The Apache Software Foundation Blog

Wednesday March 04, 2020

The Apache Software Foundation Operations Summary: November 2019 - January 2020


Third Quarter, Fiscal Year 2020 (November 2019 - January 2020)

"The Foundation's unique approach has created many industry standards and will likely continue to do so for many more years. Apache projects are famous not just for great technology, but for their longevity and vendor-independence."
Doug Cutting, ASF Member and Chief Architect at Cloudera (ASF Platinum Sponsor)

> Conferences and 

During this period we held two major Apache events. Q3 was fairly quiet for Conferences. We did not hold any events during this period, but were busy with early planning happening for several upcoming events.

ApacheCon North America 2020 will be held in New Orleans in September

We will be holding several Apache Roadshows in the coming months:

Sponsorship opportunities and speaking opportunities are available for all of these events.

> Community Development

One of the key themes this quarter was the discussion of how to encourage ASF participation locally by establishing Apache Local Communities (ALC). The ALC comprises local groups of Apache enthusiasts, called an 'ALC Chapter' that will be responsible for organising local Apache related events. To create the necessary oversight for these groups we have agreed a set of governance processes including how they are formed, roles and responsibilities, how events are to be organised and how to dissolve a group if it is no longer active.

We have received the requests to establish the ALC Chapters in Beijing, Warsaw and Budapest and these are currently under consideration. Our existing active ALC Chapter in Indore ran an event on Open Source and ASF Awareness for school students.

We have applied on behalf of the ASF to be a GSoC mentoring organisation for 2020 and are waiting for the response. In preparation we have setup a wiki page to collect GsoC ideas from our Apache project communities.

During January we prepared for participation in FOSDEM as we were once again allocated a booth at the event. Volunteers from many of our projects signed up to spend time on the booth or to make themselves available to talk to attendees. As usual Community Development co-ordinated the booth and managed the giveaways for the event.

As well as ApacheCon and the Apache Roadshows planned for 2020, we are continuing to actively support any third party events that we can.

Despite the holiday season our mailing list traffic has increased slightly this quarter.

> Committers and Contributions

Over the past quarter, 1,581 contributors committed 42,338 changes that amount to 14,073,594 lines of code across Apache projects. The top 5 contributors, in order, were: Tilman Hausherr (1,010 commits), Andrea Cosentino (788 commits), Mark Robert Miller (771 commits), Mark Thomas (681 commits), and Jean-Baptiste Onofré (616 commits).

All individuals who are granted write access to the Apache repositories must submit an Individual Contributor License Agreement (ICLA). Corporations that have assigned employees to work on Apache projects as part of an employment agreement may sign a Corporate CLA (CCLA) for contributing intellectual property via the corporation. Individuals or corporations donating a body of existing software or documentation to one of the Apache projects need to execute a formal Software Grant Agreement (SGA) with the ASF.

During Q3 FY2020, the ASF Secretary processed 187 ICLAs, 6 CCLAs, and 6 Software Grants. History of Apache committer growth can be seen at

> Brand Management

Operations —the work of the Brand Management team falls broadly into one of four categories:

- providing advice to projects

- granting permission to use our marks

- trademark transfers and registrations

- addressing potential infringements of our marks

The volume of work this quarter has again increased significantly compared to the previous quarter. This has mostly been driven by starting work on a number of draft policies where we are looking to clarify policy around a number of uses of Apache marks.

The topics covered in the advice provided to projects this quarter included setting up an external package registry, podling naming, community managed sites, registration of marks, 'official' social media accounts, assignment of marks, name changes, event sponsorship and linking to external support services.

This quarter has seen requests to use Apache marks for marketing material, events, books, scientifc papers, Websites, t-shirts with nearly all requests being granted, subject to our Trademark Usage Policy. The few requests that are not granted often relate to using a derivtaive of our logos --something we do not permit.

This quarter a number of the event approval discussions resulted in changes to the proposed evenmst dates to avoid clashes with other planned ASF events.

Registrations —the registration of APACHE in the US completed this quarter.

A number of registrations came up for renewal this quarter. We review each renewal as it comes up and, as a result, opted not to renew some of those registrations. The remaining renewals are in now progress.

We also started a small number of new registrations this quarter.

Infringements potential infringements are brought to our attention from both internal and external sources. The majority of infringements we see are accidental and our project communities are able to resolve these quickly and informally with occasional input from the Brand Management team. A small number of issues take longer to resolve. We made progress on some of these this quarter and hope that that progress will continue next quarter.

We continue to work to resolve the significant infringement mentioned in the last quarterly report. Along side that projects have resolved a number of minor issues during this quarter.

And finally…

The Brand Management team welcomes your comments and suggestions as well as any questions you might have. Please see for our contact details.

> Security

We continued to work on handling incoming security issues, keeping projects reminded of their outstanding issues, allocation of CVE names, and other general oversight and advice.

For Q3 we tracked 94 new vulnerability reports across 46 projects. (Q3 last year for comparison was 88 reports). Those reports led to 37 published CVE vulnerabilities.

We published metrics for the whole of 2019 including discussion of high severity issues in a report 

> Privacy

The board has rekindled the privacy effort. Currently we're working on three parallel tracks; developing a general policy from which we can derive day to day implementations and operating procedures, capturing/collecting the areas where we know we've historically dropped balls while also dealing with the day to day operational aspects (such as requests). The complexity is that we have on the one hand the purpose of the Apache Software Foundation; allowing a community to develop code for the common good. With all that that entails (such as having healthy, transparent and trust in the community). And on the other hands we have the rights and worries of both those in our community and our end users; whose privacy we would like to protect as well as we can. And the two can collide; e.g. for a software grant or things having to do with finance; we need to keep a fair amount of personally identifiable information on file. But at the same time - we want to protect the privacy of our community. Yet for the health of our community - a certain level of transparency is needed; as do some governance processes (e.g. those where developers approve a release as an official release of the foundation). For next two quarters the focus will likely shift to developing SoP's for day to day implementation (and automation) & hunting down where we have 'needless' data.

> Infrastructure

This quarter has been relatively quiet for the Infrastructure team, given the holidays and New Year.

Our biggest highlight was hiring Andrew Wetmore as a Technical Writer and Editor, to bring his experience to our set of web pages, wiki content, and assorted documentation. For twenty years, the Foundation has organically written a large number of words. Andrew will corral this set of content into a coherent whole, with two goals in mind: to assist our development community with information about Infrastructure and its services, and to provide better guidance to users and new community members.

Continuing with a reflection of our history, we have decades of email archives. These have been provided on to the public. This quarter, we finally announced the decommission of our old archive system, in favor of the service. The archive will be turned off some time during the next quarter, with redirects left in place to handle the myriad of links established over time.

For many years, the Foundation has been investing in CI/CD (Continuous Integration / Continuous Development). Primarily through our Jenkins installation, but also through integrations with third-party services. We have begun testing new Jenkins-based tooling to improve our management of clusters of nodes for assignment/use by our projects.

Our hope is this will help us continue to scale with the increasing demands of the Apache communities.

Fundraising is pleased to report another successful quarter of smooth operations. Renewals and business-as-usual work has been executed as planned. We've had a "typical" flow of new Sponsors and returning Sponsors with a few exciting Sponsor "upgrades" this quarter. This quarter we also completed our first targeted cash donation to an Apache project (Cordova).

We're pleased to also report further participation and "cross department" collaboration within The ASF. Fundraising support for Events has remained a focus this quarter as we ramp up for the several 2020 events. Additional focus is being placed on documentation, process, repeatability, and ensuring our Event Sponsors have a smooth experience all around. TAC and Fundraising are also collaborating more to encourage Event participation via Targeted Sponsorships -- more to come!

Process-wise, we continue improving the internals of the Fundraising mechanics to ensure smooth operation as well as improved documentation. We've recently adopted an improved procedure for meeting minutes and action items to further ensure nothing falls through the cracks.

Our planned outreach activities are all on track for Sponsors and we remain responsive to changes in organizational structures as our contacts enter and depart roles. We enjoyed meeting several of our Sponsors at COSCon in Shanghai in early November. Finally, we also updated our link policy for the "thanks page" to comply with popular webmaster recommendations by adding rel="sponsored" tags to new links and upon Sponsor renewals.

We are delighted to share the results of a very successful individual giving campaign that ran from late November through the end of calendar year 2019. The proceeds of the campaign were $14,240 in total which represents a 222% increase from previous years! The donations were comprised of 112 individual donations and 3 corporate gifts. We truly felt the love as some donations included heartfelt notes of thanks and encouragement for our mission.

Thank you to all our Sponsors --

  • PLATINUM: Amazon Web Services, Cloudera, Comcast, Facebook, Google, LeaseWeb, Microsoft, Pineapple Fund, Verizon Media, Tencent
  • GOLD: Anonymous, ARM, Bloomberg, Handshake, Huawei, IBM, Indeed, Union Investment, Workday
  • SILVER: Aetna, Alibaba Cloud Computing, Baidu, Budget Direct, Capital One, Cerner, Inspur, ODPi, Private Internet Access, Red Hat, Target
  • BRONZE: Airport Rentals, The Blog Starter, Bookmakers, Cash Store,, CarGurus, Casino2k, Cloudsoft, The Economic Secretariat, Emerio, Footprints Recruiting, Gundry MD,, Host Advice,, Journal Review, LeoVegas Indian Online Casino, Mutuo Kredit AG, Online Holland Casino, ProPrivacy, PureVPN, RX-M,, Site Builder Report, Start a Blog by Ryan Robinson, Talend, The Best VPN, Top10VPN, Twitter, Web Hosting Secret Revealed, Xplenty
  • TARGETED PLATINUM: CloudBees, DLA Piper, JetBrains, Microsoft, OSU Open Source Labs, Sonatype, Verizon Media
  • TARGETED GOLD: Atlassian, The CrytpoFund, Datadog, PhoenixNAP, Quenda
  • TARGETED SILVER: Amazon Web Services, HotWax Systems, Rackspace
  • TARGETED BRONZE: Bintray, Education Networks of America, Google, Hopsie, No-IP, PagerDuty, Peregrine Computer Consultants Corporation,, SURFnet, Virtru

To sponsor The Apache Software Foundation, visit . To make a one-time or monthly recurring donation, please visit

= = =

Report prepared by Sally Khudairi, Vice President Marketing & Publicity, with contributions by Rich Bowen, Vice President Conferences; Mark Cox, Vice President Security; Sharan Foga, Vice President Community Development; Myrle Krantz, Treasurer; David Nalley, Vice President Infrastructure; Tom Pappas, Vice President Finance; Daniel Ruggeri, Vice President Fundraising; Greg Stein, ASF Infrastructure Administrator; Mark Thomas, Vice President Brand Management; and Dirk-Willem van Gulik, Vice President Data Privacy.

For more information, subscribe to the mailing list and visit, the ASF Blog at, the @TheASF on Twitter, and

(c) The Apache Software Foundation 2020.

# # #

Success at Apache: Google Summer of Code Mentorship --inside the GSoC 2019 Mentor Summit

by Sanyam Goel & Kevin A. McGrail

Sanyam first came to the ASF as a Google Summer of Code (GSoC) student in 2017; since then he has become a committer and contributor to Apache Fineract and active participant with Apache community initiatives. Sanyam, along with Kevin (a.k.a. “KAM”), a long-time  ASF Member involved with the Apache Incubator and SpamAssassin projects, were selected to represent the Apache Software Foundation at GSoC’s 2019 Mentor Summit.

Google Summer of Code is a global program focused on introducing students to open source software development. Students work on a 3 month programming project with an open source organization during their break from university.

Since its inception in 2005, the program has brought together 15,000+ student participants and 25,000+ mentors from over 118 countries worldwide. Google Summer of Code has produced 36,000,000+ lines of code for 686 open source organizations.

As a part of Google Summer of Code, student participants are paired with a mentor from the participating organizations, gaining exposure to real-world software development and techniques. Students have the opportunity to spend the break between their school semesters earning a stipend while working in areas related to their interests.

About the ASF and GSOoC: “The Apache Software Foundation has been a GSoC mentoring organization every year since the program’s inception. As a mentoring organization, the ASF is able to draw attention and new talent to many of its projects; Apache projects benefit from contributions and galvanize new community members by mentoring students; and students have an invaluable opportunity to gain experience by working directly with the individuals behind Apache projects. This, in turn, enriches the Apache community as a whole, and furthers the ASF’s mission of providing software for the public good.”

At the ASF, GSoC is overseen by Apache Community Development (“ComDev”), the committee that welcomes new participants to the Apache community and mentors them in “The Apache Way”. Former ComDev VP and Google Summer of Code administrator Ulrich Stärk, along with Apache OpenMeetings VP and GSoC mentor, Maxim Solodovnik, helped lead the ASF’s participation in GSoC this year, with the support of numerous Apache community members.

The ASF provides an established framework for intellectual property and financial contributions that simultaneously limits contributors potential legal exposure. Through a collaborative and meritocratic development process known as “The Apache Way”, Apache projects deliver enterprise-grade, freely available software products that attract large communities of users. The pragmatic Apache License makes it easy for all users, commercial and individual, to deploy Apache products.

As we gear up for Google Summer of Code 2020, we wanted to take a moment and share some of the experiences from last year’s GSOC!

In Google Summer of Code 2019, 23 students were selected by a careful analysis and ranking.  17 students successfully completed their Google Summer of Code projects with the support of 45 mentors spread across dozens of Apache projects that include Allura, AsterixDB, Beam, Camel, Fineract, Gora, Kudu, Mnemonic, Nemo (Incubating), OODT, SpamAssassin, and more.

Quick Report on the GSoC 2019 Numbers for

Accepted projects: 23

1st evaluation: 22 passed, 1 failed

2nd evaluation: 17 passed, 5 failed

3rd evaluation: all passed

Total Apache Mentors: 45

Sanyam and KAM were lucky enough to be selected as the delegates of the Apache Software Foundation for the GSoC Mentor Summit & the 15th GSoC anniversary.

On 10th March 2019 we got our invitations from Google: “You have been invited to be a Mentor for The Apache Software Foundation in Google Summer of Code 2019”.

With this invitation, there comes a huge pool of responsibilities to mentor students.  For Sanyam, it was his first time to provide mentorship at such a great level and to drive the complete project with the college student.

Sanyam: “By providing the complete guidance throughout the GSoC Period at the same time, though I had provided mentorship to at the university level to juniors in college. I also learned to manage the project and how to play the role of project lead to fulfill the project with the timelines with the student.

I was really excited to meet Google Open Source team in person and Kevin A. Mc Grail (KAM) along with 332 mentors from 162 organizations and 42 countries to share their ideas about open source and to discuss their experience of GSoC 2019. I would like to thank Ulrich Stärk and Maxim Solodovnik for serving as an organization admin for the ASF community.”


Day 1: Thursday | Munich, Germany - Marriott München

Day 1 of the summit is started by checkin into the Marriott Hotel, where we met the Google OPSO team just near the entrance and reception of the hotel.

Google OPSO team was very welcoming and welcomed every mentor by providing a Goodie bag along with a mouth watering sweet.

At the reception, we met Mario Behling from FOSSASIA community along with mentors from various organisations like Mifos Initiative, SCoRE Labs and DBpedia where we talked about the pocket science project. 

Then we all headed to lunch, where we met dove into the discussions about the OSS and how umbrella organisation manages the student applications to select the students for Google Summer of Code.

GSoC Mentor Summit started with the opening reception dinner along with opening notes from the Google OPSO team which lead to a small game named as person scavenger hunt which had a sole purpose to connect and meet the mentors from different organisations and to interact with them to discuss more about open source with some drinks and food.


Day 2: Friday | Munich, Germany - Fun Day (City Scavenger hunt / Castle Tour)

On the celebration of the 15th anniversary of GSoC, Google allocated an extra day this year at the mentor summit for fun activities like Castle tour and City Scavenger hunt.

Sanyam participated in the Scavenger hunt where some group of mentors had to explore the city on their own to find the clues and the top 2 teams got the prize. Sanyam was lucky enough to be with the winners team. And some mentors like KAM went for a really nice castle tour thanks to our host, Google.

The day ended up with informal conversations among the mentors over dinner and games in the ballroom of the Marriott.


Day 3: Saturday | Munich, Germany - Unconferences (Yay!!)

Day 3 was one of the most exciting days at the event. We had a lot of sessions organized by different organisations in the form of an unconference, which is “a loosely structured conference emphasizing the informal exchange of information and ideas between participants, rather than following a conventionally structured programme of events.”

Mentors organized the unconference sessions on Saturday and Sunday. The unconference slots were planned with two rounds of lightning talks but ended with three rounds of lightning talks :-). A lightning talk is a platform for organisations to present on the work of their GSoC 2019 and GCI 2018 for 3 minutes. KAM also presented a lightning talk for ASF and Apache SpamAssassin on Saturday morning.

After lunch, all the mentors and the Google OPSO team gathered in a lawn just outside the Marriott for a group photograph.

[“GSoC 2019 Mentors Photo”]

We were involved in various unconferences sessions like:

How to get more Women interested in FOSS

The Fundraising Session (Presented by Kevin A. McGrail)

Source code preservation

Google Season of Docs (GSoD)

Intro to licenses and why we need them

After attending all the talks, we also discussed how to retain students after the completion of the GSoC period.

After the last lightning talk we all managed to spend some more time together to enjoy dinner, playing foosball, making funny poses on the photo booth along with enjoying the famous chocolate room (Oh, did we forget to mention about the famous chocolate table? This year, Google managed to have a complete room of chocolates!) where mentors across the globe shared the local country chocolates with each other!

Day 4: Sunday | Munich, Germany - Final day  :( 

Unfortunately, it was the last day of the mentor summit. The day started with continuation of lightning talks where Sanyam and KAM almost managed to attend all the lightning talks and got to know more about the other GSoC organisations and their amazing projects from GSoC 2019.

We attended some more unconference sessions on the following topics

GCI Info & Feedback with Google

GSoC Feedback session

Breaking the barrier for the newcomers

Interviews at Silicon Valley

Then we all headed for the final lunch of the summit.  By this point, most of us knew each other and some are planning to extend the trip by visiting some other cities, or some are planning to return back to their home countries. We all gathered for the closing session and all mentors had made a great network of cool people in the open source community!

We have also met a lot of mentors who were previously GSoC students. We had a lot of discussions about the experiences of being a student as well as a mentor, what motivated them to become a mentor and how they're contributing to their community.

Left to Right: Joey Schlichting, Sanyam Goel & Kevin A. McGrail

Overall, it was one of the lifetime experiences for every representative. The trip was full of memories and we got to learn so much, we also made new and special friends throughout the summit.

The GSoC Mentor Summit-2019 was a wonderful experience and we would like to thank the Google, The Apache Software Foundation, and once again, the ASF GSoC Organisation Admins, Ulrich Stärk and Maxim Solodovnik and the event hosts from the Google Open Source Team.

GSoC 2020 is underway now and we are just gathering project ideas and mentors.  Students looking to get involved, please see

Sanyam Goel started his journey with ASF by participating in GSoC 2017 as a student and continued contributing actively to OSS, currently serving as a committer of Apache Fineract. He also participated as a mentor in Google Code In and Outreachy programs for Mifos Initiative and DIAL community and always keen to spread the word about OSS to create an impact around the globe and focus on reducing the barriers for newcomers into OSS.

Kevin A. McGrail, better known as KAM, is a VP emeritus of the Apache SpamAssassin project where he has battled spammers for years.  In addition to helping the SpamAssassin project, he has served as in the office of treasurer and fundraising for the Apache Software Foundation.  He is also a member of the Apache Incubator project where he mentors new projects at the ASF including echarts, IoTDB & brpc. In his $dayjob, he works at doing cybersecurity for critical infrastructure.

= = =

"Success at Apache" is a monthly blog series that focuses on the processes behind why the ASF "just works" 



Hot Blogs (today's hits)

Tag Cloud