The Apache Software Foundation Blog

Monday November 29, 2021

The Apache Weekly News Round-up: week ending 26 November 2021

We're wrapping up another great week with the following activities from the Apache community:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 15 December 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.97%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 303 Apache Committers changed 18,449,074 lines of code over 6,624 commits. Top 5 contributors, in order, are: Krist Wongsuphasawat, Jesse Yang, Ville Brofeldt, Yongjie Zhao, and Harikrishna Patnala.    

Apache Project Announcements – the latest updates by category.

APIs --
 - Apache APISIX 2.10.2 released
   -- CVE-2021-43557: Path traversal in request_uri variable

Big Data --
 - Apache Beam 2.34.0 released

Cloud Computing --
 - Apache Kafka 2.6.3 released 

Content --
 - Apache JSPWiki 2.11.0 released
   -- CVE-2021-44140: Arbitrary file deletion on logout
   -- CVE-2021-40369: Cross-site scripting vulnerability on Denounce plugin

Enterprise Processes Automation / ERP --
 - Apache OFBiz 18.12.02 released

Integration --
 - Apache Camel 3.11.4 (LTS) released

Messaging --
 - Apache Qpid Dispatch 1.18.0 released


Did You Know?

 - Did you know that Giving Tuesday, the global day of giving, takes place this year on Tuesday 30 November. Your individual and corporate donations help the all-volunteer ASF continue to steward 350+ Apache Projects and their communities, and provide more than $22B worth of Apache software to the public good at 100% no charge? https://donate.apache.org/

 - Did you know that you can learn more about Apache TVM --the ASF's first full stack software and hardware co-optimization project-- at TVMCon, taking place online and free-of-charge 15-17 December?

 - Did you know that the New Zealand government uses Apache Wicket for its national statistics Website?

Apache Community Notices

- The Apache Month in Review: October 2021 and video highlights

- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min] 

 - ASF Annual Report: FY2021 -- Press release and Report (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet 
    Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
    Drew Foulks https://s.apache.org/InsideInfra-Drew
    Greg Stein Part I https://s.apache.org/InsideInfra-Greg
      ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
    Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
    Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
    Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
    Chris Lambertus Part I  https://s.apache.org/InsideInfra-ChrisL  and Part II https://s.apache.org/InsideInfra-ChrisL2

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

Monday November 22, 2021

The Apache Weekly News Round-up: week ending 19 November 2021

Happy Friday, everyone. The Apache community has had another great week. Let's review what we've been up to:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 15 December 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.57%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 340 Apache Committers changed 4,175,400 lines of code over 3,102 commits. Top 5 contributors, in order, are: Daniel Gruno, Christofer Dutz, Sebastian Rühl, Sebastian Bazley, and Claus Ibsen.  

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache Arrow 6.0.1 released
 - Apache Ozone 1.2.0 released
   -- CVE-2021-36372: Original block tokens are persisted and can be retrieved
   -- CVE-2021-39231: Missing authentication/authorization on internal RPC endpoints
   -- CVE-2021-39232: Missing admin check for SCM related admin commands
   -- CVE-2021-39233: Container-related datanode operations can be called without authorization
   -- CVE-2021-39234: Raw block data can be read bypassing ACL/authorization
   -- CVE-2021-39235: Access mode of block tokens are not enforced
   -- CVE-2021-39236: Owners of the S3 tokens are not validated
   -- CVE-2021-41532: Unauthenticated access to Ozone Recon HTTP endpoints 

Business Intelligence --
 - Apache Superset CVE-2021-42250: Possible log injection

Cloud Computing --
 - Apache CloudStack 4.16.0.0 released

Content --
 - Apache Jackrabbit Oak 1.6.22 released

Integration --
 - Apache Camel 3.13.0 released

IoT --
 - Apache IoTDB 0.12.3 released

Observability --

- Apache SkyWalking Infra E2E 1.1.0 released

Programming Languages --
 - Apache Groovy 4.0.0-beta-2 released

Search --
 - Apache Lucene 8.11.0 released
 - Apache Solr 8.11.0 and Operator v0.5.0 released

Servers --
 - Apache Tomcat 8.5.73, 9.0.55, 10.0.13, 10.1.0-M7 (alpha) released
 - Apache HttpComponents Client 5.1.2 GA released
 - Apache Traffic Control: CVE-2021-43350: LDAP filter injection vulnerability in Traffic Ops

Web Frameworks --
 - Apache Struts 2.5.27 released


Did You Know?

 - Did you know that the ASF's Corporate Contribution options include Employee Giving Programs, Volunteer Grants, and Corporate Matching Gifts? End-of-year donations are welcome in any amount --thank you in advance for considering supporting the ASF! https://apache.org/foundation/contributing#support-the-asf-today

 - Did you know that Apache Pinot was featured in the Disney comedy film, "Home Sweet Home Alone"? https://twitter.com/ApachePinot/status/1459378780586262528

 - Did you know that Apache DolphinScheduler v2.0 is 20x more performant than previous versions? http://dolphinscheduler.apache.org/

Apache Community Notices

- The Apache Month in Review: October 2021 and video highlights

- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min] 

 - ASF Annual Report: FY2021 -- Press release and Report (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet 
    Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
    Drew Foulks https://s.apache.org/InsideInfra-Drew
    Greg Stein Part I https://s.apache.org/InsideInfra-Greg
      ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
    Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
    Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
    Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
    Chris Lambertus Part I  https://s.apache.org/InsideInfra-ChrisL  and Part II https://s.apache.org/InsideInfra-ChrisL2

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.



Monday November 15, 2021

The Apache Weekly News Round-up: week ending 12 November 2021

Hello, everyone --let's review the Apache community's activities from over the past week:

Sponsor Success at Apache – the blog series that focuses on the people and processes behind why the ASF "just works", featuring insights and experiences from the perspective of select ASF Sponsors
 - "Exploration and Practice of the Apache Way in Tencent" by Mark Shan

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 17 November 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.94%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 352 Apache Committers changed 11,730,654 lines of code over 3,823 commits. Top 5 contributors, in order, are: Krzysztof Kopyściński, Mark Thomas, Andrea Cosentino, Adam Kocoloski, and Tomaž Muraus.

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache NiFi 1.15.0 released
 - Apache ShardingSphere 5.0.0 released

Business Intelligence --
 - Apache Superset CVE-2021-41972: Credentials leak

Content --
 - Apache Jackrabbit 2.20.4 and Jackrabbit Oak 1.8.25 released
 - Apache Traffic Control 6.0.1 released and CVE-2021-43350: LDAP filter injection vulnerability in Traffic Ops

Messaging --
 - Apache Qpid Proton 0.36.0 released


Did You Know?

 - Did you know that the Apache Unomi community will be holding their first Unomi developer MeetUp online and free of charge on 18 November?

 - Did you know that the Apache Ignite community are preparing for the vote on v2.12, are redesigning their project Website, and will be kicking off Ignite Summit Cloud Edition 16 November? Catch up on a busy week ahead!

 - Did you know that Uber Eats' new real-time exactly-once ad event processing is powered by Apache Flink, Apache Kafka, and Apache Pinot

Apache Community Notices

- The Apache Month in Review: October 2021 and video highlights

- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min] 

 - ASF Annual Report: FY2021 -- Press release and Report (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet 
    Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
    Drew Foulks https://s.apache.org/InsideInfra-Drew
    Greg Stein Part I https://s.apache.org/InsideInfra-Greg
      ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
    Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
    Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
    Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
    Chris Lambertus Part I  https://s.apache.org/InsideInfra-ChrisL  and Part II https://s.apache.org/InsideInfra-ChrisL2

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.



Thursday November 11, 2021

Sponsor Success at Apache: Exploration and Practice of the Apache Way in Tencent

by Mark Shan, Chairman of Tencent Open Source Alliance and Tencent Cloud Open Source Ecosystem General Manager


The Apache Software Foundation (ASF) manages more than 227 million lines of code, has 206 project management committees, leads more than 350 Apache projects and operates through a merit system, with more than 850 members, 8,100+ committers, and tens of thousands of contributors.


Previously the Apache Group, the ASF has grown to one of the largest open source foundations in the world today. It has built the well-known "Apache Way" through its leadership, sound community, and merit thinking, resulting in a set of schemes that promote the sustainable development of open source communities and guide the practice of open source projects.projects.


Since Tencent Open Source was created 11 years ago, a large number of Tencent engineers have formed a deep connection with the Apache community by participating and contributing to Apache projects. Furthermore, by learning from the Apache Way, Tencent is going through its open source journey.


At ApacheCon@Home 2021, I shared how Tencent thinks, explores, and practices open source according to the Apache Way. Below is a synopsis of this presentation:


The Apache Way's Importance in Community Building


The Apache Way is difficult to define. Although the Apache Way has evolved somewhat over the years, the original intention of "high transparency" has remained unchanged. In Mark Shan’s view, Tencent's learning experience from the Apache Way can be summarized into five main points:

  1. Everyone has the opportunity to participate and can become a contributor. Contributors can increase their impact and personal growth through their contributions to projects.
  2. The ASF has a structure that encourages contributions from everyone, regardless of employer. This means that, for example, committer and PMC roles are open to anyone who earns the title. Tencent encourages its engineers to participate in the Apache community actively.
  3. Understanding and practicing open communication is extremely important. Because open source is the collaboration of a global community, Tencent engineers are able to participate in the Apache open source project through asynchronous collaboration using the mailing list. Code and decision-related communication are open and transparent.
  4. Reaching consensus when making decisions is strongly encouraged. Consensus can maintain project momentum and productivity. But when a complete consensus is impossible, voting or other coordination is available to arrive at binding decisions.
  5. The most important point is that the Apache community's motto, "community over code", is often emphasized. Because a healthy community is more important than simply good code. A strong and healthy community can always correct code problems, while an unhealthy community may struggle to maintain the code repository in a sustainable manner. In addition, flexibility is also an integral part of ASF's sustainable open source success.


Tencent's Open Source Way —Inspired by the Apache Way Apache projects and their communities are unique and diverse. In the community-led development process, Apache members formed the Apache Way based on their experience. Many of Tencent's open source practices and results are executed following the model of the Apache Way. After many years of incorporating open source into its culture, Tencent has formed an approach, "open collaboration, open source for good," which reflects Tencent's value and vision, and is honed based on open source best practices. Practicing the Apache Way: Contributing and Donating to open source projects Tencent engineers have been contributing to and helping to lead many ASF projects, including: 1) Big Data Over the past four years, several Tencent engineers helped lead releases for Apache Hadoop 2.8.4 and 2.8.5, Apache Ozone 1.0.0 (Ozone was a sub-project of Apache Hadoop, and became a Top-Level Project in 2020), and Apache Spark 2.3.2. Tencent engineers contributed more than 20 features and optimizations to several versions of Hadoop, and are core contributors in multiple Apache computing and AI frameworks that include Flink, HBase, Hive, MXNet, and Parquet. 2) Middleware In 2019, Tencent donated TubeMQ, its self-developed trillion-level big data component, to the ASF through the Apache Incubator. In 2021 the project officially changed its name to Apache InLong, as part of its incubation process. Tencent Applications based on Apache Projects

In addition to self-developed tools, Tencent widely uses ASF open source projects in its various business systems, with particular focus in big data, API gateways, and observability. As one of the largest daily real-time computing companies, Tencent’s overall big data platform exceeds 5 million cores, and must support single-day access message volume exceeding 55 trillion, real-time computing volume exceeding 65 trillion, and daily analysis tasks reaching 15 million.

More than two dozen Apache projects are used in applications like WeChat, QQ, and Tencent Cloud. These big data projects are used for data transmission, storage, computing, and analysis demand scenarios, supported by other technical fields of service governance that include API gateways and observability.

For big data, Apache Ozone is one of the key projects that provides support for Tencent's business scenarios that require large amounts of data and traffic. As early adopters, Tencent's big data platform deployed an Ozone cluster with more than 1,000 nodes as the back-end storage for big data applications and also uses Ozone as the main storage solution for some private data warehouse projects. 

Today, Tencent is connecting more and more businesses to Ozone, including data warehouses, machine learning platforms, Kubernetes cluster mounting volume, and more. Ozone helps Tencent operate stably, steadily, and at scale: of more than a thousand units without manual operation and maintenance intervention. In the process of verification and improvement, Tencent has done a lot of optimization work to improve performance and stability.

In addition, Apache Pulsar integrates messaging, storage and functional computing, and it adopts an architecture that separates storage and computing. Pulsar has successfully supported a large number of data and traffic business scenarios within Tencent Cloud and has some practical experience in cloud native environments, such as solving rapid and dynamic expansion and contraction, improving the utilization of cluster resources, and cluster forms.

For API Gateways, Apache APISIX offers high performance, a friendly developer experience, and rich plug-in capabilities, which is why Tencent's internal business chose it. Using APISIX, Tencent internally shares its self-developed cloud system components to solve business pain points and provide efficient API gateway services; externally, Tencent engineers contribute to the Apache APISIX open source community, expanding its influence, and leads the development of the open source community.

For Observability, Apache SkyWalking's application in Tencent's internal observable platform provides great convenience for selecting client tracing reporting of the microservices system, as well as the mechanism of computing storage separation and multi-layer query to provide very excellent performance output.

Building Tencent Open Source with 3 Major Projects

In addition to sponsoring the ASF at the Platinum level, Tencent is currently active in more than 10 foundations worldwide as a top member, including the Linux Foundation and the CNCF Foundation. Tencent is actively involved with open source communities such as Kubernetes, Spring Cloud, MariaDB, and it is also promoting the implementation of open source projects, products and solutions.

Foundations provide intellectual property management framework, code repositories, issue tracking, technical guidance, project governance, financial and public relations, and other services. By participating in these foundations, Tencent has learned many more mature open source organizational governance models and used them to guide the process to open source its internal projects to the world.

Tencent has open sourced more than 130 independent cloud native, big data, artificial intelligence, database, and other projects to the world. These projects obtained more than 370,000 GitHub Stars, and have exceeded 2,000 contributors.

By open sourcing projects across internal departments and to the world, actively collaborating with developers and communities around the world, and training open source talents, Tencent's open source ecosystem continuously improves and grows. 


Tencent Cloud’s future will focus on further strengthening the construction of Tencent's open source ecosystem through three major projects:

1) WeOpen: Tencent Open Source community

Tencent Cloud aims to build WeOpen, a platform for open source communication, promotion, and project incubation.

WeOpen is committed to connecting enthusiasts, practitioners, and leaders with global open source foundations to initiate new projects, co-create communities, and hold activities that extend open source culture and inspire the global open source ecosystem to flourish. 

2) Establish an industry open source joint laboratory

The open source laboratory is the landing place for the actual projects. Tencent Cloud plans to successively establish industry joint open source laboratories with well-known Chinese universities and open source organizations to provide a platform for students, researchers, and developers in the enterprise to contribute code and scenarios for open source projects to realize in the industry.

Starting with the "Rhino Bird Open Source Talent Cultivation Plan" held by Tencent this year, open source courses and practice training programs for college students help popularize open source culture, encourage contributions, and further the open source talent ecosystem.

3) Release "Cloud Native Open Source White Paper"

At the Cloud Native Industry Conference last May, Tencent Cloud and China's Institute of Information and Communications Technology announced the official preparation of the Cloud Native Open Source White Paper, which is expected to be released by the end of the year.

Tencent welcomes open source practitioners and companies to join their efforts in the above projects.

Conclusion

For more than 22 years, the ASF has proven that the Apache Way is one of the best practices for building an open organization that balances organizational structure and flexibility. Tencent continues to expand its own open source concepts, methodology, and ecosystem building, with plans to participate in more universities, companies, and organizations, while embracing the Apache Way into the future.


Mark Shan has a long career and practical experience in cloud-native, microservices, big data, edge computing, and open-source ecosystem. As the chairperson of Tencent Open Source Alliance, he works full of passion to build the ecosystem for Tencent Open Source and makes great efforts to accelerate innovation in technology and product with the open-source way. At Tencent Cloud, Mark leads the open-source team and works with organizations and communities including Apache Software Foundation,Linux Foundation, Open Atom Foundation, CAICT, COPU and others to build open-source ecosystem. He is also the observer of Linux Foundation Board, chairperson of TARS Foundation, TOC member of Open Atom Foundation and Magnolia Open Source Community, TSC member of Akraino Edge Stack, fellow of China Cloud Native Industry Alliance, advisor of Open Source Community.

= = =

"Success at Apache" is a monthly blog series that focuses on the processes behind why the ASF "just works". "Sponsor Success at Apache" features insights and experiences by select ASF Sponsors https://apache.org/foundation/thanks.html

For more Success at Apache posts, visit https://blogs.apache.org/foundation/category/SuccessAtApache

Monday November 08, 2021

The Apache News Round-up: week ending 5 November 2021

Welcome November --we've closed October with another great week. Here are the latest updates on the Apache community's activities:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 17 November 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - Our 2021 events are complete: thanks to all speakers, sponsors, participants, and planners for their great turnout!
 - Presentations for ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the Apache Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 309 Apache Committers changed 6,052,770 lines of code over 2,644 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Claus Ibsen, Yuan Tian, Andrea Cosentino, and Sebastian Rühl.  

Apache Project Announcements – the latest updates by category.

Big Data --
 - Apache Arrow 6.0.0 released
 - Apache Avro 1.11.0 released

Content --
 - Apache POI 5.1.0 released

Enterprise Processes Automation / ERP --
 - Apache OFBiz 18.12.01 released

Libraries --
 - Apache Commons CLI 1.5.0 released

Network Client/Server --
 - Apache MINA 2.0.22 and 2.1.5 released
   -- CVE-2021-41973: HTTP listener DOS

Observability --
 - Apache SkyWalking Java Agent 8.8.0 released

Servers --
 - Apache Traffic Server 9.1.1 and 8.1.3 released
 - Apache HttpComponents Client 5.2-alpha1 released

Web Frameworks -
 - Apache Wicket 9.6.0 released

Workflow --
 - Apache Airflow 2.2.1 released
 - Apache DolphinScheduler CVE-2021-27644: mysql jdbc connector parameters deserialize remote code execution


Did You Know?

 - Did you know that the following Apache Projects are celebrating anniversaries this month? Congratulations to Apache Ant (19 years); HttpComponents (14 years); Attic, Buildr, CouchDB, and Qpid (13 years); ComDev (12 years); OODT and ZooKeeper (11 years); Kafka and Syncope (9 years); Ambari (8 years); BookKeeper and Drill (7 years); Brooklyn, Groovy, Kylin, and REEF (6 years); Geode (5 years); Guacamole and Impala (4 years); Griffin (3 years); Petri (2 years); as well as Superset and TVM (1 year)

 - Did you know that Druid Summit Americas and EMEA events and watch parties start on 9 November? Secure your spot today!

 - Did you know that Ignite Summit Cloud Edition kicks off on 16 November? Learn more at http://ignite.apache.org/

Apache Community Notices

- The Apache Month in Review: October 2021 https://s.apache.org/October2021 and video highlights https://youtu.be/3rPR6tNt-dg

- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min] 

 - ASF Annual Report: FY2021 -- Press release and Report (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from ApacheCon Asia are available on YouTube

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet 
    Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
    Drew Foulks https://s.apache.org/InsideInfra-Drew
    Greg Stein Part I https://s.apache.org/InsideInfra-Greg
      ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
    Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
    Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
    Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
    Chris Lambertus Part I  https://s.apache.org/InsideInfra-ChrisL  and Part II https://s.apache.org/InsideInfra-ChrisL2

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.



Monday November 01, 2021

Apache Month in Review: October 2021

Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in October [video highlights available:

New This Month --

- Apache Software Foundation moves to CDN distribution for software.

- The Apache Software Foundation Announces Apache® OpenOffice® 4.1.11

- Presentations from ApacheCon 2021 events are available on the ASF's YouTube channel.  

- Apache Month in Review: September 2021


Important Dates --

- Next Board Meeting: 17 November 2021. Board calendar and minutes

- Apache CloudStack Collaboration Conference 2021 - 8-12 November 2021


Infrastructure --

Our seven-member Infrastructure team on three continents oversees our highly-reliable, distributed network under the leadership of VP Infrastructure David Nalley and Infrastructure Administrator Greg Stein. ASF Infrastructure supports 300+ Apache projects and their communities across ~200 individual machines, 1,400+ repositories, 5-6PB in traffic annually, ~75M downloads per month, and 2-3M daily emails on 2,000+ lists. ASF Infra performs 7M+ weekly checks to ensure services are available around the clock. The average uptime in October was 100.00%. http://www.apache.org/uptime/


Committer Activity --

In October, 643 Apache Committers changed 47,071,028 lines of code over 11,309 commits. The Committers with the top 5 highest contributions, in order, were: Claus Ibsen, Andi Huber, Gary Gregory, Andrea Cosentino, and Alex Herbert.   


Project Releases and Updates --

New releases from Apache Airflow (Big Data); Ant (Build Management); APISIX (API); Bigtop (Big Data); Calcite (Big Data); Camel (Integration); CouchDB (Big Data); DB (Database); Flink (Big Data); Geode (Database); HBase (Big Data); Hop (Orchestration); HttpComponents (Servers); HTTP Server (Servers); Jackrabbit (Content); James (Mail); Kyuubi (Incubating; Big Data); Log4cxx (Libraries); Lucene (Search); OpenMeetings (Web Conferencing); OpenOffice (Content); PLC4X (IoT); Qpid (Messaging); ShardingSphere (Big Data); ShenYu (Incubating; API); SIS (Geospatial); Skywalking (Application Performance Management); Solr (Search); Storm (Big Data); Syncope (Identity Management);Tomcat (Servers); Traffic Control (Servers); XMLBeans (Library).


Apache Project Anniversaries in October: Apache Ant (19 years); HttpComponents (14 years); Attic, Buildr, CouchDB, and Qpid (13 years); Community Development ("ComDev", 12 years); OODT and ZooKeeper (11 years); Kafka and Syncope (9 years); Ambari (8 years); BookKeeper, Drill, and MetaModel (7 years); Brooklyn, Groovy, Kylin, and REEF (6 years); Geode (5 years); Guacamole, Impala, and Mnemonic (4 years); Griffin (3 years); Petri (2 years); and Superset and TVM (1 year). Many happy returns!

The Apache Incubator is the primary entry path for projects wishing to become an official part of the ASF. More than three dozen projects are currently undergoing development in the Apache Incubator.

# # #

To see our Weekly News Round-ups (published every Friday), visit https://blogs.apache.org/foundation/ and click on the calendar or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. We appreciate your support!

The Apache News Round-up: week ending 29 October 2021

Farewell, October --we're wrapping up the month with another great week. Here are the latest updates on the Apache community's activities:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 17 November 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - Our 2021 events are complete: thanks to all speakers, sponsors, participants, and planners for their great turnout!
 - Presentations for ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.

ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the Apache Infrastructure Uptime site to see the most recent averages.

Apache Code Snapshot – Over the past week, 320 Apache Committers changed 12,061,492 lines of code over 2,610 commits. Top 5 contributors, in order, are: Tomaz Muraus, Udo Schnurpfeil, David Jencks, Claus Ibsen, and Konrad Windszus.  

Apache Project Announcements – the latest updates by category.

API --
 - Apache ShenYu (incubating) 2.4.1 available

Big Data --
 - Apache Bigtop 3.0.0 released
 - Apache Kyuubi (incubating) 1.3.1-incubating released
 - Apache HBase 1.4.14 released

Databases --
 - Apache Geode 1.12.5 released

IoT --
 - Apache PLC4X 0.9.0 released

Messaging --
 - Apache Qpid ProtonJ2 1.0.0-M3 released 

Servers --
 - Apache HttpComponents Client 5.1.1 GA released

Web Conferencing --
 - Apache OpenMeetings 6.2.0 released


Did You Know?

 - Did you know that organizations can support the ASF through one-time or recurring corporate contributions, matching gifts, and other corporate giving initiatives? 

 - Did you know that presentations from ApacheCon's 2021 events are available on the ASF's YouTube channel

 - Did you know that BNP Paribas uses Apache Ignite as a Hybrid Transactional-Analytical Processing solution?

Apache Community Notices

- The Apache Month in Review: September 2021 https://s.apache.org/September2021 and video highlights https://youtu.be/v3GdwUmevog

- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min] 

 - ASF Annual Report: FY2021 -- Press release and Report (PDF)

 - The Apache Way to Sustainable Open Source Success 

 - Foundation Reports and Statements

 - Presentations from ApacheCon Asia are available on YouTube

 - "Success at Apache" focuses on the people and processes behind why the ASF "just works." 

 - Inside Infra: the new interview series with members of the ASF infrastructure team --meet 
    Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
    Drew Foulks https://s.apache.org/InsideInfra-Drew
    Greg Stein Part I https://s.apache.org/InsideInfra-Greg
      ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
    Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
    Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
    Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
    Chris Lambertus Part I  https://s.apache.org/InsideInfra-ChrisL  and Part II https://s.apache.org/InsideInfra-ChrisL2

 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn

 - Follow the Apache Community on Facebook and Twitter

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos.


Stay updated about The ASF

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.



Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation