The Apache Software Foundation Blog

Friday March 26, 2021

The Apache News Round-up: week ending 26 March 2021

Farewell, March --we're wrapping up the month with another great week. Here are the latest updates on the Apache community's activities:

It's our anniversary! The Apache® Software Foundation Celebrates 22 Years of Open Source Leadership – world’s largest Open Source foundation advances community-led innovation "The Apache Way" https://s.apache.org/22ndAnniversay

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - The Apache Software Foundation Operations Summary: Q3 FY2021 (November 2020 - January 2021) https://s.apache.org/Q3FY2021 + Video highlights https://youtu.be/S6FWqAuA_8M
 - Next Board Meeting: 21 April 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - CFPs open for ApacheCon@Home AND ApacheCon Asia https://www.apachecon.com/ 
 - Event Sponsorship available for both ApacheCon@Home and ApacheCon Asia https://www.apachecon.com/acah2021/2021_ApacheCon_prospectus.pdf

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.85%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 380 Apache Committers changed 2,537,583 lines of code over 3,380 commits. Top 5 contributors, in order, are: Mark Thomas, Alexander Pucher, Tilman Hausherr, Claus Ibsen, and Andrea Cosentino.       

Apache Project Announcements – the latest updates by category.

Application Servers/Middleware --
 - Apache Karaf 4.2.11 released https://karaf.apache.org/

Big Data --
 - Apache Qpid JMS 0.57.0 released https://qpid.apache.org/
 - Apache Parquet 1.12.0 released https://parquet.apache.org/

Content --
 - Apache PDFBox 2.0.23 released https://pdfbox.apache.org/
 - Apache PDFBox CVE-2021-27807: A carefully crafted PDF file can trigger an infinite loop while loading the file https://s.apache.org/6qk90
   and CVE-2021-27906: A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file https://s.apache.org/cz894

Enterprise Processes Automation / ERP --
 - Apache OFBiz 17.12.06 released https://ofbiz.apache.org/
 - Apache OFBiz CVE-2021-26295: RCE vulnerability due to Java serialization using RMI https://s.apache.org/styah

Mail --
 - Apache SpamAssassin 3.4.5 released http://spamassassin.apache.org/
 - Apache SpamAssassin CVE-2020-1946: Malicious rule configuration (.cf) files can be configured to run system commands https://s.apache.org/g5s6w


Did You Know?

- Did you know that you can help improve the Apache Flink community experience by completing their Community Survey before 30 March? https://s.apache.org/4xv8n

- Did you know that the Ignite Summit will take place online on 25 May? https://ignite.apache.org/

- Did you know that Apache Hop (incubating) will be presenting "The Road to Hop 1.0" at their Hot Hop Hangout session on 1 April? https://s.apache.org/ypt6f


Apache Community Notices

- The Apache Month in Review: February 2021 https://s.apache.org/Feb2021 + Video highlights https://youtu.be/6TMuYglu2Cc

- Apache in 2020 - By The Digits https://s.apache.org/Apache2020Digits + Video highlights https://s.apache.org/Apache2020Digits-vid

- ASF Security Report 2020 https://s.apache.org/SecurityReport2020 + Video highlights https://youtu.be/Z7yudar_da0

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation 

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - All presentations from ApacheCon@Home are available at https://www.youtube.com/c/TheApacheFoundation/ 

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet 
    Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
    Drew Foulks https://s.apache.org/InsideInfra-Drew
    Greg Stein Part I https://s.apache.org/InsideInfra-Greg
      ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
    Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
    Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
    Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
    Chris Lambertus Part I  https://s.apache.org/InsideInfra-ChrisL  and Part II https://s.apache.org/InsideInfra-ChrisL2

 - ASF Targeted Sponsor Manning Publications is offering special deals on the latest books on Apache Airflow, Pulsar, Spark, and Thrift, among other titles and eBooks https://deals.manning.com/the-latest-apache-innovations/

 - Follow the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Friend and follow the Apache Community on Facebook https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Wednesday March 24, 2021

The Apache® Software Foundation Celebrates 22 Years of Open Source Innovation "The Apache Way"

World's largest Open Source foundation provides $22B+ in community-led software 100% free of charge for the common good

Wilmington, DE —24 March 2021— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today its 22nd Anniversary.

Originally established by the 21-member Apache Group, who oversaw the then-3-year-old Apache HTTP Server, the ASF today is the world's largest, vendor-neutral, Open Source foundation, comprising 800+ individual Members, 8,100+ Committers, and 40,000+ code contributors located on every continent. Conservatively valued at more than $22B, Apache’s 350+ projects and 37 incubating podlings are all freely-available to the public-at-large, at 100% no cost, and with no licensing fees.

"Over the past 22 years the ASF has evolved to meet the growing needs of the greater community," said Sander Striker, Board Chair of The Apache Software Foundation. "The ASF enables people from all over the world to collaborate, develop, and shepherd the projects and communities that are helping individuals, sustaining businesses, and transforming industries."

Advancing its mission of providing software for the public good, the ASF's projects are integral to nearly every aspect of modern computing, benefitting billions worldwide. The "Apache Way" process of community-led, collaborative development has led to breakthrough innovations in Artificial Intelligence and Deep Learning, Big Data, Build Management, Cloud Computing, Content Delivery and Management, Edge Computing and IoT, Fintech, Identity Management, Integration, Libraries, Messaging, Mobile, Search, Security, Servers, and Web Frameworks, among other categories. Projects undergoing development in the Apache Incubator span AI, Big Data, blockchain, Cloud computing, cryptography, deep learning, email, IoT, machine learning, microservices, mobile, operating systems, testing, visualization, and more.

Nearly half a million people participate in ASF projects and initiatives, including ApacheCon, the ASF's official global conference series; Community Development, which oversees contributor onboarding and mentoring and programs such as Google Summer of Code; and Diversity & Inclusion, whose programs promote diversity, equity, and inclusion across the greater Apache community.

The ASF's influence is everywhere —countless ubiquitous and mission-critical applications across dozens of industries are powered by Apache projects; the Apache License 2.0 was the top-ranked Open Source license in 2020 (source: WhiteSource); the Apache Way is the backbone for open development and inner source environments; and new users, developers, and enthusiasts are onboarding to the greater Apache community every day (the ASF has been a Google Summer of Code mentoring organization for the past 16 years, since the program's inception). The ASF is the top-ranked Open Source not-for-profit organization with the most stars on GitHub (source: GitHub).

A just-released feature on the ASF in FOSSlife [1] states, "The Apache project has undeniably changed the world … Apache remains a crucial Web server, the most popular in the field. For building Open Source communities, the lessons learned by creating the project still resonate throughout the open source world. Every project is advised to respect the Apache value of 'community over code'."

ASF operations bolster Apache projects and their communities with infrastructure support, bandwidth, connectivity, servers, hardware, development environments, legal counsel, accounting services, trademark protection, marketing and publicity, educational events, and related administrative assistance. As a United States private 501(c)(3) not-for-profit charitable organization, the ASF's day-to-day operating expenses are offset through tax-deductible sponsorships, corporate contributions, and individual donations. Current ASF Sponsors are:

Platinum: Amazon Web Services, Facebook, Google, Huawei, Microsoft, Namebase, Pineapple Fund, Tencent, and Verizon Media.

Gold: Anonymous, Baidu, Bloomberg, Cloudera, Confluent, IBM, Indeed, Reprise Software, Union Investment, and Workday.

Silver: Aetna, Alibaba Cloud Computing, Capital One, Comcast, Didi Chuxing, Red Hat, and Target.

Bronze: Bestecasinobonussen.nl, Bookmakers, Casino2k, Cerner, Curity, GridGain, Gundry MD, Host Advice, HotWax Systems, Journal Review, LeoVegas Indian Online Casino, Miro-Kredit AG, Mutuo Kredit AG, Online Holland Casino, ProPrivacy, PureVPN, RX-M, RenaissanceRe, SCAMS.info, SevenJackpots.com, Start a Blog by Ryan Robinson, Talend, The Best VPN, The Blog Starter, The Economic Secretariat, Top10VPN, Twitter, and Writers Per Hour.

Targeted Platinum: Amazon Web Services, CloudBees, DLA Piper, Fastly, JetBrains, Leaseweb, Microsoft, OSU Open Source Labs, Sonatype, and Verizon Media.

Targeted Gold: Atlassian, Datadog, Docker, PhoenixNAP, and Quenda.

Targeted Silver: HotWax Systems, Manning Publications, and Rackspace.

Targeted Bronze: Bintray, Education Networks of America, Friend of Apache Cordova, Google, Hopsie, No-IP, PagerDuty, Peregrine Computer Consultants Corporation, Sonic.net, SURFnet, and Virtru.

"Baidu has always maintained close cooperation with Apache Software Foundation. In the past, we donated Apache ECharts, Apache Doris, Apache brpc, and Apache Teaclave. We are very grateful to Apache way for promoting the growth of these projects and enabling Baidu to make greater contributions to the open source world together with ASF."
—Zhenyu Hou, Corporate Vice President of Baidu Group

"Congratulations to the Apache Software Foundation on its twenty-second anniversary! If it were not for ASF's work to incubate and steward open source projects, the internet community would not be thriving to the same degree. Open source is enabling our digital prosperity, and the ASF plays a key, behind-the-scenes role in this. We share their vision for the availability of trustworthy open-source software and are proud to be a sponsor."
—Travis Spencer, CEO of Curity

"Congratulations to the 22nd anniversary of the Apache Software Foundation! Didi Chuxing is more than honored to join the Apache family as a corporate sponsor this year. At Didi, our developers utilize and contribute to many Apache projects such as Hadoop, Kylin, and Flink etc. Sharing the same “Community Over Code” principle, we hope to drive more innovations with Apache and we look forward to further collaborations!"
—Yunbo Wang, Director of Technical Community and Open Source at Didi Chuxing

"Facebook was originally built on a stack using the Apache HTTP Server, and it's one of the many reasons we've been sponsoring, advocating, utilizing, and contributing to the ASF for the past 10 years. We're proud to be a part of the ASF community and look forward to continued support of its mission to provide Open Source software for the public good."
—Joel Marcey, Open Source Developer Advocate and Ecosystem Lead at Facebook

"We are honored to be a part of and proud to support the ASF! The Apache community continues to be an incredibly valuable resource for HotWax. Contributing to and receiving from the ASF remains a central focal point for our business, and an important part of our team philosophy."
—Mike Bates, CEO of HotWax Systems

"It is an honor to support Apache, an organization responsible for such an astounding amount of Open Source projects that truly make up the fabric of the Internet. Here's to all that's been accomplished in the last 22 years – we can't wait to see what the future of open development brings."
—Robert van der Meulen, Global Product Strategy Lead at Leaseweb

"We're extending a big congratulations to the Apache Software Foundation on their 22nd anniversary! The ASF has been a key driver for the success of open source software models and community-led development for over two decades. Microsoft is honored to engage with and contribute to the Apache community across many facets of our business including Azure big data, Hadoop and Spark – and we look forward to continuing the collaboration."
—Stormy Peters, Director of Open Source Programs Office at Microsoft

"Congratulations to the Apache Software Foundation on its 22nd anniversary! Tencent has been a user and contributor to the projects at ASF. Many developers from Tencent have been actively involved with the ASF projects as Chair or PMC. We look forward to continuing our collaboration and creating more open-source innovations with 'The Apache Way'."
—Mark Shan, Chair of Tencent Open Source Alliance


[1] FOSSlife "How the Apache Project Boosted the Free and Open Source Software Movements" https://www.fosslife.org/how-apache-project-boosted-free-and-open-source-software-movements

Additional ASF Resources

 - "Trillions and Trillions Served" documentary on the ASF https://s.apache.org/Trillions-Feature

 - About The Apache Way http://apache.org/theapacheway/

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - FY2020 Annual Report https://s.apache.org/FY2020AnnualReport

 - Ways to support the ASF http://apache.org/foundation/contributing.html


About The Apache Software Foundation (ASF)
Established in 1999, The Apache Software Foundation is the world's largest Open Source foundation, stewarding 227M+ lines of code and providing more than $22B+ worth of software to the public at 100% no cost. The ASF's all-volunteer community grew from 21 original founders overseeing the Apache HTTP Server to 813 individual Members and 206 Project Management Committees who successfully lead 350+ Apache projects and initiatives in collaboration with nearly 8,100 Committers through the ASF’s meritocratic process known as "The Apache Way". Apache software is integral to nearly every end user computing device, from laptops to tablets to mobile devices across enterprises and mission-critical applications. Apache projects power most of the Internet, manage exabytes of data, execute teraflops of operations, and store billions of objects in virtually every industry. The commercially-friendly and permissive Apache License v2 is an Open Source industry standard, helping launch billion dollar corporations and benefiting countless users worldwide. The ASF is a US 501(c)(3) not-for-profit charitable organization funded by individual donations and corporate sponsors including Aetna, Alibaba Cloud Computing, Amazon Web Services, Anonymous, Baidu, Bloomberg, Capital One, Cloudera, Comcast, Confluent, Didi Chuxing, Facebook, Google, Huawei, IBM, Indeed, Microsoft, Namebase, Pineapple Fund, Red Hat, Reprise Software, Target, Tencent, Union Investment, Verizon Media, and Workday. For more information, visit http://apache.org/ and https://twitter.com/TheASF

© The Apache Software Foundation. "Apache", "Apache HTTP Server", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners.

# # #

Friday March 19, 2021

The Apache News Round-up: week ending 19 March 2021

And it's Friday! Let's take a look at what the Apache community has been up to over the past week:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - The Apache Software Foundation Operations Summary: Q3 FY2021 (November 2020 - January 2021) https://s.apache.org/Q3FY2021
 - Next Board Meeting: 21 April 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - CFPs open for ApacheCon@Home AND ApacheCon Asia: proposals now accepted for both events! Tracks include API/Microservices, Big Data, Cassandra, Community, Content Delivery & Management, Culture, Drill, Fineract/Fintech, Geospatial, Groovy, Incubator, Integration, IoT/IIoT, Karaf, Messaging, Middleware, Observability, Royale, RDF/Linked Data, Search, Social Data, Streaming, Tomcat, and more. https://www.apachecon.com/ 
 - Event Sponsorship available, including package deals for a global presence at both events! https://www.apachecon.com/acah2021/2021_ApacheCon_prospectus.pdf

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.38%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 400 Apache Committers changed 3,004,173 lines of code over 3,661 commits. Top 5 contributors, in order, are: Andrea Cosentino, Claus Ibsen, Daan Hoogland, Gary Gregory, and Mark Thomas.                           

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache NiFi 1.13.1 released http://nifi.apache.org/
 - Apache Avro 1.10.2 released https://avro.apache.org/

Libraries --
 - Apache Log4j 2.14.1 released http://logging.apache.org/
 - Apache XMLBeans 5.0.0 released  https://xmlbeans.apache.org/

Servers --
 - Apache HttpComponents Core 5.1 GA released https://hc.apache.org/

Web Conferencing --
 - Apache OpenMeetings CVE-2021-27576: Bandwidth can be overloaded with public web service https://s.apache.org/2pj12


Did You Know?

- Did you know that the ASF provides a comprehensive list of Export Control Classification Numbers (ECCNs) for more than 50 Apache projects subject to export controls? https://apache.org/licenses/exports/

- Did you know that the CFP for Airflow Summit (8-16 July 2021) is now open? https://airflowsummit.org/ 

- Did you know that the Apache Druid community will be holding "drop-in" MeetUps on 23 and 31 March? http://druid.apache.org/


Apache Community Notices

- The Apache Month in Review: February 2021 https://s.apache.org/Feb2021 + Video highlights https://youtu.be/6TMuYglu2Cc

- Apache in 2020 - By The Digits https://s.apache.org/Apache2020Digits + Video highlights https://s.apache.org/Apache2020Digits-vid

- ASF Security Report 2020 https://s.apache.org/SecurityReport2020 + Video highlights https://youtu.be/Z7yudar_da0

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation 

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - All presentations from ApacheCon@Home are available at https://www.youtube.com/c/TheApacheFoundation/ 

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet 
    Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
    Drew Foulks https://s.apache.org/InsideInfra-Drew
    Greg Stein Part I https://s.apache.org/InsideInfra-Greg
      ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
    Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
    Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
    Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
    Chris Lambertus Part I  https://s.apache.org/InsideInfra-ChrisL  and Part II https://s.apache.org/InsideInfra-ChrisL2

 - ASF Targeted Sponsor Manning Publications is offering special deals on the latest books on Apache Airflow, Pulsar, Spark, and Thrift, among other titles and eBooks https://deals.manning.com/the-latest-apache-innovations/

 - Follow the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Friend and follow the Apache Community on Facebook https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.


Monday March 15, 2021

The Apache Software Foundation Operations Summary: 1 November 2020 - 31 January 2021

FOUNDATION OPERATIONS SUMMARY

Third Quarter, Fiscal Year 2021 (November 2020 - January 2021)

"We’re proud to be a part of the ASF community and look forward to continued support of its mission to provide Open Source software for the public good."
—Joel Marcey, Open Source Developer Advocate and Ecosystem Lead at Facebook (ASF Platinum Sponsor)


> Conferences and Events http://apachecon.com/ 

We held no events during the reporting period.

We have begun discussion of dates and details for ApacheCon 2021, and expect to have an announcement by March 1st. This event will, once again, be an online-only event.

Please watch @apachecon (on Twitter) for that announcement.

> Community Development http://community.apache.org/ 

During December an Apache Roadshow China was held in conjunction with COSCon. The event was a great success and we are looking forward to participation at future events.

A key theme this quarter was communication and ensuring our community was being kept informed of what is happening. As a result, we have been experimenting with a new format for the Apache News Roundup have been trialling it with the community. A range of short videos have been created focussed on different but hopefully useful topics. Feedback from the community has been extremely positive.

We applied for and were accepted for an online booth at FOSDEM. Throughout January most of our efforts were focussed on preparing for our participation at FOSDEM. Even with the very short timeframe,  several of our volunteers worked quickly and efficiently to put together an online presence for us during the event.

A request has been received to try and establish an Apache Local Community (ALC) in Nigeria so we are currently looking for an ASF member or PMC members from any Apache project that live locally that can become the main point of contact. These are part of the minimum requirements for governance when establishing a new ALC group.

We are in the final stages of our Google Summer of Code (GSoC) application so have also been gathering ideas from our projects.

Our mailing list has seen a large increase in traffic this quarter. Some of the increase is related to GSoC proposal requests being received from our projects. Yet even with the break for the holidays, it was good to see our discussion activity grow.  


> Committers and Contributions http://apache.org/licenses/contributor-agreements.html 

Over the past quarter, 1,424 contributors committed 64,101 changes that amount to 35,706,852 lines of code across Apache projects. The top 5 contributors, in order, were: Andrea Cosentino (1,544 commits), Xiang Xiao (1,301 commits), Jean-Baptiste Onofré (971 commits), Kaxil Naik (907 commits), and Gary Gregory (878 commits).

All individuals who are granted write access to the Apache repositories must submit an Individual Contributor License Agreement (ICLA). Corporations that have assigned employees to work on Apache projects as part of an employment agreement may sign a Corporate CLA (CCLA) for contributing intellectual property via the corporation. Individuals or corporations donating a body of existing software or documentation to one of the Apache projects need to execute a formal Software Grant Agreement (SGA) with the ASF.

During Q3 FY2021, the ASF Secretary processed 198 ICLAs, 4 CCLAs, and 16 Software Grants. History of Apache committer growth can be seen at https://projects.apache.org/timelines.html


> Brand Management http://apache.org/foundation/marks/ 

Operations —the work of the Brand Management team falls broadly into one of four categories:

  • providing advice to projects
  • granting permission to use our marks
  • trademark transfers and registrations
  • addressing potential infringements of our marks

As with previous quarters we provided both Apache projects and external parties with advice on the correct use of Apache marks in a range of scenarios including branding of YouTube channels, Docker images Registrations, publishing, translations of project websites, tshirts, and stickers. The COVID-19 pandemic doesn't appear to reduced the number of project related events although all of the ones approves this quarter were, unsurprisingly, on-line events.

This quarter we worked with the KAFKA project and counsel to develop a KAFKA specific branding policy for KAFKA clients and connectors.

Another element of the advice we provide is naming advice for podlings. This quarter we provided advice to a project considering applying to join the Apache incubator and to three podlings.

Other advice provided this quarter included advice on using non-ASF logos on a project website and whether or not a project's mark was registered. We also rejected a mid-directed infringement claim for a non-ASF controlled website that just happened to be hosted on httpd.

Registrations

This quarter we started the process of updating the official ASF address associated with our registrations. There are costs associated with this process but we still anticipate brand expenditure for this year to remain within budget.

The APACHE IGNITE registration for China completed this quarter.

The registrations for APACHE and APACHE FLINK in China, BROOKLYN in the US continued to progress this quarter. 

We worked with counsel and the current registrants to progress the transfer of ownership of the APISIX marks in China and SERVICECOMB marks in the US and EU to the ASF.

Infringements

This quarter we saw an increase in people and organisations using derivations of the Apache License, version 2 without changing the primary branding of the license. While we do not object to the creation of such derivative licenses, we do want to ensure that they do not cause

confusion amongst end-users. Therefore, we monitor for such licenses and work with the authors to ensure that the licenses are clearly branded so that they will not be confused with the Apache License, version 2.

We have made some progress towards addressing infringing products sold in various online stores but have not yet resolved these issues.

It is usually members of our project communities who are first to identify potential infringements. This quarter we provided advice to a number of PMCs as to the best approach to take to address a potential infringement.

And finally…

The Brand Management team welcomes your comments and suggestions as well as any questions you might have. Please see https://www.apache.org/foundation/marks/contact for our contact details.

> Security http://apache.org/security/ 

We continued to work on handling incoming security issues, keeping projects reminded of their outstanding issues, allocation of CVE names, and other general oversight and advice.

For Q3 we tracked 138 new vulnerability reports across 47 projects. Those reports led to 36 published CVE vulnerabilities.  The previous Q3 for comparison was 95 reports leading to 41 CVE.

We published a security report for calendar year 2020: https://s.apache.org/SecurityReport2020

The CVE project released a new automation API and the ASF became the first organisation to get a live CVE name using it. Instead of the security team holding a pool of names requested in advance we now allocate them on demand, with the service taking care of emails to the PMC and other previously manual parts of the process.  We released an internal tool providing projects dealing with security issues a way to edit, validate, and submit their entries to Mitre.  We aim to have the CVE database updated within a day of an issue being published. We expect more automation available during 2021 allowing us to streamline the CVE process for projects even further.


> Privacy http://apache.org/foundation/policies/privacy.html 

A few questions were answered on the privacy list. Most of the requests were around our use of the mailing lists. It was recommended that any person, who has privacy concerns over mailing list data, is redirected to vp-privacy@ or to the privacy@ list directly (if the request is not sensitive itself).

A GIT repository was created for working on policies. Apart from that, privacy did not handle critical issues so far. In the next few weeks we will see working drafts for mailing list archives.


>  Infrastructure http://apache.org/dev/infrastructure.html

The Infrastructure has done well over the past quarter, maintaining cost controls and keeping our team home and healthy.

This past quarter has seen a large change in our back-office, with how we manage our US-based employees. While it took a lot of effort, it did not impact our team's operations. We are up and rolling smoothly, after these changes.

There was a scare in the security around some of our automated CI/CD systems, which we quickly handled. In the end, the initial concern did not pan out to any real problems. Yet we learned and expanded some of our Best Practices, and implemented a scanner to monitor for future security concerns in this area.

The team has started a monthly "Builds" conference call to bring the broader community together to talk "all things builds". This has enabled a sharing of ideas, helped us advance more of our CI/CD infrastructure, and highlighted the pain points that our communities are seeing.

Our background work has continued, as usual, in areas such as testing a CDN deployment, improved integration between the ASF and GitHub, investigating a move from our on-premise Atlassian products to their cloud-based services, and our mail system upgrade.


> Treasury and Financial Statement --map against https://s.apache.org/FY2019AnnualReport 

The Treasurer, Myrle Krantz, and the Assistant Treasurer, Trevor Grant have contributed to keeping The Foundation in excellent fiscal shape with all tax and compliance forms filed on time. Latest public filings can be found at http://www.apache.org/foundation/records/. We have advised that officers minimize expenses until there is more certainty in global economic outlooks. Officers have done an excellent job at cost control throughout the fiscal year, and we hope that in the coming fiscal year that the need for austerity will be reduced. We transitioned, this quarter, from accounting provided by Virtual to accounting provided by IgniteSpot. Benefits we have seen from this transition include:

  • better transparency into accounting and smoother budgeting processes by moving from QuickBooks Enterprise to QuickBooks Online,
  • better automation of our processes via the integration of QuickBooks Online with Bill.com and our banking solutions, and
  • reduced costs.

We are pleased with the enthusiastic support IgniteSpot has provided Fundraising with invoicing and reporting, and we hope to see this continue. The transition has forced us to examine our internal processes, and given us opportunities to improve them.

In the process of transitioning accountants, we have also transitioned PEO providers. We now employ ADP Total Source directly. In addition we have transitioned to a new physical mailing address and a new registered agent. We thank Greg Stein, David Nalley, and Ruth Suehle for the truly excellent collaboration which made a change of this extent possible. We thank Virtual for their many years of service. The Apache Software Foundation would not be where we are today without the tireless efforts of Virtual to modernize our accounting processes and make them sustainable. In all, the transition has been extremely smooth. Our books were imported without difficulties. Thanks to the work Myrle Krantz and Greg Stein performed earlier this year to introduce bill.com, there were no interruptions in our vendor payments. And thanks to heightened attention by Sally Khudairi, and Daniel Ruggeri and IgniteSpot, there were no interruptions to sponsor invoicing. The financial report has a few more details than past quarterly reports. We have adjusted reporting to include mention of restricted funds. ASF Treasury has gone above and beyond to support fundraising this quarter. In particular, to make possible a two year platinum sponsorship before the end of the sponsor’s fiscal year, Myrle Krantz, with support from Greg Stein, and direction from Sally Khudairi interfaced with a sponsor’s PO system and generated and submitted last minute estimates and invoices. This team worked through multiple iterations over the course of several hours on New Year’s Eve and New Year’s Day to get it right. This was possible, in part, because the ASF Treasury now has access to our own books via QuickBooks Online. We have added a bank account at TDBank to our mix of financial instruments. The majority of our cash remains in a CDARS account at Boston Private which provides FDIC insurance for the full amount.


Cash and Restricted Cash for Q3 FY 2021




Apache Software Foundation






Q3 FY 21





Checking/Savings Balances:





Boston Private CDARS Account

$ 3,031,266




Citizens Money Market

$ 152,007




Citizens Checking

$ 360,697




PayPal - ASF

$ 5,190




Stripe

$ 2,823




TD Bank Checking

$ 121,323



Total Checking/Savings

$ 3,673,306 








Restricted Funds:





Conditional Gift

$ 500,000




Project Restricted Funds

$ 32,979



Total Restricted Funds

$ 532,979








Unrestricted Cash/Checking

$ 3,140,327









Income and Expenses for Q3 FY 2021




Apache Software Foundation






Q3 FY 21



Income Summary:





Public Donations

$ 43,710




Sponsorship Program

$599,010




Programs Income

$ 0




Conference/Event Income

$ 1,000




Interest Income

$ 53



Total Income

$ 643,773 





Expense Summary





Infrastructure

$ 228,7920




Programs Expense

$ 0




Publicity

$7,456




Brand Management

$ 3,255




Conferences

$ 690




Travel Assistance Committee

$ -




Fundraising

$ 62,273




Privacy

$ -




Treasury Services

$ 20,207




General & Administrative

$ 9,207




Diversity and Inclusion

$ -



Total Expense

$ 331,881

Net Income

$ 311,892



> Diversity and Inclusion http://diversity.apache.org/

Diversity & Inclusion

Q3 of FY2021 focused on wrapping up the first research on the current status of D&I at the ASF, securing funds for one more year of Outreachy internships and planning for FY2022. Below is a breakdown of these accomplishments.

Wrapping the research on the current status of Diversity and Inclusion at the ASF
This project was composed of two initiatives: The ASF Community Survey and a User Experience Research for contributors of underrepresented groups. These two initiatives concluded in Q2 and we have a final draft https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=173087952 to be published in multiple channels, such as research publications and conferences like ApacheCon.

Continuing the internships for underrepresented groups through Outreachy.org
The third period of Outreachy internships is underway and we have six interns for six different Apache projects https://cwiki.apache.org/confluence/display/EDI/2020-11-25+Outreachy+Meeting+notes . We secured $52,000 in sponsorship from Google to continue with this program for one more year. The sponsorship will be processed in March 2021.  

FY2022 planning
The findings and recommendations from the research completed in FY2021 will be the platform  for taking action in FY2022. The D&I committee will have the following goals in FY2022: 

  • Act on the findings and recommendations from the research done in FY2021
  • Continue the Outreachy Internships
  • Re-application of the community survey to measure changes since the survey was last done in 2020. 

The ultimate objective is to scope and define a project that will help us take the current state of D&I at the ASF to better neights. We will partner with Bitergia again, this is the firm that conducted the research and ran the ASF community survey in 2020. One of the alternatives we’re strongly considering is the creation of a program that helps podlings in the incubator develop strong practices for inclusion, enabling the projects to be diverse from the moment they graduate from incubation. This is still one are of consideration, and we’ll have the final selection by the end of the quarter. 

 

> Fundraising http://apache.org/foundation/contributing.html

As was noted in prior quarterly reports, Fundraising continues to move along well operationally. In addition to performing regular renewals, we are further honing our processes by experimenting with automation and tooling to augment our work. In this quarter, we are pleased to note that all ApacheCon sponsorships have completed and closed in the early quarter. Additionally, we managed to continue business-as-usual during a very busy December as the foundation onboarded a new accounting provider and platform.

We continue maintaining cautious optimism as we weather the current pandemic with our Sponsors and are tremendously thankful for the continued sponsorship despite the hard times. While we regret that two Bronze sponsors chose not to renew their sponsorship this quarter, we are thrilled to welcome a new Platinum Sponsor, Gold Sponsor, Silver Sponsor, and Bronze Sponsor! This growth in sponsorships is a heart warming indication that the amazing work done here at The ASF is recognized and appreciated in the global community. To that point, we are pleased to see that this quarter saw a higher than typical number of individual donations to the foundation.

The joy we feel from the continued support of our individual and corporate sponsors simply cannot be overstated. In the tough times leading into and during the initial days of the pandemic, like many others, we just did not know what to expect. After all, the only income our all-volunteer-led foundation receives comes from sponsorships. The ASF is known to house projects that creates industries, evolves the technology landscape, improves the world we live in - and we do it in a way that is fair and equitable to all who participate regardless of background. This is all entirely possible because of the generosity of our sponsors… especially during difficult days.

With a truly humble and grateful heart: THANK YOU for continuing to support us during this storm.

The list of all Sponsors is available at http://apache.org/foundation/thanks . To become an ASF Sponsor, visit http://apache.org/foundation/sponsorship.html . To make a one-time or monthly recurring donation, please visit https://donate.apache.org/ .


= = =

Report prepared by Sally Khudairi, Vice President Marketing & Publicity, with contributions by Rich Bowen, Vice President Conferences; Mark Cox, Vice President Security; Griselda Cuevas, Vice President Diversity & Inclusion; David Nalley, Vice President Infrastructure; Sharan Foga, Vice President Community Development; Christian Grobmeier, Vice President Data Privacy; Myrle Krantz, Treasurer; Daniel Ruggeri, Vice President Fundraising; Greg Stein, Infrastructure Administrator; and Mark Thomas, Vice President Brand Management.

For more information, subscribe to the announce@apache.org mailing list http://apache.org/foundation/mailinglists.html#foundation-announce and visit http://www.apache.org/ , the ASF Blog at http://blogs.apache.org/ , the @TheASF on Twitter https://twitter.com/TheASF , and LinkedIn https://www.linkedin.com/company/the-apache-software-foundation .

(c) The Apache Software Foundation 2021.

# # #

Friday March 12, 2021

The Apache News Round-up: week ending 12 March 2021

Hello, Friday. Let's review the Apache community's activities from over the past week:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Announcing New ASF Board of Directors https://s.apache.org/NewBoard2021
 - Next Board Meeting: 17 March 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - CFP open for ApacheCon@Home 2021: proposals now accepted for 20 tracks that include API/Microservices, Big Data, Cassandra, Content Delivery & Management, Community, Drill, Fineract/Fintech, Geospatial, Groovy, Incubator, Integration, IoT, Karaf, Observability, Royale, RDF/Linked Data, Search, Social Data, Tomcat, and more. https://www.apachecon.com/acah2021/cfp.html

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 389 Apache Committers changed 3,798,169 lines of code over 3,471 commits. Top 5 contributors, in order, are: Andrea Cosentino, Daan Hoogland, Gary Gregory, Claus Ibsen, and Tilman Hausherr.                    

Apache Project Announcements – the latest updates by category.

APIs --
 - Apache APISIX 2.4 released https://apisix.apache.org/

Big Data --
 - Apache Flink 1.12.2 released https://flink.apache.org/

Content --
 -  Apache Jackrabbit 2.14.9 released http://jackrabbit.apache.org/

IDE --
 - Apache NetBeans 12.3 released http://netbeans.apache.org/

Integration --
 - Apache Camel 3.7.3 released https://camel.apache.org/

Libraries --
 - Apache Commons Lang 3.12 released https://commons.apache.org/proper/commons-lang/
 - Apache Velocity Engine 2.3 and Tools 3.1 released https://velocity.apache.org/
 - Apache Velocity CVE-2020-13936: Velocity Sandbox Bypass https://s.apache.org/qmlqf
   and CVE-2020-13959: Tools XSS Vulnerability https://s.apache.org/iaoq5

Servers --
 - Apache Tomcat 8.5.64, 9.0.44, and 10.0.4 released https://tomcat.apache.org/

Web Conferencing --
 - Apache OpenMeetings 6.0.0 released https://openmeetings.apache.org/


Did You Know?

- Did you know that the ASF has been chosen to be a Google Summer of Code mentoring organization for the 16th consecutive year? https://community.apache.org/gsoc.html 

- Did you know that Facebook and Uber build streaming SQL applications for unified processing using Apache Flink and Pulsar? Learn more at https://www.meetup.com/Bay-Area-Apache-Flink-Meetup/events/276579450/

- Did you know that the Airflow Summit is accepting submissions through 12 April? https://airflowsummit.org/


Apache Community Notices

- The Apache Month in Review: February 2021 https://s.apache.org/Feb2021 + Video highlights https://youtu.be/6TMuYglu2Cc

- The Apache Software Foundation Operations Summary: Q2 FY2021 (August - October 2020) https://s.apache.org/Q2FY2021

- Apache in 2020 - By The Digits https://s.apache.org/Apache2020Digits + Video highlights https://s.apache.org/Apache2020Digits-vid

- ASF Security Report 2020 https://s.apache.org/SecurityReport2020 + Video highlights https://youtu.be/Z7yudar_da0

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation 

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - All presentations from ApacheCon@Home are available at https://www.youtube.com/c/TheApacheFoundation/ 

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet 
    Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
    Drew Foulks https://s.apache.org/InsideInfra-Drew
    Greg Stein Part I https://s.apache.org/InsideInfra-Greg
      ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
    Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
    Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
    Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
    Chris Lambertus Part I  https://s.apache.org/InsideInfra-ChrisL  and Part II https://s.apache.org/InsideInfra-ChrisL2

 - ASF Targeted Sponsor Manning Publications is offering special deals on the latest books on Apache Airflow, Pulsar, Spark, and Thrift, among other titles and eBooks https://deals.manning.com/the-latest-apache-innovations/

 - Follow the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Friend and follow the Apache Community on Facebook https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.


Thursday March 11, 2021

Announcing New ASF Board of Directors

At The Apache Software Foundation (ASF) Annual Members' Meeting held this week, the following individuals were elected to the ASF Board of Directors:

  • Bertrand Delacretaz (current Director)
  • Roy Fielding (current Director)
  • Sharan Foga (new Director)
  • Justin Mclean (current Director)
  • Craig Russell (current Director)
  • Sam Ruby (current Director)
  • Roman Shaposhnik (former Director)
  • Sander Striker (current Director)
  • Sheng Wu (new Director)


The ASF thanks Shane Curcuru, Patricia Shanahan, and Niclas Hedhman (who resigned from the Board prior to the Members’ Meeting) for their service, and welcomes our new and returning directors.

An overview of the ASF's governance, along with the complete list of ASF Board of Directors, Executive Officers, and Project/Committee Vice Presidents, can be found at http://apache.org/foundation/

For more information on the Foundation's operations and structure, see http://apache.org/foundation/how-it-works.html#structure

# # #

Friday March 05, 2021

The Apache News Round-up: week ending 5 March 2021

Welcome, March! We've had a great week within the Apache community. Here's what happened:

The Apache Month in Review – highlights of what we've accomplished over the past month. 
- February 2021 https://s.apache.org/Feb2021 + Video highlights https://youtu.be/6TMuYglu2Cc

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. 
 - Next Board Meeting: 17 March 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html

Apache Diversity & Inclusion – initiatives that promote diversity, equity, and inclusion across the greater Apache community.
 - FINAL CALL for Apache project proposals and mentors: Outreachy Open Source internship program May-Aug 2021 https://s.apache.org/s7tz2

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.99%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 392 Apache Committers changed 1,224,925 lines of code over 3,879 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Andrea Cosentino, Gary Gregory, Andi Huber, and Daan Hoogland.              

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache NiFi MiNiFi C++ 0.9.0 released https://nifi.apache.org/minifi

Cloud Computing --
 - Apache CloudStack 4.14.1.0 LTS released https://cloudstack.apache.org/

Confidential Computing --
 - Apache Teaclave (incubating) 0.2.0 released https://teaclave.apache.org/

Libraries --
 - The Apache Software Foundation Announces Apache® Daffodil™ as a Top-Level Project https://s.apache.org/18vob

Observability --
 - Apache SkyWalking Nginx LUA 0.4.0 released https://skywalking.apache.org/

Servers --
 - Apache Tomcat CVE-2021-25122: h2c request mix-up https://s.apache.org/29cq9
   and CVE-2021-25329: RCE via session persistence https://s.apache.org/9itds


Did You Know?

- Did you that the following Apache projects are celebrating anniversaries this month? Many happy returns to Apache mod_perl (21 years); Maven (18 years); Struts (17 years); Jackrabbit (15 years); Felix (14 years); Archiva (13 years); UIMA (11 years); Accumulo and Sqoop (9 years); Bloodhound, CloudStack, and cTAKES (8 years); Allura and Olingo (7 years); and FreeMarker (3 years) https://projects.apache.org/committees.html?date

- Did you know that the Apache Local Community - Beijing has celebrated its one-year anniversary with numerous impressive achievments? https://s.apache.org/gm9kv

- Did you know that your support helps offset the ASF's day-to-day operating costs? https://s.apache.org/8foo2


Apache Community Notices

- The Apache Software Foundation Operations Summary: Q2 FY2021 (August - October 2020) https://s.apache.org/Q2FY2021

- Apache in 2020 - By The Digits https://s.apache.org/Apache2020Digits + Video highlights https://s.apache.org/Apache2020Digits-vid

- ASF Security Report 2020 https://s.apache.org/SecurityReport2020 + Video highlights https://youtu.be/Z7yudar_da0

- ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport

- "Trillions and Trillions Served" documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) "Apache Everywhere" https://s.apache.org/ApacheEverywhere 3) "Why Apache" https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation 

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - All presentations from ApacheCon@Home are available at https://www.youtube.com/c/TheApacheFoundation/ 

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet 
    Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
    Drew Foulks https://s.apache.org/InsideInfra-Drew
    Greg Stein Part I https://s.apache.org/InsideInfra-Greg
      ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
    Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
    Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
    Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
    Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2

 - ASF Targeted Sponsor Manning Publications is offering special deals on the latest books on Apache Airflow, Pulsar, Spark, and Thrift, among other titles and eBooks https://deals.manning.com/the-latest-apache-innovations/

 - Follow the ASF on social media: @TheASF on Twitter (https://twitter.com/TheASF) and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Friend and follow the Apache Community on Facebook https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.


Thursday March 04, 2021

The Apache Software Foundation Announces Apache® Daffodil™ as a Top-Level Project

Open Source universal data interchange implementation of the Data Format Description Language (DFDL) standard in use at DARPA, GE Research, Naval Postgraduate School, Owl Cyber Defense, Perspecta Labs, and Raytheon BBN Technologies, among others.

Wilmington, DE —4 March 2021— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® Daffodil™ as a Top-Level Project (TLP).

Apache Daffodil is an Open Source implementation of the Data Format Description Language 1.0 specification (DFDL; the Open Grid Forum open standard framework for describing the attributes of any data format [1]) to enable universal data interchange. The project was first created at the University of Illinois National Center for Supercomputing Applications (NCSA) in 2009, and entered the Apache Incubator in August 2017.

"We're extremely excited that Apache Daffodil has achieved this important milestone in its development. The Daffodil DFDL implementation is a game changer in complex text and binary data interfaces and creates massive opportunities for organizations to easily implement highly sophisticated processes like data decomposition, inspection, and reassembly," said Michael Beckerle, Vice President of Apache Daffodil. "Instead of spending a lot of time worrying about how to deal with so many kinds of data that you need to take in, from day one you can convert all sorts of data into XML, or JSON, or your preferred data structure, and convert back if you need to write data out in its original format."

Apache Daffodil is particularly useful in large-scale organizations, such as governments and large corporations, where massive amounts of complex and legacy data must be exchanged and made accessible every day. Daffodil is also particularly useful in cybersecurity, where data must be inspected for correctness and sanitized.

Apache Daffodil is in use at major global organizations that include DARPA, GE Research, Naval Postgraduate School, Owl Cyber Defense, Perspecta Labs, and Raytheon BBN Technologies, among others.

"We are using Daffodil to translate DFDL schema specifications into code for our Monitoring & INspection Device (MIND) as part of our work on DARPA’s Guaranteed Architecture for Physical Security (GAPS) program," said said Bill Smith, Principal Engineer at GE Research. "One of our engineers has joined the Apache Daffodil Project Management Committee and is building out the new DFDL-to-C backend on a dedicated Daffodil development branch. We are now translating DFDL schemas provided by other DARPA GAPS performers to C code suitable for the small resource-constrained controllers in our MIND device. When complete, Daffodil's DFDL-to-C backend will give us the ability to annotate DFDL schemas with security policies and rapidly reconfigure our MIND device for different mission security profiles."

"Apache Daffodil is an important asset to our cross domain solutions technology stack, allowing Owl to support our customers by extending our filtering capabilities to new data types faster and with less risk," said Ken Walker, CTO at Owl Cyber Defense. "It's directly in line with our company priorities, as supporters of the Open Source community, and highly beneficial to our product lines to have this high-quality Open Source implementation of DFDL to support challenging, sometimes proprietary data formats, such as Link16, VMF, USMTF, OSIsoft PI System, and JANAP-128, without the need to develop additional software. DFDL enables our Raise-the-Bar compliant cross domain solutions to support new data types without additional rounds of lengthy lab-based testing and recertification."

"The DFDL open spec and the Apache Daffodil implementation have helped us tremendously in parsing and transforming fixed-format data in a variety of different R&D projects at BBN," said Michael Atighetchi, Lead Scientist at Raytheon BBN Technologies. "Sharing parsers through a vendor-neutral XML representation is a game changer that enables a significant speedup in developing, maturing, and transitioning advanced capabilities to help war fighters."

"Our research on applying Data Format Description Language (DFDL) is exploring how to unlock and archive a plethora of diverse data streams from unmanned systems," said Don Brutzman, Naval Postgraduate School. "Both the DFDL standard and the Apache Daffodil open-source implementation provide a big benefit for these potential capabilities. Continuing work at Naval Postgraduate School (NPS) Consortium for Robotics and Unmanned Systems Education and Research (CRUSER) hopes to make telemetry from field experimentation and simulation repeatably tractable for Big Data analytics."

"Graduation to a TLP recognizes that the Apache Daffodil project follows the rigorous software development practices that have made so many of ASF projects trusted and successful," added Beckerle. "With the increasing interest in Big Data, interoperability, and protection from malicious data, we welcome new contributors to help us further grow the Apache Daffodil community."

[1] Data Format Description Language (DFDL) v1.0 Specification https://www.ogf.org/documents/GFD.240.pdf

Availability and Oversight
Apache Daffodil software is released under the Apache License v2.0 and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. For downloads, documentation, and ways to become involved with Apache Daffodil, visit https://daffodil.apache.org/ and https://twitter.com/ApacheDaffodil 

About the Apache Incubator
The Apache Incubator is the primary entry path for projects and codebases wishing to become part of the efforts at The Apache Software Foundation. All code donations from external organizations and existing external projects enter the ASF through the Incubator to: 1) ensure all donations are in accordance with the ASF legal standards; and 2) develop new communities that adhere to our guiding principles. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF. For more information, visit http://incubator.apache.org/

About The Apache Software Foundation (ASF)
Established in 1999, The Apache Software Foundation is the world’s largest Open Source foundation, stewarding 227M+ lines of code and providing more than $20B+ worth of software to the public at 100% no cost. The ASF’s all-volunteer community grew from 21 original founders overseeing the Apache HTTP Server to 813 individual Members and 200 Project Management Committees who successfully lead 350+ Apache projects and initiatives in collaboration with nearly 8,100 Committers through the ASF’s meritocratic process known as "The Apache Way". Apache software is integral to nearly every end user computing device, from laptops to tablets to mobile devices across enterprises and mission-critical applications. Apache projects power most of the Internet, manage exabytes of data, execute teraflops of operations, and store billions of objects in virtually every industry. The commercially-friendly and permissive Apache License v2 is an Open Source industry standard, helping launch billion dollar corporations and benefiting countless users worldwide. The ASF is a US 501(c)(3) not-for-profit charitable organization funded by individual donations and corporate sponsors including Aetna, Alibaba Cloud Computing, Amazon Web Services, Anonymous, Baidu, Bloomberg, Budget Direct, Capital One, Cloudera, Comcast, Confluent, Didi Chuxing, Facebook, Google, Handshake, Huawei, IBM, Microsoft, Namebase, Pineapple Fund, Red Hat, Reprise Software, Target, Tencent, Union Investment, Verizon Media, and Workday. For more information, visit http://apache.org/ and https://twitter.com/TheASF 

© The Apache Software Foundation. "Apache", "Daffodil", "Apache Daffodil", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners.

# # #

Monday March 01, 2021

Apache Month in Review: February 2021

Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in February:

New this month --

 - Call for Apache project proposals and mentors: Outreachy Open Source internship program May-Aug 2021 https://s.apache.org/s7tz2

 - The Apache Software Foundation Announces Apache® DataSketches™ as a Top-Level Project https://s.apache.org/jhvqu

 - The Apache Software Foundation Announces Apache® Gobblin™ as a Top-Level Project https://s.apache.org/df92k

 - The Apache® Software Foundation Sustains its Mission of Providing Software for the Public Good through Corporate Sponsorships and Charitable Giving https://s.apache.org/8foo2

 - Apache Month in Review: January 2021 https://s.apache.org/Jan2021


Important Dates --

  - Next Board Meeting: 17 March 2021. Board calendar and minutes http://apache.org/foundation/board/calendar.html


Infrastructure --

Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in February was 99.97%. http://www.apache.org/uptime/

Committer Activity --

In February, 718 Apache Committers changed 8,293,634 lines of code over 13,685 commits. The Committers with the top 5 highest contributions, in order, were: Andrea Cosentino, Gary Gregory, Claus Ibsen, Andi Huber, and Benoit Tellier.

Project Releases and Updates --

New releases from Apache Airflow (Big Data); APISIX (API); Beam (Big Data); BookKeeper (Big Data); Camel (Integration); Commons NET (Libraries); Directory Studio (Network Client / Server); Druid (Big Data); Flink (Big Data); FreeMarker (Templating); HttpComponents (Servers); Lucene (Search); MyFaces (Web Frameworks); NiFi (Big Data); NLPCraft (Incubating; Natural Language Processing); PLC4X (IoT); Qpid Broker (Messaging); Qpid Dispatch (Messaging); Skywalking (Application Performance Management); Tomcat (Servers).

The Apache Incubator is the primary entry path for projects wishing to become an official part of the ASF. EventMesh entered the Apache Incubator as a new podling this month. We invite you to review the many projects currently in development in the Apache Incubator http://incubator.apache.org/ .

# # #

To see our Weekly News Round-ups (published every Friday), visit https://blogs.apache.org/foundation/ and click on the calendar or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. We appreciate your support!

Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation