Adrian, Analyst and Research Vice President at Gartner. "...the role of the ASF remains so important: by providing a vehicle for developers to work 'in the open,' while keeping the playing field level in many respects, the ASF has enabled the rapid development and pervasive spread of key layers that everyone benefits from." https://blogs.gartner.com/merv-adrian/?p=1213

At the heart of the ASF is its people: Apache software development and project leadership is executed entirely by volunteers. The ASF Board and officers are all volunteers. The dedication of 706 individual ASF Members and thousands of committed volunteers helps make a difference to the lives of billions by ensuring that Apache software remains accessible to all, and always 100% free of charge. Their allegiance is testament to the slogan of "Community Over Code" often paired with The Apache Way that ensures the ASF delivers on its mission of providing Open Source software for the public good.

As a United States private, 501(c)(3) not-for-profit charitable organization, the ASF relies on charitable donations to advance the future of open development, and is sustained by through tax-deductible contributions from generous corporations, foundations, and individuals. Their contributions help offset day-to-day operating expenses that include bandwidth, connectivity, servers, hardware, legal counsel, accounting services, trademark protection, public relations, marketing, and related support staff. As a very lean operation, the ASF spends 10% or less on overhead.

ASF Sponsors include: PLATINUM –Cloudera, Comcast, Facebook, Google, LeaseWeb, Microsoft, Oath, Pineapple Fund; GOLD –ARM, Bloomberg, Hortonworks, Huawei, IBM, ODPi, Pivotal; SILVER –Aetna, Alibaba Cloud Computing, Budget Direct, Capital One, Cash Store, Cerner, Inspur, iSIGMA, Private Internet Access, Red Hat, Serenata Flowers, Target, Union Investment, and Wandisco; BRONZE –7 Binary Options, Airport Rentals, The Blog Starter, Bookmakers, Casino2k, Compare Forex Brokers, HostChecka.com, HostingAdvice.com, HostPapa Web Hosting, The Linux Foundation, Mobile Slots, SCAMS.info, Spotify, Talend, Travel Ticker Hotels, Twitter, Web Hosting Secret Revealed, Wise Buyer.

In addition, the ASF recently announced its new Targeted Sponsors, who provide the Foundation with contributions for specific activities or programs, such as donating cloud services, funding a project hackathon, providing legal services, offering a member benefit, underwriting expenses for ApacheCon, or something entirely new. It’s the Apache way of recognizing the sponsors that we rely on every day outside of and often in addition to funding our general operations. ASF Targeted Sponsors include: PLATINUM –Microsoft, Oath, OSU Open Source Labs, Sonatype; GOLD –Atlassian, The CrytpoFund, Datadog, PhoenixNAP; SILVER –Amazon Web Services, HotWax Systems, Quenda, Rackspace; BRONZE –Assembla, Bintray, Education Networks of America, Google, Hopsie, No-IP, PagerDuty, Sonic.net, SURFnet, Virtru.

"For Airport Rentals, the Apache Way is a way of life. The pillars of collaborative decision making and granting everyone an equal voice are integral to the ethos of the company. Giving everyone a chance to share ideas, craft plans and pioneer initiatives has allowed Airport Rentals to remain agile and creative in a field which demands constant improvement. Without these cornerstones, the company would not be in the position it is today." 
 –Thomas Schmider, SEO Marketing Executive at Airport Rentals 

"Auto & General is proud to have now supported the Apache foundation for many years. We're big believers in Open Source software, and the work Apache does, and thank all involved for their tireless work over the last 19 years."
 –Paul Malt, Chief Information Officer at Auto & General

"The Apache Way gives every developer the opportunity to provide leadership through their contributions to the community. We're proud that the Apache community has recognized the contributions of our developers and asked them to become committers and PMC members."
 –Kevin Fleming, Head of Open Source Community Engagement at Bloomberg

"My computer science experience started with Apache HTTP Server a long time ago, just for fun. Then I become System Administrator and now Chief Information Officer. ASF knowledge guided for more than 10 years and is one of the reasons of my personal success. Keep Going!"
 –Claudio Gianolla, CIO at Casino2k.com

"The Apache Software Foundation's focus an open-source environment with a strong community focus helps Cerner focus on solving hard problems in the health care IT space. The Apache Way means Cerner not only has access to high-quality projects, but also can engage with rich communities, asking questions, contributing patches, and sharing knowledge."
 –Micah Whitacre, Associate Principal Engineer at Cerner

"The Apache Software Foundation is moving open source forward on many fronts.  We especially value its focus on building sustainable communities that ensure the continuing innovation and development of important projects."
 –Jan van Doorn, Fellow at Comcast, and Apache Traffic Control (incubating) committer

"The ASF, and Apache OFBiz in particular, are central to our business. The value we derive from the ASF and the Apache Way is a large part of what drives our business forward. Proud to be a part of this amazing Open Source organization."
 –Mike Bates, CEO at HotWax Systems

"The Apache Software Foundation is an anchor for open source projects that the world depends on across Artificial Intelligence and Deep Learning, Big Data, Cloud Computing, DevOps, IoT and Edge Computing, Mobile, Servers, and Web Frameworks, among other categories. With over 350 projects across the ASF, Apache continues to drive innovation in the industry and IBM is proud to have been there from the beginning and looks forward to continued contributions and collaboration for many years to come."
 –Todd Moore, Vice President of IBM Open Technology

"Congratulations to the Apache Software Foundation on their 19 year anniversary of helping to make critical open source projects possible. Today, most companies are using software from Apache projects. The Internet (and Leaseweb's global cloud platforms) would not be possible without them. Thank you for your amazing work!"
 –Robert van der Meulen, Product Strategy Lead at Leaseweb

"Many of our customers rely upon ASF for projects on Microsoft Azure. The Apache Way helps ensure that our engineers can work with them, our partners and the ecosystem at large efficiently and at scale."
 –John Gossman, Lead Architect at Microsoft

"Teams at Oath actively contribute to Apache projects, such as Traffic Server, Hadoop, and Storm, and are helping incubate new projects like Druid, Omid, and Pulsar. We're proud to be part of some of the world's most important open source projects. Inspired by the Apache Way, we know that all code gets better when we work together to solve challenging engineering problems."
 –Gil Yehuda, Senior Director of Open Source at Oath

"We celebrate the Apache Software Foundation and its community development for nearly two decades. ODPi has always strived to build upon the innovative work of the ASF to help create a thriving and expanding Big Data ecosystem built around the success of Apache Hadoop, Apache Bigtop, Apache Atlas and many others. We believe our focus on the downstream Hadoop ecosystem carries on the work of the ASF and helps oxygenate the big data market and stimulate growth."
 –John Mertic, program director at ODPi

"Our goal is to build the most open cloud and advanced data management tools for all businesses. We see active participation within open source communities as essential to this mission. We have been working with the Apache Software Foundation since Pivotal's founding in 2013. The Apache Software  Foundation's philosophy, particularly the culture of a 'do-ocracy' resonates strongly for us. We look forward to our continued work together to drive the development of open source cloud and data solutions for enterprises."
 –Elisabeth Hendrickson, Vice President, R&D for Data at Pivotal

"Target has benefited from the openness and availability of many ASF projects over the years. Projects like Kafka, Spark, Zookeeper, Avro and so many more enjoy the benefits of running open source projects in the Apache Way. It's good for the projects themselves and for the companies and users who benefit from it."
 –Dan Cundiff, Principal Engineer at Target Corporation 

"Union Investment operates its essential core services on software from various ASF projects. And new services based on ASF projects will follow. Why are we so ASF-focused?! Because we believe in the quality and innovation of the software coming from ASF projects. It helps us mastering the future."
 –Parto Chobeiry, Head of Middle Office Application Management at Union Investment

"I am a big believer in the "open-source" way and a big fan of Apache. To be on Apache's Sponsors list is a huge honour to WHSR (https://www.webhostingsecretrevealed.net/) and myself personally. As a small business established in third world country, we wouldn’t have grew into what we are today without the help of the open source and web developer community. So thank you Apache. Thank you for working tirelessly for the past 19 years. Thank you for making our world and the open source community a better place today."
 –Jerry Low, Founder at Web Hosting Secret Revealed

About The Apache Software Foundation (ASF)
Established in 1999, the all-volunteer Foundation oversees more than 350 leading Open Source projects, including Apache HTTP Server --the world's most popular Web server software. Through the ASF's meritocratic process known as "The Apache Way," more than 700 individual Members and 6,600 Committers successfully collaborate to develop freely available enterprise-grade software, benefiting billions of users worldwide: thousands of software solutions are distributed under the Apache License; and the community actively participates in ASF mailing lists, mentoring initiatives, and ApacheCon, the Foundation's official user conference, trainings, and expo. The ASF is a US 501(c)(3) charitable organization, funded by individual donations and corporate sponsors including Aetna, Alibaba Cloud Computing, ARM, Bloomberg, Budget Direct, Capital One, Cash Store, Cerner, Cloudera, Comcast, Facebook, Google, Hortonworks, Huawei, IBM, Inspur, iSIGMA, LeaseWeb, Microsoft, Oath, ODPi, Pineapple Fund, Pivotal, Private Internet Access, Red Hat, Serenata Flowers, Target, Union Investment, and WANdisco. For more information, visit http://www.apache.org/ and https://twitter.com/TheASF

© The Apache Software Foundation. "Apache", "Apache HTTP Server", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners.

# # #

Friday March 23, 2018

The Apache News Round-up: week ending 23 March 2018

It's time to review our weekly activities! The Apache Community has been working on:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Welcome new ASF Board of Directors http://s.apache.org/Opxf
 - The Apache Software Foundation Operations Summary: November 2017 - January 2018 https://s.apache.org/UtBD
 - Next Board Meeting: 18 April. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - ONE WEEK LEFT: CFP for ApacheCon 24-29 September in Montreal http://apachecon.com/
 - Welcome CloudStack Collaboration Conference and Geospatial Track to ApacheCon ...we look forward to seeing your Apache communities there too!
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield stupendous performance at 99.97% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 555 Apache contributors changed 961,293 lines of code over 3,660 commits. Top 5 contributors, in order, are: James Clampffer, Carlos Sanchez Gonzalez, Andrea Cosentino, Claus Ibsen, and Hanisha Koneru.

Apache Arrow™ –a cross-language development platform for in-memory data.
 - A Native Go Library for Apache Arrow http://arrow.apache.org/blog/
 - Apache Arrow 0.9.0 released http://arrow.apache.org/

Apache Calcite™ –a framework for writing data management systems.
- Apache Calcite 1.16.0 released https://calcite.apache.org/

Apache Drill™ – a distributed MPP query layer that supports SQL and alternative query languages against NoSQL and Apache Hadoop data storage systems.
 - Apache Drill 1.13.0 released https://drill.apache.org/

Apache HAWQ (incubating) –an advanced enterprise SQL on Apache Hadoop analytic engine.
 - Apache HAWQ 2.3.0.0-incubating released http://hawq.apache.org/

Apache Log4j™ –a well-known framework for logging application behavior.
 - Apache Log4j2 2.11.0 released https://logging.apache.org/log4j/

Apache MINA™ –a network application framework that helps users easily develop high performance and high scalability network applications.
 - Apache MINA 2.0.17 released http://mina.apache.org/

Apache ODE™ –a WS-BPEL 1.1/2.0 compliant Web Services orchestration engine.
 - Apache ODE 1.3.8 released http://ode.apache.org/

Apache Struts™ –an elegant, extensible framework for creating enterprise-ready Java Web applications.
 - Apache Struts 2.5.16 GA released http://struts.apache.org/

Apache Syncope™ –an Open Source system for managing digital identities in enterprise environments, implemented in Java EE technology.
 - Apache Syncope 1.2.11 and 2.0.8 released http://syncope.apache.org/
 - CVE-2018-1321: Remote code execution by administrators with report and template entitlements http://mail-archives.apache.org/mod_mbox/www-announce/201803.mbox/%3C2412ad22-6e9a-04f4-996f-9f061b678b01%40apache.org%3E
 - CVE-2018-1322: Information disclosure via FIQL and ORDER BY sorting http://mail-archives.apache.org/mod_mbox/www-announce/201803.mbox/%3Cc4057b57-bfac-7765-2a0a-4e726674ceef%40apache.org%3E

Apache Trafodion™ –a Web-scale SQL-on-Hadoop solution enabling transactional or operational workloads on Apache Hadoop.
 - Apache Trafodion 2.2.0 released https://trafodion.apache.org/

Apache UIMA™ DUCC –a component framework supporting development, discovery, composition, and deployment of multi-modal analytics tasked with the analysis of unstructured information. Distributed UIMA Cluster Computing.
 - Apache UIMA DUCC 2.2.2 released https://uima.apache.org/

Did You Know?

 - Did you know that Netflix run 400 microservices with 33,000 network connections per broker using Apache Kafka? http://kafka.apache.org/

 - Did you know that Apache CouchDB run a weekly news series? Catch up today at https://blog.couchdb.org/

 - Did you know that Apache Airflow (incubating) has a podcast series? https://soundcloud.com/the-airflow-podcast/

Apache Community Notices:

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ApacheCon North America will be held 24-29 September in Montreal http://apachecon.com/ **CFP IS OPEN!**

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Thursday March 22, 2018

Announcing New ASF Board of Directors

At The Apache Software Foundation (ASF) Members’ Meeting held this week, the following individuals were elected to the ASF Board of Directors:

 - Rich Bowen
 - Shane Curcuru
 - Bertrand Delacretaz
 - Isabel Drost-Fromm
 - Ted Dunning
 - Brett Porter
 - Roman Shaposhnik
 - Phil Steitz
 - Mark Thomas


The ASF thanks Chris Mattmann and Jim Jagielski who chose not to stand for re-election this year. The Foundation thanks them for their service, and lauds Jagielski's service as a member of the ASF Board for the past 19 years.

An overview of the ASF's governance, along with the complete list of ASF Board of Directors, Executive Officers, and Project/Committee Vice Presidents, can be found at http://apache.org/foundation/

For more information on the Foundation's operations and structure, see http://apache.org/foundation/how-it-works.html#structure

# # #

Saturday March 17, 2018

The Apache Software Foundation Operations Summary: November 2017 - January 2018

FOUNDATION OPERATIONS SUMMARY

Third Quarter, Fiscal Year 2018 (November 2017 - January 2018)

"The unbroken success of Apache still has important lessons to teach us... The Apache community has succeeded not just in developing great code, it has managed to distil the essence of the development process and ethos in such a way that other cognate projects can adopt and adapt it.--Glyn Moody, "Learning from The Apache Way"

> President's Statement:

This quarter included a number of holidays, which generally means that it is relatively quiet time when each area in operations get lower than normal number of requests and can work down their list of things to do. We created four new projects and retired one. Expenses are under control, and income is ahead of plan. We had no major security breach event that we had to respond to like we did last quarter. That's a very good thing: no news is a good news! In general, all systems are running smoothly as we prepare for the next uptake in activity.

> Conferences and Events: In the report period, the ASF did not conduct any events, and thus we have nothing to report. During this period, we investigated options for ApacheCon events in the 2018 calendar year. You can find details about those events at http://apachecon.com/ and in our upcoming Annual Report. At the close of this quarter, we were finalizing our plans for participation in FOSDEM http://fosdem.org/ .

> Community Development: During this quarter our main focus was participation in several existing Open Source related events. Our involvement was not only represented by talks and presentations but also by having a booth so that we could talk directly with conference attendees. In November, we participated at the FOSS Backstage Micro Summit, a new conference that focuses on Open Source communities, governance and legal aspects. These areas are very relevant to the community development effort and several Apache speakers were selected to be part of the program. Feedback was positive and we would like to continue being involved in this event in the future.

Following our participation last year at the OpenExpo in Madrid, we have been invited to participate again at the conference in 2018. This time we have been allocated a keynote and other presentation slots that will help us promote Apache within Spain and the Spanish speaking community. During early December, we participated at the Open Source Summit in Paris. This included a keynote and also a half day Apache track featuring a range of technical presentations for various projects. We also provided some additional talks as part of the community track.

Community Development also ran the Apache booth which attracted a lot of visitors. As this was a predominantly French speaking event, the French version of the ASF brochure was very useful in explaining to people what the foundation does and how it works. Feedback received from attendees was extremely positive and many wanted become involved with various projects. A key focus during January were tasks around the ASF involvement in for Google Summer of Code(GSoC). The Community Development team is a main contact for co-ordinating and managing the ASF involvement as a mentoring organisation. Many ASF projects have already created a list of ideas that prospective students could work on.

Following on from our last update, we have facilitated the introduction of Apache business cards that anyone involved with Apache projects can use when they are promoting their Apache project at an event or representing their Apache project. Two formats have been agreed, one that is a formal ASF role card that is based card n the existing ASF business cards, and another less formal community business card any contributor to an Apache project can use. A wiki page has been setup with information and FAQs to help with the introduction.

Our mailing list traffic remains stable this quarter with the the main focus being discussions related to the Apache events announced for 2018.

> Committers and Contributions: Over the past quarter, 1,715 contributors committed 51,157 changes that amount to 17,995,945 lines of code across Apache projects. The top 5 contributors during this timeframe were: Michał Narajowski (673 commits); Daniel Sun (666 commits); Mark Thomas (592 commits); Andrea Cosentino (514 commits); Junkai Xue (513 commits).


All individuals who are granted write access to the Apache repositories must submit an Individual Contributor License Agreement (ICLA). Corporations that have assigned employees to work on Apache projects as part of an employment agreement may sign a Corporate CLA (CCLA) for contributing intellectual property via the corporation. Individuals or corporations donating a body of existing software or documentation to one of the Apache projects need to execute a formal Software Grant Agreement (SGA) with the ASF. 

During Q3 FY2018, the ASF Secretary processed 203 ICLAs, 13 CCLAs, and 4 Software Grants. Apache committer activity can be seen at http://status.apache.org/#commits

> Brand Management: This quarter has seen the usual stream of questions, potential infringements, permission requests and registration activities to the Brand Management team. Our policies and answers to common questions may be found on online at https://www.apache.org/foundation/marks/resources and we would encourage everyone with a brand related question to review those pages in the first instance.

One of the challenges for the Brand Management team has been finding a way to track open issues without imposing an unnecessary burden on those raising the issue, the Apache project communities the issue relates to or the Brand Management team. Like all communities at Apache, our communication is based on a mailing list --albeit a private one in this case as many of the issues we handle require a degree of confidentiality. It has been clear for some time that the mailing list alone is not sufficient for tracking open issues. Having experimented with various schemes without success over the last six months, we believe we have found a solution. The Brand Management team is now utilizing a shared mailbox and associated labeling system to allow all team members to see, broken down by project, which issues are resolved, which are waiting on other parties and which require action from us. It is still early in the adoption of this new system, but the initial results are promising.

In this quarter the US trademark registration has completed for Tez® and CouchDB® along with a number of renewals of existing marks. Some of these renewals have been for communities that came to the ASF with registrations in a large number of jurisdictions. Given the costs associated with renewing marks in some jurisdictions, we have started to discuss with those communities whether renewal is a cost-effective use of our funds.

Looking forward to the next quarter, we hope that the new issue tracking process fulfills its early promise and we'll be doing detailed planning for the next financial year.

As always, if you do have any comments or questions for the Brand Management team, please do get in touch: https://www.apache.org/foundation/marks/contact


> Legal Affairs:
 The Apache Software Foundation (ASF) Legal Affairs team works diligently with our pro-bono legal counsel and answers legal questions, and addresses policy issues regarding license compatibility for The Apache Software Foundation. In the last quarter, the Legal Affairs team worked on providing guidance on how to update two of our Export Control Classification Number (ECCN) numbers for ASF projects. In addition the following specific questions were answered and the following work was performed:

  • How to deal with commercial attribution and use of ASF software. 
  • How to properly deal with NOTICE and LICENSE files in ASF projects.
  • The inclusion of Apache license short headers in source code files.
  • Answering whether or not Unified Modeling Language (UML) files could be licensed using the Apache License version 2.0 (ALv2).
  • Use of a dependency licensed under the JSON lib license and also a community with a question about the BSD 3 clause (“nuclear”) license.
  • The Eclipse Public License version 2.0 was added to Category-B license list on the legal resolved page.
  • The inclusion of public work files in ASF projects. 
  • Whether design files commercially licensed could be used to build ASF project websites.
  • Discussions surrounding the replacement of our CLA with the DCO+ALv2 agreement were undertaken but did not reach any conclusions. 
  • The use of metrics data collection surrounding the use of ASF projects was discussed.

The committee is a Board committee and reports directly Apache Board of Directors. We are eager to meet and serve the needs of our projects, in collaboration with our pro-bono counsel.

> Infrastructure: The Infrastructure team and its volunteers have been hard at work over the past quarter working on our mail systems, LDAP, cost reduction, build system improvements, and continued migration off of ASF-owned machines to more flexible cloud-based provisioning.

The mail system at the Foundation is a complex system that has evolved over the twenty years of our existence. It serves tens of thousands of users, millions of daily messages, and resides at the very core of how our communities operate under the Apache Way. Yet, this long history and evolution comes with a lot of historical baggage and technical debt that we have been working against for quite a while. We have made great strides this quarter in crafting new archival and access systems, which also assists with our goals for migration and using Puppet for management. We are still testing and qualifying these systems for deployment, next quarter.

The Foundation has been on a long trajectory to consolidating our authentication and authorization mechanisms around a central LDAP-based system. Our initial deployment did not quite serve our needs properly, so we have simplified, upgraded, and applied Puppet to better provide LDAP services across the Foundation's infrastructure.

This process is near completion, and has served to reduce, remove, and simplify much of our historical tooling.

One of our cost reduction efforts has been focused around our domain and certificate management. We have consolidated several providers to just one, and are looking at about a 40% reduction in future costs. At the same time, using the domain registrar's APIs, we've been able to bring more consistent management to our set of domains (we manage about 40, for the Foundation and its projects).

The holiday season was a great time to upgrade our Jenkins build cluster to their latest LTS release, while people were away spending time with family instead of queuing more build jobs. In addition, one of our sponsors helped out by donating many more build machines. Our projects have an ever-increasing need for more builds, so this has been a great quarter to satisfy those needs.

Lastly, we have made some great progress on our movement away from Foundation-owned hardware towards third-party provisioning of hardware and virtual machines. This long-term project is finally seeing the light at the end of the tunnel, and should be finalized during calendar year 2018.


> Financial Statement:



> Fundraising:
 Over this past quarter we have been launching our Targeted Sponsorship program. Targeted sponsorships give our sponsors greater recognition and more flexibility in how they can help our Top-Level Projects. Take a look at http://www.apache.org/foundation/thanks2.html

We are also proud to be working on three Apache events for 2018: ApacheCon 2018 North America in Montreal in September, the Apache 2018 EU Roadshow in Berlin in June and the Apache 2018 US Roadshow in Washington, DC in October. 

Interested in sponsoring?  Please email kmcgrail@apache.org for more details.

Finally, the Foundation relies on our sponsors to exist.  We are not a trade organization but a 100% volunteer-led charity. Donations are tax-deductible to the extent permitted by law.

# # #

Report prepared by Sally Khudairi, Vice President Marketing & Publicity, with contributions by Sam Ruby, ASF President; Rich Bowen, Vice President Conferences; Sharan Foga, Vice President Community Development; Chris Mattmann, Vice President Legal Affairs; Mark Thomas, Vice President Brand Management; Greg Stein, ASF Infrastructure Administrator; Tom Pappas, ASF Member and Vice President, Finance & Accounting at Virtual, Inc.; and Kevin McGrail, Vice President Fundraising.

For more information, subscribe to the announce@apache.org mailing list and visit http://www.apache.org/, the ASF Blog at http://blogs.apache.org/, the @TheASF on Twitter, and https://www.linkedin.com/company/the-apache-software-foundation.

(c) The Apache Software Foundation 2018.

Friday March 16, 2018

The Apache News Round-up: week ending 16 March 2018

It's time for our mid-month review of the Apache Community's activities since last week:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 March. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/
 - CFP is open for ApacheCon 24-29 September in Montreal http://apachecon.com/

Apache Community Development –helps newcomers take their first steps towards being a part of the Apache community.
 - The ASF is a Google Summer of Code Mentoring Organization for the 13th consecutive year. Students: roll up sleeves and get started with dozens of Apache projects at https://community.apache.org/gsoc.html

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield fabulous performance at 99.96% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 499 Apache contributors changed 896,598 lines of code over 3,223 commits. Top 5 contributors, in order, are: Carlos Sanchez Gonzalez, Alex Harui, Gintas Grigelionis, Tellier Benoit, and Iñigo Goiri.

Apache Allura™ –an Open Source implementation of a software "forge" that manages source code repositories, bug reports, discussions, wiki pages, blogs and more for any number of individual projects.
 - [SECURITY] CVE-2018-1319 Apache Allura HTTP response splitting http://mail-archives.apache.org/mod_mbox/www-announce/201803.mbox/%3Cf89f6551-b72e-5a20-6013-8adf5acd752a%40apache.org%3E

Apache Calcite™ Avatica –a framework for building database drivers.
- Apache Calcite Avatica 1.11.0 released https://calcite.apache.org/

Apache Commons™ Compress –working with zip, ar, jar, bz2, cpio, tar, gz, dump, pack200, lzma, 7z, arj and xz files.
 - [SECURITY] CVE-2018-1324 Apache Commons Compress denial of service vulnerability http://mail-archives.apache.org/mod_mbox/www-announce/201803.mbox/%3C87woycifgl.fsf%40v45346.1blu.de%3E

Apache CXF™ –an Open Source services framework.
 - Apache CXF 3.1.15 released http://cxf.apache.org/

Apache Jackrabbit™ Oak –a scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Wb sites and other demanding content applications.
 - Apache Jackrabbit Oak 1.2.29 released http://jackrabbit.apache.org/

Apache Juneau™ –a toolkit for marshalling POJOs to a wide variety of content types using a common framework, and for creating sophisticated self-documenting REST interfaces and microservices using very little code.
 - Apache Juneau 7.1.0 released http://juneau.apache.org/

Apache PredictionIO™ –an open source Machine Learning Server built on top of state-of-the-art open source stack, that enables developers to manage and deploy production-ready predictive services for various kinds of machine learning tasks.
 - Apache PredictionIO 0.12.1 released http://predictionio.apache.org/

Apache SensSoft (incubating) –a user activity logging and analytics system that enables developers to instrument and extract design and user insights from their applications.
 - Apache SensSoft (Incubating) UserALE.js 1.0.0 released http://senssoft.incubator.apache.org/

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies.
 - Apache Tomcat 8.5.29 released http://tomcat.apache.org/
 - [SECURITY] CVE-2018-1323 Apache Tomcat JK ISAPI Connector path traversal http://mail-archives.apache.org/mod_mbox/www-announce/201803.mbox/%3Cadc2b992-cbd1-145d-2812-f0f2cc69c099%40apache.org%3E

Did You Know?

 - Did you know that Apache NetBeans (incubating) Day UK will be held 27 April 2018? https://www.eventbrite.co.uk/e/apache-netbeans-day-uk-2018-tickets-43401128945

 - Did you know that you can participate in the Apache Drill "wishlist" survey? https://twitter.com/ApacheDrill/status/974499942751289344

 - Did you know that Apache Committers receive a 50% discount off registration for DataWorks Summit? Contact apachedwsdiscount(at)hortonworks(dot)com for the code.

Apache Community Notices:

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 13) A Newbie's Narrative https://s.apache.org/A72H 14) Contributing to Open Source even with a high-pressure job https://s.apache.org/lM9O 15) Success at Apache: Open Innovation from a Non-native English Country https://s.apache.org/lh61

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ApacheCon North America will be held 24-29 September in Montreal http://apachecon.com/ **CFP IS OPEN!**

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday March 09, 2018

The Apache News Round-up: week ending 9 March 2018

Happy Friday, everyone! We've been rather busy in ApacheLand with the following activities:

"Success at Apache" –a monthly blog series that focuses on the processes behind why the ASF "just works".
 - Open Innovation from a Non-native English Country by Von Gosling https://s.apache.org/lh61

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 March. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/
 - CFP is open for ApacheCon 24-29 September in Montreal http://apachecon.com/
 - ApacheCon and The Open Geospatial Consortium team up to advance the implementation of geospatial data and processing across Apache projects https://s.apache.org/iUM5

Apache Community Development –helps newcomers take their first steps towards being a part of the Apache community.
 - The ASF is a Google Summer of Code Mentoring Organization for the 13th consecutive year. Students: roll up sleeves and get started with dozens of Apache projects at https://community.apache.org/gsoc.html

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield snapping performance at 99.98% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 545 Apache contributors changed 1,529,153 lines of code over 4,008 commits. Top 5 contributors, in order, are: Sijie Guo, Duo Zhang, Dan Kirkwood, Andrea Cosentino and Tilman Hausherr.

Apache Groovy™ –a multi-facet programming language for the JVM.
 - Apache Groovy 2.6.0-alpha-3 released https://groovy.apache.org/

Apache HBase™ –an Open Source, distributed, versioned, non-relational database.
 - Apache HBase 2.0.0-beta-2 https://hbase.apache.org/

Apache Hivemall (incubating) –a scalable machine learning library implemented as Hive UDFs/UDAFs/UDTFs.
 - Apache Hivemall 0.5.0-incubating released http://hivemall.incubator.apache.org/

Apache Jackrabbit™ –a fully compliant implementation of the Content Repository for Java(TM) Technology API, version 2.0 (JCR 2.0) as specified in the Java Specification Request 283 (JSR 283).
 - Apache Jackrabbit 2.6.10 released http://jackrabbit.apache.org/

Apache Kafka™ –a distributed streaming platform.
 - Apache Kafka 1.0.1 http://kafka.apache.org/

Apache Kylin™ –an Open Source Distributed Analytics Engine designed to provide SQL interface and multi-dimensional analysis (OLAP) on Apache Hadoop, supporting extremely large datasets.
 - Apache Kylin 2.3.0 released https://kylin.apache.org/

Apache Libcloud™ –a Python library that abstracts away the differences among multiple cloud provider APIs.
 - Apache Libcloud 2.3.0 release https://libcloud.apache.org/

Apache Lucene™ –a high-performance, full-featured text search engine library written entirely in Java.
 - Apache Lucene 6.6.3 and Solr 6.6.3 released http://lucene.apache.org/

Apache Parquet™ –a general-purpose columnar file format supporting nested data.
 - Apache Parquet C++ release 1.4.0 released http://parquet.apache.org/

Apache Qpid™ –a messaging library for the Advanced Message Queuing Protocol 1.0 (AMQP 1.0, ISO/IEC 19464, http://www.amqp.org).
 - Apache Qpid JMS 0.30.0, Apache Qpid Proton 0.21.0, and Qpid Broker-J 7.0.2 released http://qpid.apache.org/

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies.
 - Apache Tomcat Connectors 1.2.43 released https://tomcat.apache.org/

Apache UIMA™ –a component architecture and framework for the analysis of unstructured content like text, video and audio data.
 - Apache UIMA Java SDK 3.0.0 released http://uima.apache.org


Did You Know?

 - Did you know that Netflix uses Apache Kafka to scale its architecture across 4,000+ brokers and > 1 trillion messages per day? http://kafka.apache.org/

 - Did you know that Apache NetBeans (incubating) seeks programmers to help test its newest release? http://netbeans.apache.org/

 - Did you know that you can keep up to date with the latest developments on the ASF Community Development (ComDev) activities through their monthly blog? https://blogs.apache.org/comdev/

Apache Community Notices:

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 13) A Newbie's Narrative https://s.apache.org/A72H 14) Contributing to Open Source even with a high-pressure job https://s.apache.org/lM9O 15) Success at Apache: Open Innovation from a Non-native English Country https://s.apache.org/lh61

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Tuesday March 06, 2018

ApacheCon and The Open Geospatial Consortium team up to advance the implementation of geospatial data and processing across Apache projects




Furthers collaboration on second edition of popular community-driven conference track through new Community Partnership


Wakefield, MA —6 March 2018— ApacheCon, the official conference series of The Apache Software Foundation (ASF), announced today the Geospatial Track, organized by the Open Geospatial Consortium (OGC), who will be supporting ApacheCon as a Community Partner. The track will be held at ApacheCon North America, 24-27 September 2018 in Montreal; the Call for Presentations is open through 30 March 2018.


ApacheCon showcases the latest breakthroughs from ubiquitous Apache projects and upcoming innovations in the Apache Incubator, as well as Open Source development and leading community-driven projects "The Apache Way". Building upon the success of the 2016 Geospatial Track, ApacheCon North America 2018 will once again provide participants the opportunity to learn about leveraging Apache projects for the development, implementation, and processing of geospatial information.


"ApacheCon is unique in that its content is directly created by Apache project user and developer communities," said Rich Bowen, Vice President of Conferences at the ASF. "We are pleased to see the geospatial community’s commitment to Apache software and look forward to extending our collaboration with the Open Geospatial Consortium in future events."


Apache projects used in geospatial computation include Accumulo, Flink, Hadoop, Ignite, Jena, Kafka, Lucene/Solr, MapReduce, Marmotta, Mesos, SDAP (Science Data Analytics Platform), SIS (Spatial Information System), Spark, and more.


“Two years ago, the first dedicated Geospatial Track held at ApacheCon led to two workshops that helped shape OGC’s Big Geospatial Data white paper,“ said George Percivall, CTO and Chief Engineer at OGC. “Collaborating with the Apache community gives us the opportunity to connect with the people behind some of the most widely used projects in Open Source. We welcome proposals for presentations, and invite organizations to sponsor the Track.“


Key details on ApacheCon:

  • Geospatial Track - contact George Percivall at gpercivall@opengeospatial.org
  • Call for Participation - visit http://apachecon.com/acna18/schedule.html --submittors must include “Geospatial Track” in their abstract. CFP closes 30 March 2018.
  • Sponsorship - contact Kevin A. McGrail at kmcgrail@apache.org
  • Registration - http://apachecon.com/ Sign up by 21 July for early registration incentives.


About the Open Geospatial Consortium

The Open Geospatial Consortium (OGC) is an international consortium of more than 525 companies, government agencies, research organizations, and universities participating in a consensus process to develop publicly available geospatial standards. OGC standards support interoperable solutions that ‘geo-enable’ the Web, wireless and location-based services, and mainstream IT. OGC standards empower technology developers to make geospatial information and services accessible and useful within any application that needs to be geospatially enabled. Visit the OGC Website at http://www.opengeospatial.org/ .


About ApacheCon

ApacheCon is the official global conference series of The Apache Software Foundation. Since 2000 ApacheCon has been drawing participants at all levels to explore ”Tomorrow’s Technology Today” across 300+ Apache projects and their diverse communities. ApacheCon showcases the latest developments in ubiquitous Apache projects and emerging innovations through hands-on sessions, keynotes, real-world case studies, trainings, hackathons, community events, and more. For more information, visit http://apachecon.com/ and https://twitter.com/ApacheCon .


# # #

Monday March 05, 2018

Success at Apache: Open Innovation from a Non-native English Country

by Von Gosling

When I saw the "Success at Apache" series, I thought about writing something about my, being from a non-native English country, Open Source experience these past few years. Last year, RocketMQ graduated from the Apache Incubator and became one of the Apache Top-Level Projects. As one of the original co-founders of RocketMQ, I was proud to see an Open Source community from Apache RocketMQ that has an ever-growing diversity. The Apache Software Foundation (ASF), one of the most famous and great technology brands, has thousands of companies’ software infrastructure based on their projects. This is proven from the worldwide download mirror activity in ASF statistics. As an early implementer/pioneer of Open Source in China, Apache HTTP Server, Apache Tomcat, Apache Struts 1.x, and Apache Maven are my favorite software stacks when I worked for building distributed and high-performance websites.

Last year, I wrote an article about the road to the Apache TLP, which is published in China’s InfoQ. Some people asked me how to be more ‘Apache’ and how to build a more diverse community. These are the questions that many people are concerned about. In this blog post, I will address how to be more collaborative around the world, especially in non-native English countries.

Open Communication
With more and more instant messaging apps coming up in Android and IOS world, the younger generation prefers to communicate using such way, which has spread to the daily coding life for the majority of people. But, it is not search engine friendly and in most cases it does not support multi-channel for multi-language. I have been involved in many such local technology groups, together we have discussed what went wrong, explored ideas about how to solve it, and come up with a good solution together. This method worked for all my past projects, but when we hope to be more involved in Open Source around the world, that method does not work well. I remember clearly when RocketMQ began to discuss the process for its proposal, some people complained about what we have to do in the local community. We learned much about from this discussion in the community, and thus, found an effective solution. Hence in the Apache RocketMQ community, we encourage users to ask the question using the user email list. In order to make the communication process effective, we answer the question in the same language of the question. With more and more committers coming from different countries, this solution will help to grow the more diverse community. But, as John Ament said in another "Success at Apache" post https://s.apache.org/x9Be --open communication isn't for everything. We also allow private communication between the users and us as some questions might not be proper to discuss publicly. But that isn't a part of the decision making process. Likewise, anytime we're talking about individuals in either a positive or negative way should be conducted on the private list for a project.

Easy ways to be involved in the community
This is another top concern in the Open Source world. Some people may not know that in China there are many local communities about Apache Projects, such as Apache HTTP Server, Apache Tomcat, Apache Spark, and Apache Hadoop. Such Projects have corresponding Chinese documentations. On the other hand, we try our best to improve the English documents. We consider the messages behind every document page. If one finds a minor or big native narrative polish, one could leave a message, or send feedback to our dev or user email list. Besides documentation, we also hold programming marathons in the community irregularly to get more involved with the community. We could find more users who have more interest, especially cross-domain technology in such campaigns. Recently, we open sourced more tasks in the Google Summer of Code. Students will develop Open Source software full-time for three months. We will provide mentoring and project ideas, and in return have the chance to get new code developed and --most importantly-- to identify and bring in new committers. It is another chance to let PMC members know how to improve and let more students get involved in the community easily.

In China, Internet giants like Alibaba are devoting themselves into Open Source projects hence according to my personal experience, it made sense to help more excellent Chinese projects to come into the Incubator. Right before the Lunar New Year, another famous project from China, Dubbo, started its Apache journey. I am glad to be a local mentor and hope to continue to share what we have learned. Thanks to the ASF, more and more Open Source projects will benefit our daily coding. That is a great appeal around the world’s Open Source field.

Von Gosling is a senior technology manager working at Alibaba Group. He has extensive industry software development experience, especially in distributed tech., reliable Web architecture and performance tuning. He holds many patents in the distributed system, recommendation etc. he has been a frequent speaker at Open Source and architect conferences worldwide including ApacheCon and QCon. He has been the lead for messaging at Alibaba as well as the Tenth and Sixteenth CJK OSS Award recipient. He is the original Apache RocketMQ co-founder and Linux OpenMessaging Standard Initiator.

= = =

"Success at Apache" is a monthly blog series that focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk 4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) Scratch your own itch. https://s.apache.org/Apah 11) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 12) A Newbie's Narrative https://s.apache.org/A72H 13) Contributing to Open Source even with a high-pressure job https://s.apache.org/lM9O 14) Open Innovation from a Non-native English Country https://s.apache.org/lh61

# # # 

Friday March 02, 2018

The Apache News Round-up: week ending 2 March 2018

Well, hello March. Let's see what the Apache community has been up to:

"Success at Apache" –a monthly blog series that focuses on the processes behind why the ASF "just works".
 - Contributing to Open Source even with a high-pressure job by Anthony Shaw https://s.apache.org/lM9O

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 March. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/
 - CFP is open for ApacheCon 24-29 September in Montreal http://apachecon.com/
 - CFP is also open for the Apache Roadshow Europe 13-14 June in Berlin http://apachecon.com/euroadshow18/

Apache Community Development –helps newcomers take their first steps towards being a part of the Apache community.
 - The ASF is a Google Summer of Code Mentoring Organization for the 13th consecutive year. Students: learn how to get started with dozens of Apache projects at https://community.apache.org/gsoc.html

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield sensational performance at 99.90% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 550 Apache contributors changed 1,430,495 lines of code over 4,052 commits. Top 5 contributors, in order, are: Andi Huber, Jacky Li, Sean Busbey, Matteo Merli, and Tilman Hausherr.

Apache Fluo™ –a distributed processing system built on Apache Accumulo.
 - Apache Fluo 1.2.0 released http://fluo.apache.org/

Apache Geode™ –low latency, high concurrency data management solutions.
 - CVE-2017-15692 Apache Geode unsafe deserialization in TcpServer http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAEwge-EA%3DarmRcEHu5R3zZhyuTm%3DZTLKHNJa5wPrsCYd3AeNfA%40mail.gmail.com%3E
 - CVE-2017-15693 Apache Geode unsafe deserialization of application objects http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAEwge-HwkgJoAUiCKj1S43OfcaU%2B47ZQkw%2BwkNmm0%3DJSH_Y5TA%40mail.gmail.com%3E

Apache Groovy™ –a multi-facet programming language for the JVM.
 - Apache Groovy 2.4.14 released https://groovy.apache.org/

Apache Lucy™ –search engine library provides full-text search for dynamic programming languages.
 - Apache Lucy 0.6.2 and Clownfish 0.6.3 released http://lucy.apache.org/

Apache MXNet (incubating) –a deep learning framework designed for both efficiency and flexibility.
 - Apache MXNet (incubating) 1.1.0 released http://mxnet.incubator.apache.org/

Apache OpenMeetings™ –provides video conferencing, instant messaging, white board, collaborative document editing and other groupware tools using API functions of the Red5 Streaming Server for Remoting and Streaming.
 - Apache OpenMeetings 4.0.2 released http://openmeetings.apache.org
 - CVE-2018-1286 - Apache OpenMeetings - Insufficient Access Controls http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAJmbs8jpHcih%2BA0nzrUQV8gkF65tCVLrjqiq26vLarskarScmw%40mail.gmail.com%3E

Apache PDFBox™ –access to images encoded using the JBIG2 image compression standard.
 - Apache PDFBox JBIG2 ImageIO plugin 3.0.0 released http://pdfbox.apache.org/

Apache Qpid™ Dispatch –a router for the Advanced Message Queuing Protocol 1.0
 - Apache Qpid Dispatch 1.0.1 released http://qpid.apache.org/

Apache Subversion™ –universally recognized and adopted Open Source, centralized version control system.
 - Apache Subversion 1.10.0-rc1 released http://subversion.apache.org/

Did You Know?

 - Did you know that the following Apache projects are celebrating anniversaries this month? mod_perl (18 yrs); Struts (14 yrs); Jackrabbit (12 yrs); Phoenix (11 yrs); Archiva (10 yrs); Felix (11 yrs); Archiva (10 yrs); UIMA (8 yrs); Accumulo, Lucy, Sqoop (8 yrs); Bloodhound, CloudStack, cTAKES (5 yrs); Aurora, Polygene (4 yrs); and Sentry (2 yrs). Many happy returns! https://projects.apache.org/

 - Did you know that Apache CouchDB will be featured at the Women Who Code Boston meetup on 20 March? http://couchdb.apache.org/

 - Did you know that Apache CloudStack users may be impacted by the upcoming retirement of http://download.cloud.com ? http://cloudstack.apache.org/

Apache Community Notices:

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 13) A Newbie's Narrative https://s.apache.org/A72H 14) Contributing to Open Source even with a high-pressure job https://s.apache.org/lM9O

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Monday February 26, 2018

Success at Apache: Contributing to Open Source even with a high-pressure job

by Anthony Shaw

I believe in the mission of the ASF for many reasons, but the first is the reason why I got into open-source software- free and open access to knowledge.

Back when I was age 12 (1998), I started to learn to program in dBase 4. dBase 4 and the compiler Clipper were not cheap, especially for a $5-a-week paper-round. The box with the software was unwanted by a local company and it came with the manuals. We didn't have the internet at home yet so I was left to go by the manual, and what I could find from second-hand stores and office cleanout sales. For the next decade, I learnt to case based on what I could find, borrow and scavange until in 2002 when I got a copy of Linux and assembled a couple of machines from unwanted parts from the village computer store.

This is where I discovered free and open-source software and really started to build on my coding skills.

My goals were to learn and to share what I'd learnt that others could get to where they needed to go faster. It also helped that software skills were well sought-after in Europe so it set off me in a career in IT.

20 years after I learnt to code, I've moved out of software-engineering and into Learning and Development at Dimension Data for a 29,000 person technology company that operates in 49 countries across the world. My current roles involves about 3-months a year of travel (15 countries typically), managing a department of over 30 people spread across 4 countries and 4 timezones and delivering on large and complex initiatives with high-degrees of change and short deadlines.

In 2016 I made a choice after getting promoted into my current role that I would continue to contribute to the open-source projects I'd worked on for years. But I set myself 3 rules;

1. I would not take away from time with my family
2. I would not interfere with my work commitments
3. I would look after my health

My open-source contributions

For the past 4 years I've made around 1,000-2,000 contributions annually. These have consisted of bug fixes, submissions, and to around 50 projects.

The largest contributions I've made have been to Apache Libcloud, a multi-cloud abstraction library written in Python. Initially this was driven by a work commitment to contribute an integration with the cloud API we'd designed, but I soon realised the power of the library. Going back to my original goal of free and open access to knowledge, I'd seen an alarming trend in the computing world. Proprietary APIs were driving what is known in the industry as "stickiness" or to be frank, lock-in.

Cloud lock-in means that anyone without access to a reliable network, money or willing to sign up to these contracts is being pushed out of advances in technology. I know developers that are students, in remote areas such as rural Australia, Asia and Africa, or those who simply have little money.

Apache Libcloud's design means that you can design applications which can be deployed to OSS platforms like Apache CloudStack and OpenStack.

After finishing the work driver around 100 hours developing a container abstraction layer for Apache Libcloud that meant that developers could write automation for OSS platforms like Kubernetes using the same API as you would with a public cloud provider.

This was all whilst managing family time, work commitment and my health.

These are my 3 tips for maintaining contributions with a high-pressure job:

1. Pick a project that you care about

This is the most important, something that just sparks your curiosity is good fun, but long term interest often dwindles. I've been victim of "ooh shiny thing" many times in the past, but as my career has taken off, I've had to develop the discipline to stop myself from writing my own scripting language, or building an automated sprinkler system from scratch. I stop and remind myself that I might have the time this second, but what about next week and next month? Stop and prioritise.

Prioritise projects that mean something to you.

The 2 OSS projects I commit the most to are Apache Libcloud and SaltStack. I believe in Apache Libcloud's mission of giving open-access to cloud platforms. My SaltStack contributions have been focused around cloud abstraction, networking API abstraction and other fixes and utilities that make it easier for developers and end-users.

The difference between picking something shiny and something you believe in is that long-term you commit more and you find it easier to jump in and help when you can. But how do you find the time?

2. Choosing your tasks wisely and making time

I get asked this question all the time, "how do you find the time". When I try and convince people to contribute to OSS the response is always about time.

Get rid of the things that don't add value

If you can afford to, hire help to give you back time in your week. Not only does open-source help with your skills and knowledge, but it increases your value to a potential employer. Hiring someone to blow the leaves, or help with the chores once a week doesn't need to cost a lot, but if you work out how much value you can get back from that time it often makes sense.

Another thing I've been strict about is binge-watching TV series and gaming. Playing 100-hours of the latest game might be fun, but I find developing more rewarding in the medium-to-long term. Find ways to unwind that don't consume so much time, like meditation, exercise, or reading.

But, if you do need to put your feet up and watch some TV for a few hours, don't feel guilty about it. 

Work smart, not hard

When I do sit down to contribute something, it'll have been carefully planned and thought through what I'm going to do, what I'm going to test and how I'm going to structure it. I try and complete tasks quickly, with foresight and a goal. Once I've completed this 1 module, with tests, I'll submit my contribution. Don't try and refactor the whole project over a weekend. Keep it simple.

But we all know sometimes the best plans go out the window. If you find yourself going down one of those rabbit holes, where you can't get something to compile or you can't debug one of those zombie bugs we love so much as developers.

Stop yourself.

You can easily sit until 3am banging your head against the wall trying to figure it out. This was my advice when I used to manage development teams. If you get stuck, take a break, ask for help and if that still doesn't work, move onto something else. 

Sometimes I pause working on a task if I can't figure it out. Pause for an hour, a week, or even a whole year. When you have one of those "aha" moments, you go back in and finish the job.

It saves time, it delivers better software and it's a good skill to have as a developer.

Find time

A contribution comes down to 3 things:

1. An idea
2. An understanding
3. A "change", like a fix, feature, test, code-review, documentation etc.

The ideas come to me through reading, listening to users or looking at bug submissions. I do this as and when I have a spare minute. This is normally on my lunch break, when I'm waiting for someone or something. 

The time for understanding I get by listening to podcasts and talking to people at conferences. I get a few hours a week in the car and I spend time doing some chores. During that time I always have headphones on to listen the newest Python podcast or OSS update.

The time to sit down and write, code, or test comes for me on the plane (where I'm writing this blog post!). Last year I did enough miles in the air to fly around the world 8 times, most of that time was spent coding, relaxing or sleeping. Aside from that, time spent in airport lounges, on the train or waiting for people I'll whip out my laptop. Any plane that has Wi-Fi I can push changes, else the minute we land I'll have a laptop open and running git push.

Weekend-time is off limits unless I'm travelling or I'm alone. That's rule 1 -- do not take away from time with the family.

3. Managing your workload and avoiding burnout

There are 2 components to this, managing your work commitment and managing your contributions. You need to do both to succeed. 

It's ok to stop and take a break. There is always a pull-request to merge, a bug to inspect, and an email from an end-user. If you need to take a break for a while, talk to the team, ask for help and be frank. We're all in the same boat, contribution is optional. 

So many times I see people contribution feeling like they have a complete obligation to test and fix bugs at 2am 
and then go to work at 8am. This is normally because they care about the project, they care about quality and they care about their reputation but sometimes you need to step back.

A strong project community will step up and help. If you know that work is going to be tough for the next few months, tell the team and set yourself a limit. Wind back for a bit until things calm down. 

Managing work commitments is tough, because there are often financial consequences (or at least a perception of them).

After 7 hours, you're not really adding value. I used to have a lounge-chair next to my desk and now I have a hammock as I work from home. After a few hours of solid concentration I'll happily go and sit down and do nothing for an hour. Your brain needs a break, sure you'll get the odd "working hard" jab from a passer by but I'm working smarter not harder. Once I'm refreshed I'll finish the next task about 30-40% quicker, to a better level of quality and insight. On the occasion I've done 12-14 hour work days, my brain is shutting down to conserve energy and your critical thinking is the first thing to switch off. Followed by logical thinking, this is where you make mistakes and deliver work that is less than a quality you'd normally expect.

I live close to the beach so my time out is going for a swim in the ocean or spending a bit of time with my family. As a manager I also see a responsibility to make it clear that it's encouraged to step back and recharge. Just in our chat-channel to say that I'll be offline for a couple of hours as I'm going to the beach mid-afternoon. I don't feel guilty about it and I hope they do the same.

Learn how to say no and don't feel guilty about it. When I coach people on this I ask, "who asked you to do this? Was no an option? What value is there in delivering this? What is consequence of not doing it? Who else could do it?"

Everyone wants to be helpful and indispensible, but your reliability is just as important to your reputation and what you deliver. 

Conclusion

Look after your health, be smart with your time and contribute for a cause.

Anthony Shaw is the Group Director of Innovation and Talent Development at Dimension Data, an NTT company. Anthony is an open-source advocate, member of the Apache Software Foundation and Python Software Foundation and active contributor to over 20 open-source projects including Apache Libcloud and SaltStack. At Dimension Data, Anthony is driving digital transformation for Dimension Data’s global clients across 50 countries and 30,000 employees. Key initiatives are software skills, automation, DevOps and Cloud. Anthony is based in Sydney, Australia and blogs about skills, software and automation to 170,000 readers annually.

= = =

"Success at Apache" is a monthly blog series that focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk 4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) Scratch your own itch. https://s.apache.org/Apah 11) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 12) A Newbie's Narrative https://s.apache.org/A72H 13) Contributing to Open Source even with a high-pressure job https://s.apache.org/lM9O

# # # 

Friday February 23, 2018

The Apache News Round-up: week ending 23 February 2018

We're closing out the month with the following activities from the Apache community:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 March. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/
 - CFP is open for ApacheCon 24-29 September in Montreal http://apachecon.com/
 - CFP is also open for the Apache Roadshow Europe 13-14 June in Berlin http://apachecon.com/euroadshow18/

Apache Community Development –helps newcomers take their first steps towards being a part of the Apache community.
 - We are proud to be a Google Summer of Code Mentoring Organization for the 13th consecutive year. Students: learn how to get started with dozens of Apache projects at https://community.apache.org/gsoc.html

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield zippity performance at 99.97% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 406 Apache contributors changed 872,446 lines of code over 2,838 commits. Top 5 contributors, in order, are: Dewayne Richardson, Andi Huber, Dan Kirkwood, Daniel Sun, and Dan Haywood.

Apache Arrow™ –a cross-language development platform for in-memory data.
 - Apache Arrow JavaScript 0.3.0 released http://arrow.apache.org/

Apache Beam™ –a programming model, SDKs, and runners for defining and executing data processing pipelines.
 - Apache Beam 2.3.0 released https://beam.apache.org/

Apache Geode™ –low latency, high concurrency data management solutions.
 - CVE-2017-15696 Apache Geode configuration request authorization vulnerability http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAEwge-GQLV_9Y56psCejkhA-B3jx4amnQP5AoVwURbzn%3DDCZOw%40mail.gmail.com%3E

Apache Groovy™ –a multi-facet programming language for the JVM.
 - Apache Groovy 2.5.0-beta-3 released https://groovy.apache.org/

Apache Jackrabbit™ Oak –a scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Web sites and other demanding content applications.
 - Apache Jackrabbit Oak 1.4.20 released http://jackrabbit.apache.org/

Apache jclouds™ –an Open Source multi-cloud toolkit for the Java platform that gives you the freedom to create applications that are portable across clouds while giving you full control to use cloud-specific features.
 - Apache jclouds 2.1.0 released http://jclouds.apache.org/

Apache NetBeans (incubating) –a development environment, tooling platform and application framework.
 - Apache NetBeans (incubating) 9.0 Beta released http://netbeans.apache.org/

Apache Storm™ –a distributed, fault-tolerant, and high-performance realtime computation system that provides strong guarantees on the processing of data.
 - Apache Storm 1.0.6, 1.1.2, and 1.2.0 released http://storm.apache.org

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies.
 - CVE-2018-1304 Security constraints mapped to context root are ignored http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3C2a8f2292-2aee-d8fa-9ccc-d1f9b20d0eed%40apache.org%3E
 - CVE-2018-1305 Security constraint annotations applied too late http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3C8b41c43e-20cd-10d0-5e2e-e3947bd26a32%40apache.org%3E

Apache Wicket™ –an Open Source Java component oriented Web application framework that powers thousands of web applications and Web sites for governments, stores, universities, cities, banks, email providers, and more.
 - Apache Wicket 8.0.0-M9 released http://wicket.apache.org


Did You Know?

 - Did you know why companies sponsor ApacheCon? https://feathercast.apache.org/2016/05/09/why-did-you-sponsor-apachebigdata/

 - Did you know that German business management consultancy Ecomify uses Apache OFBiz? http://ofbiz.apache.org/

 - Did you know that Apache Zeppelin will be holding a get together at Strata 2018 in San Jose? http://zeppelin.apache.org/

Apache Community Notices:

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 13) A Newbie's Narrative https://s.apache.org/A72H

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Apache CloudStack will be holding their first German Meetup on 28 February 2018 in Frankfurt https://www.meetup.com/german-CloudStack-user-group/events/246861772/?eventId=246861772

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday February 16, 2018

The Apache News Round-up: week ending 16 February 2018

Happy Friday --let's review what the collective Apache community has been up to:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3
 - Next Board Meeting: 21 February. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series.
 - Travel Assistance applications now being accepted for ApacheCon/Montreal https://www.apache.org/travel/
 - CFP is open for ApacheCon 24-29 September in Montreal http://apachecon.com/
 - CFP is also open for the Apache Roadshow Europe 13-14 June in Berlin http://apachecon.com/euroadshow18/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield sensational performance at 99.95% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 547 Apache contributors changed 1,185,183 lines of code over 3,568 commits. Top 5 contributors, in order, are: Christopher Collins; Duo Zhang, Felix Schumacher, Andrea Cosentino, and Dan Haywood.

Apache CloudStack™ –Open Source enterprise Cloud orchestration platform.
 - The Apache Software Foundation Announces Apache® CloudStack® v4.11 https://s.apache.org/CloudStack411

Apache Commons™ Compress –defines an API for working with compression and archive formats.
 - Apache Commons Compress 1.16.1 released http://commons.apache.org/

Apache Curator™ –a Java/JVM client library for Apache ZooKeeper that includes a high-level API framework and utilities to make using Apache ZooKeeper much easier and more reliable.
 - Apache Curator 4.0.1 released http://curator.apache.org/

Apache Jackrabbit™ Oak –a scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Web sites and other demanding content applications.
 - Apache Jackrabbit Oak 1.6.9 released http://jackrabbit.apache.org/

Apache JMeter™ –pure Java application for load and functional testing.
 - Apache JMeter 4.0 released http://jmeter.apache.org/
 - CVE-2018-1297: Apache JMeter uses an unsecure RMI connection in Distributed mode http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAH9fUpaNzk5am8oFe07RQ-kynCsQv54yB-uYs9bEnz7tbX-O7g%40mail.gmail.com%3E
 - CVE-2018-1287: Apache JMeter binds RMI server to wildcard in distributed mode (based on RMI) http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAH9fUpYsFx1%2Brwz1A%3Dmc7wAgbDHARyj1VrWNg41y9OySuL1mqw%40mail.gmail.com%3E

Apache JSPWiki™ –a feature-rich and extensible WikiWiki engine built around the standard JEE components (Java, servlets, JSP).
 - Apache JSPWiki 2.10.3 released http://jspwiki.apache.org/

Apache Oozie™ – a workflow scheduler system to manage Apache Hadoop jobs.
 - Apache Oozie 4.3.1 released http://oozie.apache.org
 - CVE-2017-15712: Apache Oozie Server vulnerability http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCABBupGWtC2vN-JzXWeuDaN-_bP6yzRJhK%2BDAfr%3DgSGLZJGbFCQ%40mail.gmail.com%3E

Apache Phoenix™ –enables OLTP and operational analytics for Apache Hadoop by providing a relational database layer leveraging Apache HBase as its backing store. 
 - Apache Phoenix 5.0.0-alpha released https://phoenix.apache.org/

Apache Qpid™ –AMQP enterprise messaging implementation.
 - Apache Qpid Dispatch 0.8.1 released http://qpid.apache.org
 - CVE-2017-15699: Apache Qpid Dispatch Router Denial of Service Vulnerability when specially crafted frame is sent to the Router http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAO30oQd%3DUw5ovTGPX-NNEeMdrURYsxceXoHcULoJF4rToi6BMA%40mail.gmail.com%3E

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies.
- Apache Tomcat 7.0.85, 8.0.50, 8.5.28, and 9.0.5 released http://tomcat.apache.org/

Apache Wicket™ –an Open Source Java component oriented Web application framework that powers thousands of web applications and Web sites for governments, stores, universities, cities, banks, email providers, and more.
 - Apache Wicket 7.10.0 released http://wicket.apache.org


Did You Know?

 - Did you know that over the past decade, the ASF's Travel Assistance Committee has provided travel support to enable dozens of individuals across the globe to attend ApacheCon? https://www.apache.org/travel/

 - Did you know that the CFP for our Apache Roadshow Europe's host event, FOSS Backstage, closes on 18 February? https://foss-backstage.de/call-papers

 - Did you know that members of the Apache Big Data community will be on the "SMACK 2.0: Emerging Data Pipelines" panel at Index Developer Conference 20-22 February/San Francisco? https://developer.ibm.com/indexconf/sessions/#!/?id=5559 Sign up by 20 February and save $70 using discount code CD3ALEXY

Apache Community Notices:

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO 11) Scratch Your Own Itch. https://s.apache.org/7Amk 12) What a Long Strange (and Great) Trip It's Been https://s.apache.org/gVuN 13) A Newbie's Narrative https://s.apache.org/A72H

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - Members of the Apache Big Data community will be at the Index Developer Conference 20-22 February/San Francisco. Sign up by 20 February and save $70 using discount code CD3ALEXY https://developer.ibm.com/indexconf/sessions/#!/?id=5559 

 - The Apache Tinkerpop community will be holding a MeetUp on Gremlin on 21 February in New York https://www.meetup.com/DataStax-UserGroup-NewYork/events/246762770/

 - Apache CloudStack will be holding their first German Meetup on 28 February 2018 in Frankfurt https://www.meetup.com/german-CloudStack-user-group/events/246861772/?eventId=246861772

 - Members of the Apache community will be presenting at DataWorks Summit 16-19 April 2018 in Berlin https://dataworkssummit.com/

 - Open Expo Europe - 6-7 June 2018 in Madrid https://openexpoeurope.com/

 - Meet members of the Apache community at Open Expo Madrid 6-7 June 2018 http://www.openexpo.es/en/

 - We're teaming up with Berlin Buzzwords - 10-12 June 2018 (Apache Lounge dates: 11-12 June) https://berlinbuzzwords.de/

 - The 2018 Apache EU Roadshow will be held during FOSS Backstage in Berlin 13-14 June 2018 https://foss-backstage.de/

 - Apache Big Data project communities will be participating at DataWorks Summit 17-21 June 2018 in San Jose https://dataworkssummit.com/

 - ASF Quarterly Report: Operations Summary Q2 FY2018 https://s.apache.org/j1GJ

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation