The Apache Software Foundation Blog

Friday July 27, 2018

The Apache News Round-up: week ending 27 July 2018

Farewell, July! Let's check out the Apache community's activities from the past week:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 15 August. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series. Join us!
 - 24-27 September: Registration for ApacheCon North America/Montreal is open http://apachecon.com/acna18/
 - 8 October: Apache Roadshow and Open Source Job Fair/Fairfax, VA --Save The Date!
 - Media and Community Partner opportunities available for *all* official Apache events: drop us a note at press@apache.org to help.

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield zippity performance at 93.91% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 506 Apache contributors changed 968,003 lines of code over 3,133 commits. Top 5 contributors, in order, are: Tellier Benoit, Karl Heinz Marbaise, Andrea Cosentino, Roberto Cortez, and Gary Gregory.

Apache Accumulo™ –a sorted, distributed key/value store that provides robust, scalable Big Data storage and retrieval.
 - Apache Accumulo 1.9.2 released https://accumulo.apache.org/

Apache Calcite™ –a framework for writing Big Data management systems.
 - Apache Calcite 1.17.0 released http://calcite.apache.org/

Apache Directory™ Fortress –computer security access management facility written in Java.
 - Apache Fortress 2.0.1 released https://directory.apache.org/fortress/

Apache HBase™ –Open Source, distributed, versioned, non-relational database.
 - Apache HBase 2.1.0 released https://hbase.apache.org/

Apache HttpComponents™ HttpAsyncClient–a library for client-side HTTP communication built on HttpCore.
 - HttpComponents HttpAsyncClient 4.1.4 GA released http://hc.apache.org/

Apache Kafka™ –distributed, fault tolerant, publish-subscribe messaging.
 - CVE-2017-12610: Authenticated Kafka clients may impersonate other users http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3CCAOJcB383nmC%2BpxBXoc2JcuD4TXgQrvgjCuovNavmt6sFs4%2BsBQ%40mail.gmail.com%3E
 - CVE-2018-1288: Authenticated Kafka clients may interfere with data replication http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3CCAOJcB3905-NRw3baEUGhEaqKipzQ%2BNryJHsK%3DAtF_aFFsF1nOA%40mail.gmail.com%3E

Apache OpenWhisk (incubating) –distributed serverless computing platform.
 - CVE-2018-11756 PHP Runtime for Apache OpenWhisk http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3CCAAC1_d4geVGr-%2BOk95Gq9C9P81BXUDT3d9N7-2r%2BqsiPrM5r3w%40mail.gmail.com%3E
 - CVE-2018-11757 Docker Skeleton Runtime for Apache OpenWhisk http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3CCAAC1_d7x6buq1aREekk_Eh9SjevQLPLkXc%2BaidiFBMcNz7GGwQ%40mail.gmail.com%3E

Apache Qpid™ –messaging tools that speak AMQP and support many languages and platforms.
 - Apache Qpid JMS 0.35.0 released http://qpid.apache.org/

Apache Tomcat™ –an Open Source implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies.
 - CVE-2018-8019 Apache Tomcat Native Connector - Mishandled OCSP invalid response http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180721095943.GA24320%40minotaur.apache.org%3E
 - CVE-2018-8020 Apache Tomcat Native Connector - Mishandled OCSP responses can allow clients to authenticate with revoked certificates http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180721101944.GA45239%40minotaur.apache.org%3E
 - CVE-2018-1336 Apache Tomcat - Denial of Service http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090435.GA60759%40minotaur.apache.org%3E
 - CVE-2018-8037 Apache Tomcat - Information Disclosure http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090623.GA92700%40minotaur.apache.org%3E
 - CVE-2018-8034 Apache Tomcat - Security Constraint Bypass http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722091057.GA70283%40minotaur.apache.org%3E


Did You Know?

 - Did you know that you can easily help promote ApacheCon? http://www.apachecon.com/acna18/banners/

 - Did you know that you can achieve Machine Learning on SQL by using Apache Hivemall (incubating) on Apache Hive or Apache Spark? http://hivemall.incubator.apache.org/

 - Did you know that the highest code contribution value during FY2018 was by Apache Mynewt? $61,769,063 worth of code! https://s.apache.org/FY2018AnnualReport

Apache Community Notices:

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation Celebrates 19 Years of Open Source Leadership "The Apache Way" https://s.apache.org/gK4Q

 - Read "Open – For Business – At the ASF" by Merv Adrian, VP Research at Gartner https://blogs.gartner.com/merv-adrian/2018/03/27/open-for-business-at-the-asf/

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://events.apache.org/event/meetups.html

 - ApacheCon North America will be held 24-27 September in Montreal http://apachecon.com/

 - Save the Date: Apache Roadshow DC and Open Source/Government/Cyber/Job Fair - 8 October 2018 in Fairfax, VA http://apachecon.com/

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday July 20, 2018

The Apache News Round-up: week ending 20 July 2018

Greetings, all. It's time to review the Apache community's activities from the past week:

Support Apache –help offset the ASF's day-to-day operating expenses and keep Apache software for everyone.
 - Consider an individual contribution or corporate sponsorship or matching gift program. Every dollar counts. http://apache.org/foundation/contributing.html

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 15 August. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series. Join us!
 - 24-27 September: Registration for ApacheCon North America/Montreal is open http://apachecon.com/acna18/
 - 8 October: Apache Roadshow and Open Source Job Fair/Fairfax, VA --Save The Date!
 - Media and Community Partner opportunities available: contact press@apache.org if you can help.

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield great performance at 92.39% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 505 Apache contributors changed 1,356,389 lines of code over 3,304 commits. Top 5 contributors, in order, are: Rakesh Radhakrishnan, Gary Gregory, Shawn McKinney, Andrea Cosentino, and Julian Reschke.

Apache Commons™ DBCP –database connection pooling services.
 - Apache Commons DBCP 2.5.0 released http://commons.apache.org/

Apache Ignite™ –a memory-centric distributed database, caching, and processing platform for transactional, analytical, and streaming workloads delivering in-memory speeds at petabyte scale.
 - Apache Ignite 2.6.0 released https://ignite.apache.org/
 - [CVE-2018-1273] Apache Ignite impacted by security vulnerability in Spring Data Commons http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3CCAK0qHnqzfzmCDFFi6c5Jok19zNkVCz5Xb4sU%3D0f2J_1i4p46zQ%40mail.gmail.com%3E
 - [CVE-2018-8018] Possible Execution of Arbitrary Code via Apache Ignite GridClientJdkMarshaller http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3CCAK0qHnrpBcaDc65bjdX1jEqr6L9a%2BOWcouC9P6JwEY1vh9gbhQ%40mail.gmail.com%3E

Apache Kafka™ –a distributed, fault tolerant, publish-subscribe messaging.
 - Apache Kafka 1.0.2 released https://kafka.apache.org/

Apache NiFi™ –an easy to use, powerful, and reliable system to process and distribute data.
 - Apache NiFi 1.7.1 released https://nifi.apache.org/

Apache Phoenix™ –enables OLTP and SQL-based operational analytics for Apache Hadoop.
 - Apache Phoenix 5.0.0 released http://phoenix.apache.org/

Apache Qpid™ –a messaging library for the Advanced Message Queuing Protocol 1.0 (AMQP 1.0, ISO/IEC 19464, http://www.amqp.org).
Apache Qpid Proton-J 0.27.2 and 0.28.0, and Qpid JMS AMQP 0-x 6.3.2 released http://qpid.apache.org/

Apache Subversion™ –leading Open Source version control system.
 - Apache Subversion 1.9.9 and 1.10.2 released https://subversion.apache.org/

Did You Know?

 - Did you know that Nextens improved searchability and created smart relationships between its intricate tax law content using Apache Tinkerpop Gremlin? http://tinkerpop.apache.org/

 - Did you know that you can improve query performance using Apache Parquet columnar storage format? http://parquet.apache.org/

 - Did you know that over the past year, 3,280 Committers changed 71,186,324 lines of code over 222,684 commits? https://projects.apache.org/

Apache Community Notices:

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation Celebrates 19 Years of Open Source Leadership "The Apache Way" https://s.apache.org/gK4Q

 - Read "Open – For Business – At the ASF" by Merv Adrian, VP Research at Gartner https://blogs.gartner.com/merv-adrian/2018/03/27/open-for-business-at-the-asf/

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - ApacheCon North America will be held 24-27 September in Montreal http://apachecon.com/

 - Save the Date: Apache Roadshow DC and Open Source/Government/Cyber/Job Fair - 8 October 2018 in Fairfax, VA http://apachecon.com/

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Friday July 13, 2018

The Apache News Round-up: week ending 13 July 2018

Happy Friday, everyone. Let's review the Apache community's activities over the past week:

Success at Apache –a monthly blog series that focuses on the processes behind why the ASF "just works".
 - The Apache Way for Executives by Alex Karasulu https://s.apache.org/2Wg8

Support Apache –helping offset the ASF's day-to-day operating expenses keeps Apache projects freely available for all.
 - From individual contributions to ASF Sponsorship to corporate matching gift programs, every dollar counts. http://apache.org/foundation/contributing.html

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - The Apache® Software Foundation Announces Annual Report for 2018 Fiscal Year https://s.apache.org/VVyr
 - Next Board Meeting: 18 July. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series. Join us!
 - 24-27 September: Sign up for ApacheCon today and SAVE $300 http://apachecon.com/acna18/
 - 8 October: Apache Roadshow and Open Source Job Fair/Fairfax, VA --Save The Date!
 - Media and Community Partner opportunities available: contact press@apache.org if you can help.

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield sizzling performance at 92.97% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 504 Apache contributors changed 892,182 lines of code over 2,921 commits. Top 5 contributors, in order, are: Jeremy Mitchell, Gary Gregory, Rakesh Radhakrishnan, Chris Brody, and Andrea Cosentino.

Apache Commons™ Pool –provides an object-pooling API and a number of object pool implementations.
 - Apache Commons Pool 2.6.0 released http://commons.apache.org/

Apache Directory™ –an ongoing effort to provide an enhancedLDAP API, as a replacement for JNDI and the existing LDAP API (jLdap and Mozilla LDAP API).
 - Apache LDAP API 1.0.2 http://directory.apache.org/
 - CVE-2018-1337 Plaintext Password Disclosure in Secured Channel http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3CCAG8%3DFRgsDuDkVhUjRHvq9mwvxjcMD3eL2nWhyFDMymd4D%3Dz5nA%40mail.gmail.com%3E

Apache HttpComponents™ Client –a library for client-side HTTP communication built on HttpCore that provides connection management, cookie management, and authentication
 - HttpComponents Client 4.5.6 GA released http://hc.apache.org/

Apache Kylin™ –an Open Source Distributed Analytics Engine designed to provide SQL interface and multi-dimensional analysis (OLAP) on Apache Hadoop, supporting extremely large datasets.
 - Apache Kylin 2.3.2 released https://kylin.apache.org/

Apache Syncope™ –an Open Source system for managing digital identities in enterprise environments.
 - Apache Syncope 2.1.0 http://syncope.apache.org/

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies.
 - Apache Tomcat 7.0.90 released http://tomcat.apache.org/

Apache XMLBeans™ –a tool that allows access to the full power of XML in a Java friendly way.
 - Apache XMLBeans under management of Apache POI project; 3.0.0 released https://xmlbeans.apache.org/


Did You Know?

 - Did you know that slide presentations from the Apache Roadshow/Berlin are available at https://s.apache.org/FPCP ? Video presentations at https://www.youtube.com/channel/UCLDJ_V9KUOdOFSbDvPfGBxw too!

 - Did you know that the following projects are celebrating anniversaries this month? Many happy returns to Apache Tcl (18 years); Apache DB (16 years); Apache ODE (11 years); Apache STeVe (6 years); Apache JSPWiki (5 years); Apache Celix, Tez, and VXQuery (4 years); Apache NiFi (3 years); Apache Kudu (2 years); Apache Fluo, MADlib, and Streams (1 year)! https://projects.apache.org/committees.html?date

 - Did you know that you can meet members of the Apache community at the Apache booth at OSCON 18-19 July? http://oscon.com/


Apache Community Notices:

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation Celebrates 19 Years of Open Source Leadership "The Apache Way" https://s.apache.org/gK4Q

 - Read "Open – For Business – At the ASF" by Merv Adrian, VP Research at Gartner https://blogs.gartner.com/merv-adrian/2018/03/27/open-for-business-at-the-asf/

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - ApacheCon North America will be held 24-27 September in Montreal http://apachecon.com/

 - Save the Date: Apache Roadshow DC and Open Source/Government/Cyber/Job Fair - 8 October 2018 in Fairfax, VA http://apachecon.com/

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Monday July 09, 2018

Success at Apache: The Apache Way for Executives

by Alex Karasulu

I'm a long time member of the Apache Software Foundation and have been an executive officer of several corporations over the course of the past 20 years. I've co-founded several projects in the community and mentored several others.

The "Apache Way" has benefited several aspects of my life, however I never imagined it would help make me a better executive. Even non-technical executives, in organizations totally outside of the realm of technology, can benefit from the Zen of the Apache Way.

Life is hard when you're stupid

I was involved in a number of early dot com startups as an executive, however that was before my involvement with Apache and long before any exposure to the Apache Way. To this day, I remember how opportunistic decisions for short term gains, the lack of collaboration, openness and communication kept causing friction that made my job and ultimately my life much harder than it had to be.

Learning while on the job

Exposure to the philosophy began early even while lurking on mailing lists but picked up more while incubating the Apache Directory Project where I worked with others to grow an active community. Meanwhile, I was the Chief Technology Officer of a large financial services company called Alliance Capital Partners. It was 2002, and the first time I had to conduct myself as a C-Suite executive in an enterprise that was obviously not a technology company. Incidentally, the lack of hands-on coding got me working on a pet project that ultimately became the Apache Directory Server and Apache MINA. The project was medicine to keep me sane and technically up to date. Unbeknownst to me, this would save my career, not as a developer, but as an executive.

The Apache Way makes life easier

The most important and first lesson I learned from the Apache Community was to avoid short term gains that were unsustainable in the long term. This very important core principle derives in part from the concept of "community over code". It does not matter how much code you write, or how good your code is if you cannot get along, compromise, and communicate respectfully with your peers. The code does not write itself, its the community behind it that keeps the code alive. Involving only the most technically proficient contributors should never trump the need to build a sustainable community. I saw projects often suffer from self-centered yet skilled coders added as committers for short term gain at the detriment of a healthy sustainable community. So as a corollary to community over code, avoid short term gains that get in the way of the long term sustainability of an organization's culture. This has immense applications for any executive in both technical and non-technical fields.

While growing my new development organization in this financial services organization, I decided to avoid hiring people that seemed to be very skilled technically but lacked the desire or social skills to collaborate with others. Thanks to experiences at Apache, I could start telling them apart much better than I did before. Also, I was calmer and less anxious when hiring to fill gaps on the team. It was better not to have the resource than to introduce a bad apple onto the team. 

This was contrary to how I had operated earlier and started producing great results. The application of this basic principle lead to a solid team that worked better together than ever before in the past. They were able to leverage each others' skills thanks to collaboration to out perform any one skilled developer. This is all thanks to the concept of community over code where social skills, and collaboration were stressed more than technical skills. In the end, being kind, listening, and asking smart questions begets the kind of collaboration needed to build complex software. 

Not only did this help with developers, it also worked with teams that did not produce code like project managers under the CTO office. The rule is golden, and IMHO should be applied to any executive's decision making process regardless of the nature of the business or topic at hand.

Inner Source is the Apache Way

Executives drive the architecture and cultural direction of their organizations and the Apache Way provides a solid framework to create healthy foundations through open collaboration, communication and the availability of knowledge for everyone to participate.

Several very successful technology companies have adopted the Apache Way without really realizing they're doing so.  In 2000, Tim O'Reilly coined the term Inner Source https://en.wikipedia.org/wiki/Inner_source to apply Open Source principles to any organization. Tim was essentially talking about applying the Apache Way within organizations. The Apache Way has proven itself with companies like IBM, Google, Microsoft, SAP, PayPal and even financial institutions like Capital One which have adopted the Inner Source methodology which is one and the same.

Without going into the details, of which we the Apache Community are intimately aware (using it daily within our projects), I would like to stress how important the approach is for executives outside of Apache to understand. The Apache Way can save organizations from all out disaster, not to mention billions of dollars by impacting the quality of services and products they produce. Again this does not only apply to companies in technological sectors. Capital One a financial services company has also used Open Source methods for internal projects to be extremely successful https://www.oreilly.com/ideas/using-open-source-methods-for-internal-software-projects .

Conclusions

The Apache Way provides several benefits to executives aware of the approach. Executives can directly integrate the principles of the Apache Way into their own thinking to improve their potential for personal success. However the biggest value comes from the cultural framework it produces for the entire organization, however to leverage it in their organizations, executives must be aware of it. The Apache Way has personally helped me grow as an effective executive and it can help others as well. It also provides a compass for how to properly build effective organizations, not only technical ones.


Alex Karasulu is an entrepreneur with over 25 years of experience in the software industry and a recognized leader in the Open Source community. He is widely known as the original author of the Apache Directory Server, used by IBM both as the foundation of the Rational Directory Server and also integrated into the Websphere Application Server. Alex co-founded several Apache projects, including MINA, and Felix, among others, which, along with their communities, thrive independently past his day-to-day involvement in the projects. He is the founder of Safehaus, where he authored the first low-resource mobile OTP algorithms in Open Source with the OATH community that was later adopted by Google in their Authenticator product. In addition to IBM, Atlassian, Cisco, and Polycom are just a few of the many companies that sell commercial hardware and software solutions that bundle or embed software and products that Alex has created. Alex holds a BSc. in Computer Science and Physics from Columbia University. He is the founder and co-CEO of OptDyn.

= = =

"Success at Apache" is a monthly blog series that focuses on the processes behind why the ASF "just works" https://blogs.apache.org/foundation/category/SuccessAtApache

The Apache® Software Foundation Announces Annual Report for 2018 Fiscal Year

World's largest Open Source foundation's 300+ freely-available, enterprise-grade Apache projects power some of the most visible and widely used applications in computing today.

Wakefield, MA —9 July 2018— The Apache® Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today the availability of the annual report for its 2018 fiscal year, which ended 30 April 2018.

Established in 1999, the world's largest Open Source foundation’s 300+ freely-available, enterprise-grade projects serve as the backbone for some of the most visible and widely used applications in computing today. Through the ASF's meritocratic process known as "The Apache Way," more than 730 individual volunteer Members and 6,700 code Committers across six continents successfully collaborate on innovations in Artificial Intelligence and Deep Learning, Big Data, Build Management, Cloud Computing, Content Management, DevOps, IoT and Edge Computing, Mobile, Servers, and Web Frameworks, among other categories. 

Highlights include:
  1. Published ASF 5-year strategic plan https://www.apache.org/board/plan.html ;
  2. Established extended budget to map against strategic plan;
  3. Completed and passed first-ever financial audit: unqualified;
  4. Change in net assets for FY2017-2018: $548,630;
  5. Fundraising yielded a positive net income and raised 150% of goals;
  6. Received Bitcoin donation from Pineapple Fund valued at $1M;
  7. Launched ASF Targeted Sponsorship program;
  8. Total of 8 Platinum Sponsors, 9 Gold Sponsors, 8 Silver Sponsors, 14 Bronze Sponsors, and 4 Platinum Targeted Sponsors, 5 Gold Targeted Sponsors, 3 Silver Targeted Sponsors, and 11 Bronze Targeted Sponsors;
  9. 51 new individual ASF Members elected, bringing the total to 731;
  10. Exceeded 6,700 code Committers;
  11. 194 Top-Level communities overseeing 319 Apache projects and sub-projects;
  12. 16 newly-graduated Top-Level Projects from the Apache Incubator;
  13. 54 projects currently undergoing development in the Apache Incubator; 3 were retired;
  14. Top 5 Apache project categories: Libraries, Big Data, Network-Server, XML, and Web Frameworks;
  15. Top 5 project language distribution: Java, C, Python, C++, and JavaScript;
  16. 35M page views per week across apache.org;
  17. ~9M source code downloads served from Apache mirrors on a yearly basis (excluding convenience binaries);
  18. Web requests received from every Internet-connected country on the planet;
  19. 3,280 Committers changed 71,186,324 lines of code over 222,684 commits;
  20. ASF project contributors have added $624,946,835 worth of code;
  21. Highest code contribution value by Apache Mynewt: $61,769,063 worth of code;
  22. Top 5 Apache repositories by size: OpenOffice, NetBeans, Flex, Hadoop, and Trafodion;
  23. Top 5 Apache repositories by commits: Hadoop, Ambari, Camel, Ignite, and Beam;
  24. 21,772 authors sent 1,617,547 emails on 642,005 topics across 1,131 mailing lists
  25. Top 5 Apache developer email lists: Ignite, Kafka, Tomcat, Beam, and James;
  26. Top 5 Apache user email lists: Lucene/Solr, Ignite, Flink, Kafka, and Cassandra;
  27. 23rd anniversary of the Apache HTTP Server (19 years under the ASF umbrella);
  28. 942 Individual Contributor License Agreements (CLAs) signed;
  29. 41 Corporate Contributor License Agreements signed;
  30. 22 Software Grant Agreements signed;
  31. Apache Infrastructure services running 24x7x365 at near 100% uptime on an annual budget of less than US$5,000 per project;
  32. Expanded "GitBox" service launched to allow communities to host their read/write Git repositories on GitHub;
  33. Improved Mirror performance, build systems, and redeployment of LDAP account system;
  34. Migrated mail archive services to the cloud, consolidated domains, and enhanced/refined  monitoring;
  35. ASF serves as a mentoring organization in Google Summer of Code for 13th consecutive year;

The full report is available online at https://s.apache.org/FY2018AnnualReport

About The Apache Software Foundation (ASF)
Established in 1999, the all-volunteer Foundation oversees more than 350 leading Open Source projects, including Apache HTTP Server --the world's most popular Web server software. Through the ASF's meritocratic process known as "The Apache Way," more than 730 individual Members and 6,600 Committers across six continents successfully collaborate to develop freely available enterprise-grade software, benefiting millions of users worldwide: thousands of software solutions are distributed under the Apache License; and the community actively participates in ASF mailing lists, mentoring initiatives, and ApacheCon, the Foundation's official user conference, trainings, and expo. The ASF is a US 501(c)(3) charitable organization, funded by individual donations and corporate sponsors including Aetna, Anonymous, ARM, Bloomberg, Budget Direct, Capital One, Cerner, Cloudera, Comcast, Facebook, Google, Hortonworks, Huawei, IBM, Indeed, Inspur, LeaseWeb, Microsoft, Oath, ODPi, Pineapple Fund, Pivotal, Private Internet Access, Red Hat, Target, and Union Investment. For more information, visit http://apache.org/ and https://twitter.com/TheASF

© The Apache Software Foundation. "Apache", "Ambari", "Apache Ambari", "Beam", "Apache Beam", "Camel", "Apache Camel", "Cassandra", "Apache Cassandra", "Flex", "Apache Flex", "Flink", "Apache Flink", "Hadoop", "Apache Hadoop", "Ignite", "Apache Ignite", "James", "Apache James", "Kafka", "Apache Kafka", "Lucene/Solr", "Apache Lucene/Solr", "Mynewt", "Apache Mynewt", "NetBeans", "Apache NetBeans", "OpenOffice", "Apache OpenOffice", "Tomcat", "Apache Tomcat", "Trafodion", "Apache Trafodion", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners.

# # #

Friday July 06, 2018

The Apache News Round-up: week ending 6 July 2018

Hello Friday and welcome, July! Here we go --the Apache Community has been productive over the past week with:

Support Apache –thank you in advance for helping offset the ASF's day-to-day operating expenses! Every dollar counts.
 - Corporate matching gifts can double your individual contribution to the ASF. Add the ASF to your corporate matching gift program today http://apache.org/foundation/contributing.html#CorporateGiving

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 18 July. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series. Join us!
 - 24-27 September: Sign up for ApacheCon today and SAVE $300 http://apachecon.com/acna18/
 - 8 October: Apache Roadshow and Open Source Job Fair/Fairfax, VA --Save The Date!
 - Seeking Media and Community Partners for ApacheCon: contact press@apache.org if you can help.

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield stablized performance at 87.35% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 451 Apache contributors changed 987,908 lines of code over 2,626 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Rakesh Radhakrishnan, Till Rohrmann, mxnet-ci, and Tellier Benoit.

Apache CXF™ –an Open Source services framework.
 - Apache Apache CXF 3.2.5, 3.1.16, and CXF Fediz 1.4.4 released http://cxf.apache.org/

Apache HttpComponents™ Core –a set of low level HTTP transport components that can be used to build custom client and server side HTTP services with a minimal footprint.
 - Apache HttpComponents Core 4.4.10 released http://hc.apache.org/

Apache Jackrabbit™ –a fully conforming implementation of the Content Repository for Java Technology API (JCR).
 - Apache Jackrabbit 2.8.8 and Jackrabbit Oak 1.8.5 and 1.9.5 released https://jackrabbit.apache.org/

Apache Jena™ –a framework for developing Semantic Web and Linked Data applications in Java.
 - Apache Jena 3.8.0 released http://jena.apache.org/

Apache Kafka™ –distributed, fault tolerant, publish-subscribe messaging.
 - Apache Kafka 0.10.2.2 and 0.11.0.3 released https://kafka.apache.org/

Apache Lucene™ Solr™ –a high-performance, full-featured text search engine library written entirely in Java.
 - CVE-2018-8026: XXE vulnerability due to Apache Solr configset upload http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3C0e6d01d4145f%249ed40250%24dc7c06f0%24%40apache.org%3E

Apache OpenNLP™ –a machine learning based toolkit for the processing of natural language text.
 - Apache OpenNLP 1.9.0 released https://opennlp.apache.org/

Apache PDFBox™ –an Open Source Java tool for working with PDF documents.
 - Apache PDFBox 1.8.15 released http://pdfbox.apache.org/
 - DoS (OOM) Vulnerability in Apache PDFBox's AFMParser http://mail-archives.apache.org/mod_mbox/www-announce/201806.mbox/%3C2e123ab7-5492-d35a-1c85-7b13dbd438ec%40apache.org%3E

Apache Qpid™ JMS –pure java implementation of messaging broker supporting Advanced Message Queuing Protocols 1.0 (AMQP 1.0, ISO/IEC 19464).
 - Apache Qpid JMS 0.34.0, Qpid Dispatch 1.2.0, and Qpid Proton 0.24.0 released https://qpid.apache.org/

Apache Syncope™ –an Open Source system for managing digital identities in enterprise environments.
 - Apache Syncope 2.0.9 http://syncope.apache.org/


Did You Know?

 - Did you know that you can watch presentations from the Apache Roadshow and FOSS Backstage at https://www.youtube.com/channel/UCLDJ_V9KUOdOFSbDvPfGBxw ?

 - Did you know that Clojure MXNet has become part of the main Apache MXNet (incubating) project? http://mxnet.apache.org/

 - Did you know that you can meet members of the Apache community at the Apache booth at OSCON 18-19 July? http://oscon.com/

Apache Community Notices:

 - The Apache Software Foundation Celebrates 19 Years of Open Source Leadership "The Apache Way" https://s.apache.org/gK4Q

 - Read "Open – For Business – At the ASF" by Merv Adrian, VP Research at Gartner https://blogs.gartner.com/merv-adrian/2018/03/27/open-for-business-at-the-asf/

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - ApacheCon North America will be held 24-27 September in Montreal http://apachecon.com/

 - Save the Date: Apache Roadshow DC and Open Source/Government/Cyber/Job Fair - 8 October 2018 in Fairfax, VA http://apachecon.com/

 - ASF Quarterly Report: Operations Summary: November 2017 - January 2018 https://s.apache.org/UtBD

 - ASF FY 2017 Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation