The Apache Software Foundation
Blogging in Action.

The Apache Way defines Open Source in terms of both a legal and a social framework for collaboration. It helps others understand what makes Open Source powerful and how participants are expected to behave. In this post we will examine The Apache Way in the context of the Foundation's mission:

Let's dissect this mission statement. 

"Provide Software for the Public Good"

Key points in this section: 

• We produce software that is non-excludable and non-rivalrous
  
  
• Use of the software in any context does not reduce its availability to others
  
  
• Users and contributors have no committed responsibility to the foundation, our projects or our communities
  
  
• Use of a license that conforms to the Open Source Definition is necessary but not sufficient to deliver on our mission 
  
  

Investopedia defines a public good as "a product that one individual can consume without reducing its availability to another individual, and from which no one is excluded." On the surface, this is a good definition for our use of the term. However, there is a nuance in our use. Our mission is not to produce "public goods" but to "provide software for the public good". 

To understand why this is important, one needs to think about what motivates the ASF to produce software that is a public good.

Open Source software can be digitally copied and reused in an unlimited number of ways. Every user can modify it for their specific needs. They can combine it with other software. They can design innovative new products and services using it and can make a living from the proceeds. This is all possible without impacting other people's use of the software. As such, the ASF produces software that can be used for the public good in many different ways.

To allow us to deliver on this part of the mission, it is critical that we adopt a license that uses the law to protect the software curated here at the Foundation. For us that license is the Apache License, Version 2. In addition, we adopt an inbound licensing policy that defines which licenses are allowable on software reused within Apache projects. This policy can be summarized as: 

• The license must meet the Open Source Definition (OSD).
  
  
• The license, as applied in practice, must not impose significant restrictions beyond those imposed by the Apache License 2.0.
  
  

This means that you can be assured that software curated by projects within The Apache Software Foundation is both a public good and for the public good. You can use Apache software for any purpose and you have no responsibility to the Foundation or the project to contribute back (though as addressed in the next section, it is often in your interests to do so). 

It is important to recognize that there are software projects out there that adopt our license but do not adopt our inbound licensing policy. Such projects may bring restrictions that are not covered by our license; therefore, it is important to carefully examine the licensing policies of these projects. Using the Apache License alone may not provide you with the same options a Foundation project provides. 

Apache projects are successful, in large part, because of our diligence with respect to clearly-defined licensing policies. Such diligence makes it much easier for downstream users to understand what they can and cannot do with Apache software. The Apache License is deliberately permissive to ensure that everyone has an opportunity to participate in Open Source within the ASF or elsewhere. Modifications of our license are allowed, but modified licenses are neither the Apache License nor affiliated with or endorsed by The Apache Software Foundation. No modified license can be represented as such. Modified licenses that use the Apache name are strictly disallowed, as they are both confusing to users and undermine the Apache brand.

While we recognize that there are many ways to license software, whether Open Source or otherwise, we assert that only projects that use both our license (unmodified) and our inbound licensing policy truly follow and adhere to The Apache Way. 

While an OSD-approved license and associated policies are necessary for successful Open Source production, they are not sufficient. They provide a legal framework for the production of Open Source, but they do not provide a social framework, which brings us to the second sentence of our mission:

"The mission of the Apache Software Foundation is to provide software for the public good. We do this by providing services and support for many like-minded software project communities of individuals who choose to contribute to Apache projects."

"Like-Minded Software Project Communities of Individuals"

Key points in this section: 

• The Apache Way provides a governance model designed to create a social framework for collaboration
  
  
• The Apache Software Foundation develops communities, and those communities develop software
  
  
• ASF project communities develop and reuse software components that in turn may be reused in products
  
  
• Users of ASF software often build products and services using our software components
  
  
• Our model, and others like it, have produced some of the largest and longest-lived Open Source projects that have literally revolutionized the industry 

There is a lot packed into these few words. It is an understanding of these words that makes the difference between software that is under an Open Source license and software that reaches sustainability through The Apache Way. These words underscore the fact that the Foundation does not directly produce software. That's right, The Apache Software Foundation, with upwards of $8Bn of software code, does not directly produce software. Rather than focus on software, we focus on the creation of and support of collaborative communities; the software is an intentional by-product. 

Our like-minded project communities come together because they share common problems that can be addressed in software. As the saying goes, "a problem shared is a problem halved". By bringing together individuals with their unique ideas and skills, we break down barriers to collaboration. 

The Apache Way is carefully crafted to create a social structure for collaboration, which complements the legal framework discussed above. Where the legal framework ensures an equal right to use the software, The Apache Way ensures an equal ability to contribute to the software. This is critically important to the long term sustainability of Open Source software projects. This social structure for collaboration is missing from many non-Apache projects, yet a robust social structure is invariably a key component in long-term successful projects outside of the ASF.

The Apache Way is fully inclusive, open, transparent and consensus-based. It promotes vendor neutrality to prevent undue influence (or control) from a single company. It ensures that any individual with a valuable contribution is empowered, and it seeks to assure that a project remains sustainable despite inevitable changes in community membership over time.

Apache projects typically produce software components that can be combined with other software (of any license) in different ways to solve different problems. This provides plenty of opportunity for participants to collaborate within a given software project independent of their relationship outside the Foundation. This is very different from the idea of licensing your product as a whole under an Open Source license. Our model offers more opportunities for reuse which, in turn, increase the pool of individuals likely to contribute to the project.

In addition, our merit-based system seeks to ensure that as people come and go, for whatever reason, there is always someone to take their place. As a result, some ubiquitous Apache projects have existed for over 20 years and helped commercialize the World Wide Web; while dozens of newer projects have defined industry segments such as Big Data and IoT (Internet of Things). 

A core tenet of The Apache Way is "Community Over Code", which encapsulates our deep belief that a healthy community is a far higher priority than good code. A strong community can always rectify a problem with the code, whereas an unhealthy community will likely struggle to maintain a codebase in a sustainable manner. Healthy communities ensure the Foundation has the stability to thrive for the next 20 years and beyond. Apache projects do not have the problem of scaling that others, who focus only on the legal frameworks of Open Source, suffer from. If you look around at projects that have grown up alongside the Apache projects, you will see a similar focus on scaling the governance model. This is no accident. 

Why this is Important

Software is a critical part of any modern economy. It touches every part of every life in the developed world, and is increasingly transforming everyday life, from womb to grave, everywhere.

At The Apache Software Foundation, we believe that every developer has their personal motivations for building software. We celebrate their right to choose when and how they build their software, including their right to use a non-open license. 

We will not dictate what is best for developers or for the software industry.

We care about the provision of software that enables our users, our contributors, and the general public to decide what is best for them.

We welcome you to use our software and contribute to our projects -- or not. It's up to you. 

We ask that you leave commercial interests at the door.

Countless organizations are proving that their team members who collaborate in a vendor-neutral environment often apply Open Innovation processes (such as The Apache Way) to their work. This helps create internal efficiencies and lays the groundwork for new external opportunities that may provide additional added benefits.

Bringing only your intention of contributing what best serves the greater Apache community reinforces trust in the people and projects behind the Apache brand, and helps us realize our mission of providing software for the public good. 

We learn together and work together to deliver the best software we can. 

Apache software is available for all.

The freedom to choose is what makes the Foundation and Apache projects so strong.

Summary

The software industry has changed and continues to change. The ways software is delivered to end users have changed. Some of the leaders in our industry have retired and new leaders have emerged. But some things have not changed. Our model of collaborative software development, through a combination of a licensing and social framework, remains one of the most successful models of software production.

Increasing the number of users, even those who do not contribute to code, should be seen as a benefit, not a problem, in Open Source. More users present an opportunity. At Apache, more users means more success since they are our future contributors.

As a US 501(c)(3) public charitable organization, The Apache Software Foundation helps individuals and organizations understand how Open Source at scale works in a highly competitive market. For more than two decades our focus has not been on producing software, but rather mentoring communities who produce software. The Apache Way advances sustainable Open Source communities: everything we do is Open Source so all kinds of users can benefit from our experience. Apache is for everyone.

# # #

ApacheCon™ –the ASF's official global conference series, now in its 21st year.
 - Join us: Apache Roadshow/DC and Open Source Career Fair 25 March 2019 http://www.apachecon.com/usroadshowdc19/
 - Join us + CFP EXTENDED: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/
 - CFP OPEN! ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/
 - REGISTRATION OPEN: ApacheCon Europe 22-24 October in Berlin http://www.apachecon.com/aceu19/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.99% uptime. Go Mighty Infra! Four nines! http://www.apache.org/uptime/

Apache Code Snapshot –this week, 485 Apache contributors changed 997,317 lines of code over 2,726 commits. Top 5 contributors, in order, are: Andrea Cosentino, Guanghao Zhang, Claus Ibsen, Fabio Utzig, and Jean-Baptiste Onofré.

Apache Project Announcements –the latest updates by category.

Big Data --
 - Apache CouchDB 2.3.1 released https://couchdb.apache.org/

Content --
 - Apache JSPWiki 2.11.0.M2 released http://jspwiki.apache.org/

Databases --
 - Apache Derby 10.15.1.3 released https://db.apache.org/

IoT --
 - Apache PLC4X (incubating) 0.3.1 released http://plc4x.apache.org

Network-Server --
 - Apache MINA 2.0.20 released http://mina.apache.org/

Search --
 - Apache Solr Reference Guide 7.7 released https://lucene.apache.org/solr/guide/7_7

Testing --
 - Apache JMeter 5.1.1 released https://jmeter.apache.org/

Did You Know?

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, now in its 21st year.
 - MEDIA ALERT: The Apache Software Foundation to present on Apache software projects in government, cybersecurity, and more at Roadshow and Open Source Job Fair at George Mason University https://s.apache.org/oGww
 - Join us: Apache Roadshow/DC and Open Source Career Fair 25 March 2019 http://www.apachecon.com/usroadshowdc19/
 - Join us: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/
 - CFP OPEN! ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/
 - Save the Date: ApacheCon Europe 22-24 October in Berlin http://www.apachecon.com/aceu19/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.90% uptime. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 512 Apache contributors changed 947,385 lines of code over 3,146 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Ash Berlin-Taylor, Iñigo Goiri, Claus Ibsen, Eric Barnhill.

Apache Project Announcements –the latest updates by category.

Content --
 - Apache Any23 2.3 released http://any23.apache.org/

Databases --
 - Apache Jackrabbit 2.8.10 released http://jackrabbit.apache.org/
 - Apache Curator 4.2.0 released http://curator.apache.org

HTTP --
 - HttpComponents Core 5.0 beta7 released http://hc.apache.org/

Library --
- Apache MXNet (incubating) 1.4.0 released http://mxnet.incubator.apache.org/

Messaging --
 - Apache Pulsar 2.3.0 released https://pulsar.apache.org/

Network-Server --
 - Apache Lucene CVE-2019-0192 Deserialization of untrusted data via jmx.serviceUrl in Apache Solr http://mail-archives.apache.org/mod_mbox/www-announce/201903.mbox/%3CCAECwjAV1buZwg%2BMcV9EAQ19MeAWztPVJYD4zGK8kQdADFYij1w%40mail.gmail.com%3E
 - Apache Tomcat 7.0.93 released http://tomcat.apache.org/

Testing --
 - CVE-2019-0187: Apache JMeter Missing client auth for RMI connection when distributed test is used http://mail-archives.apache.org/mod_mbox/www-announce/201903.mbox/%3CCAH9fUpaUQaFbgY1Zh4OvKSL4wdvGAmVt%2Bn4fegibDoAxK5XARw%40mail.gmail.com%3E

Did You Know?

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, now in its 21st year.
 - Join us: Apache Roadshow/DC and Open Source Career Fair 25 March 2019 http://www.apachecon.com/usroadshow18/
 - Join us: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/index.html
 - Save the Date: ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/
 - Save the Date: ApacheCon Europe 22-24 October in Berlin http://www.apachecon.com/aceu19/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.93% uptime. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 493 Apache contributors changed 1,098,430 lines of code over 2,927 commits. Top 5 contributors, in order, are: Vishal Suvagia, Andrea Cosentino, Tzu-Li Tai, Zhang Duo, and Claus Ibsen.

Apache Project Announcements –the latest updates by category.

Big Data --
 - Apache Trafodion 2.3.0 released https://trafodion.apache.org/

Content --
 - Apache UIMA Ruta 2.7.0 released http://uima.apache.org/
 - Apache PDFBox 2.0.14 released http://pdfbox.apache.org/

Databases --
 - Apache Jackrabbit Oak 1.10.1 released http://jackrabbit.apache.org/

 Library --
- Apache Daffodil (incubating) 2.3.0 https://daffodil.apache.org/

Messaging --
 - Apache Pulsar 2.3.0 released https://pulsar.apache.org/

Network-Server --
 - Apache Tomcat 7.0.93 released http://tomcat.apache.org/

Did You Know?

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, now in its 21st year.
 - Join us: Apache Roadshow/DC and Open Source Career Fair 25 March 2019 http://www.apachecon.com/usroadshow18/
 - CFP CLOSING TODAY: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/index.html
 - Save the Date: ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.94% uptime. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 457 Apache contributors changed 794,949 lines of code over 2,520 commits. Top 5 contributors, in order, are: Colm Ó hÉigeartaigh, Michael Stack, Iñigo Goiri, Claus Ibsen, and Andrea Cosentino.

Apache Project Announcements –the latest updates by category.

Big Data --
 - The Apache® Software Foundation Announces Apache Arrow™ Momentum https://s.apache.org/zhaP
 - Apache Beam 2.10.0 released https://beam.apache.org/
 - Apache Flink 1.7.2 released https://flink.apache.org/
 - Apache Kafka 2.1.1 released https://kafka.apache.org/ - Apache NiFi 1.9.0 released https://nifi.apache.org/

Library --
 - Apache Commons Codec 1.12 released http://commons.apache.org/
 - Apache Olingo 2.0.11 released http://olingo.apache.org/

Messaging --
 - Apache Pulsar 2.3.0 released https://pulsar.apache.org/

Testing --
 - Apache JMeter 5.1 released https://jmeter.apache.org/

Did You Know?

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, now in its 21st year.
 - Join us: Apache Roadshow/DC and Open Source Career Fair 25 March 2019 http://www.apachecon.com/usroadshow18/
 - CFP CLOSING TODAY: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/index.html
 - Save the Date: ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.88% uptime. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 477 Apache contributors changed 776,105 lines of code over 2,899 commits. Top 5 contributors, in order, are: Sean Busbey, Duo Zhang, Andrea Cosentino, Claus Ibsen, and Sebastian Bazley.

Apache Project Announcements –the latest updates by category.

Library --
 - Apache Apache Commons Collections 4.3 released http://commons.apache.org/

Logging --
 - Apache Log4j 2.11.2 released https://logging.apache.org/

Network/Server --
 - Apache Tomcat 8.5.38 released http://tomcat.apache.org/ - Apache Qpid Proton 0.27.0 released http://qpid.apache.org/

Search --
 - Apache Lucene 7.7.0 and Solr 7.7.0 released http://lucene.apache.org/
 - CVE-2017-3164 SSRF issue in Apache Solr http://mail-archives.apache.org/mod_mbox/www-announce/201902.mbox/%3CCAECwjAVjBN%3DwO5rYs6ktAX-5%3D-f5JDFwbbTSM2TTjEbGO5jKKA%40mail.gmail.com%3E

Did You Know?

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, now in its 21st year.
 - Join us: Apache Roadshow/DC and Open Source Career Fair 25 March 2019 http://www.apachecon.com/usroadshow18/
 - CFP Now Open: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/index.html
 - Save the Date: ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.98% uptime. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 409 Apache contributors changed 780,780(!) lines of code over 2,663 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Sean Busbey, Andrea Cosentino, Duo Zhang, and Mark Thomas.

Apache Project Announcements –the latest updates by category.

BigData -- 
 - Apache BookKeeper 4.9.0 released http://bookkeeper.apache.org/

Cloud --
 - Apache jclouds 2.1.2 released https://jclouds.apache.org/

Content --
 - Apache Jackrabbit 2.19.1 released http://jackrabbit.apache.org/

IoT --
 - Apache PLC4X (incubating) 0.3.0 released http://plc4x.apache.org

Library --

 - Apache Commons VFS 2.3 released http://commons.apache.org/
 - Apache Groovy (incubating) 2.5.6 released https://groovy.apache.org/

Network/Server --
 - Apache Tomcat 9.0.16 and Tomcat Native 1.2.21 released http://tomcat.apache.org/

Web Framework --
 - Apache MyFaces Core v2.3.3 released http://myfaces.apache.org/
 - Apache Wicket 7.12.0 released https://wicket.apache.org

Did You Know?

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ASF Fundraising –oversees ASF Sponsorship as well as Individual and Corporate Giving programs.
 - The Apache Software Foundation Welcomes Amazon Web Services (AWS) as its Newest Sponsor https://s.apache.org/7UKJ

ApacheCon™ –the ASF's official global conference series, now in its 21st year.
 - Join us: Apache Roadshow/DC and Open Source Career Fair 25 March 2019 http://www.apachecon.com/usroadshow18/
 - CFP Now Open: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/index.html
 - Save the Date: ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.98% uptime. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 469 Apache contributors changed 954,152 lines of code over 3,244 commits. Top 5 contributors, in order, are: Radu Cotescu, Robert Munteanu, Andrea Cosentino, Jean-Baptiste Onofré, and Duo Zhang.

Apache Project Announcements –the latest updates by category.

Content --
 - Apache JSPWiki 2.11.0.M1 released http://jspwiki.apache.org/
 - [CVE-2018-20242] Apache JSPWiki Cross-site scripting vulnerability on Apache JSPWiki http://mail-archives.apache.org/mod_mbox/www-announce/201901.mbox/%3CCAMufup5Mj5hvg3%2BRFUYRTOXsrj%2BcY5mpU_1h9WS%2Be7Q3SW7zOg%40mail.gmail.com%3E

HTTP --
 - Apache Traffic Server v8.0.2 released https://trafficserver.apache.org/

Identity Management --
 - Apache Kerby 2.0.0 released http://directory.apache.org/kerby

Library --
 - Apache Commons BCEL 6.3 released https://commons.apache.org/

Web Framework --
 - Apache Wicket 8.3.0 released https://wicket.apache.org

Did You Know?

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, now in its 21st year.
 - Join us: Apache Roadshow/DC and Open Source Career Fair 25 March 2019 http://www.apachecon.com/usroadshow18/
 - CFP Now Open: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/index.html
 - Save the Date: ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.98% uptime. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 453 Apache contributors changed 713,027 lines of code over 2,592 commits. Top 5 contributors, in order, are: Andrea Cosentino, Ravindra Pesala, Claus Ibsen, Tellier Benoit, and Duo Zhang.

Apache Project Announcements –the latest updates by category.

Big Data --
 - Apache Arrow 0.12.0 released https://arrow.apache.org/
 - The Apache Software Foundation Announces Apache® Hadoop® v3.2.0 https://s.apache.org/HK21

Build Management --
 - [CVE-2018-11803] Apache Subversion Denial of Service Vulnerability http://mail-archives.apache.org/mod_mbox/www-announce/201901.mbox/%3C60d59530-6950-35c5-d118-69e5549b7bf1%40apache.org%3E

HTTP --
 - HttpComponents Core 4.4.11 and Client 4.5.7 GA released http://hc.apache.org/

Identity Management --
 - Apache Syncope 2.0.12 and 2.1.3 released http://syncope.apache.org/

Library --
 - Apache Yetus released https://yetus.apache.org/

Network Client/Server --
 - [SECURITY] CVE-2018-1340: Secure flag missing from Apache Guacamole session cookie http://mail-archives.apache.org/mod_mbox/www-announce/201901.mbox/%3CCALKeL-O%2B%3DRxbd0y%2BhSB9%3DY0N400A8sV2BiKgZfNsjGxZipA-uQ%40mail.gmail.com%3E

Did You Know?

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, now in its 21st year.
 - Join us: Apache Roadshow/DC and Open Source Career Fair 25 March 2019 http://www.apachecon.com/usroadshow18/
 - CFP Now Open: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/index.html
 - Save the Date: ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.97% uptime. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 479 Apache contributors changed 1,041,597 lines of code over 2,850 commits. Top 5 contributors, in order, are: Andrea Cosentino, Tellier Benoit, Kaxil Naik, Claus Ibsen, and Xiaoyu Yao.

Apache Project Announcements –the latest updates by category.

Big Data --
 - Apache Kylin 2.6.0 released https://kylin.apache.org/

Database --
 - Apache Jackrabbit Oak 1.6.16, 1.8.11, and 1.10.0 released http://jackrabbit.apache.org/

FinTech --
 - Apache Fineract 1.2.0 released http://fineract.apache.org/

Library --
 - Apache Commons FileUpload 1.4 released http://commons.apache.org/

Web Framework --
 - Apache Struts 2.5.20 GA and 2.3.37 GA released https://struts.apache.org/

Did You Know?

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, now in its 21st year.
 - Join us: Apache Roadshow/DC and Open Source Career Fair at George Mason University 25 March 2019 http://apachecon.com/
 - CFP Now Open: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/index.html
 - Save the Date: ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - NEW statistics and visualizations for 7M+ weekly checks: 99.95% uptime. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 440 Apache contributors changed 1,027,772 lines of code over 3,027 commits. Top 5 contributors, in order, are: Kaxil Naik, Ash Berlin-Taylor, Andrea Cosentino, Chesnay Schepler, and Tellier Benoit.

Apache Project Announcements –the latest updates by category.

Big Data --
 - The Apache Software Foundation Announces Apache® Airflow™ as a Top-Level Project https://s.apache.org/LeeE
 - Apache Flume 1.9.0 released http://flume.apache.org/
 - Apache HBase 2.0.4 and 2.1.2 released https://hbase.apache.org/

Network Client/Server --
 - Apache Guacamole 1.0.0 released http://guacamole.apache.org/
 - Apache Jackrabbit 2.10.9 released http://jackrabbit.apache.org/
 - Apache Qpid Broker-J 7.1.0 released http://qpid.apache.org

Did You Know?

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, now in its 20th year.
 - CFP Now Open: Apache Roadshow Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/index.html
 - Save the Date: ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - NEW statistics and visualizations for 7M+ weekly checks: 99.96% uptime. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 293 Apache contributors changed 960,842 lines of code over 1,707 commits. Top 5 contributors, in order, are: Tilman Hausherr, Dan Haywood, Claus Ibsen, Kaxil Naik, and Olivier Lamy.

Apache Project Announcements –the latest updates by category.

Attic --
 - Apache Tiles retired http://attic.apache.org

Big Data --
 - Apache Drill 1.15.0 released https://drill.apache.org/

Java --
 - Apache Juneau 8.0.0 released http://juneau.apache.org/

Incubating Podlings --
 - Apache NetBeans 10.0 released https://netbeans.apache.org/

Library --
 - Apache Groovy 3.0.0-alpha-4 released http://groovy.apache.org
 - Apache Log4j Kotlin API 1.0.0 released https://logging.apache.org/
 - OpenNLP 1.9.1 released http://opennlp.apache.org/

Microservices --
 - Apache ServiceComb Pack version 0.3.0 released http://servicecomb.apache.org/

Network Client/Server --
 - Apache OpenMeetings 4.0.7 released https://openmeetings.apache.org

Did You Know?

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, now in its 20th year.
 - CFP Now Open: Apache Roadshow Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/index.html
 - Save the Date: ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield polished performance at 98.64% uptime. http://status.apache.org/

Apache Code Snapshot –this week, 247 Apache contributors changed 519,494 lines of code over 1,358 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Konstantin V Shvachko, Michael Osipov, Philippe Mouawad, and Thomas Andraschko.

Apache Flink™ –an Open Source stream processing framework for distributed, high-performing, always-available, and accurate Big Data streaming applications.
 - Apache Flink 1.5.6, 1.6.3, and 1.7.1 released https://flink.apache.org/

Apache Groovy™ –a multi-faceted programming language for the JVM.
 - Apache Groovy 2.5.5 released https://groovy.apache.org/

Apache Qpid™ –the latest release of the newer JMS client supporting the Advanced Message Queuing Protocol 1.0 (AMQP 1.0, ISO/IEC 19464), based around the Apache Qpid Proton protocol engine and implementing the AMQP JMS Mapping as it evolves at OASIS.
 - Apache Qpid JMS 0.40.0 released http://qpid.apache.org

Apache Tika™ –a toolkit for detecting and extracting metadata and structured text content from various documents using existing parser libraries.
 - Apache Tika 1.20 released https://tika.apache.org/
 - [CVE-2018-17197] Apache Tika Denial of Service -- Infinite Loop in Tika's SQLite3Parser http://mail-archives.apache.org/mod_mbox/www-announce/201812.mbox/%3CCAC1dCwWhYmbkxAvFKgGSFd_ffp5EeCimB2gBXTo%2B9-F7v6TSNQ%40mail.gmail.com%3E

Did You Know?

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, now in its 20th year.
 - CFP Now Open: Apache Roadshow Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/index.html
 - Save the Date: ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield nice-not-naughty performance at 98.90% uptime. http://status.apache.org/

Apache Code Snapshot –this week, 473 Apache contributors changed 1,132,275 lines of code over 2,913 commits. Top 5 contributors, in order, are: Jonathan Hung, Andrea Cosentino, Mehul Parikh, Robert Munteanu, and Stephen Mallette.

Apache HttpComponents™ –a library for client-side HTTP communication built on HttpCore.
 - Apache HttpComponents Client 5.0 beta3 released http://hc.apache.org/

Apache Jackrabbit™ Oak –a scalable, high-performance hierarchical content repository designed for use as the foundation of modern world-class Web sites and other demanding content applications.
 - Apache Jackrabbit Oak 1.8.10 released http://jackrabbit.apache.org/

Apache Knox™ –a REST API Gateway for providing secure access to the data and processing resources of Apache Hadoop clusters.
 - Apache Knox 1.2.0 released https://knox.apache.org/

Apache Lucene™ –a high-performance, full-featured text search engine library written entirely in Java.
 - Apache Lucene 7.6.0 released http://lucene.apache.org/
 - Solr Reference Guide for 7.6 released https://www.apache.org/dyn/closer.cgi/lucene/solr/ref-guide/apache-solr-ref-guide-7.6.pdf

Apache ServiceComb™ –a type of Compensating Transaction pattern, which provides a simple way to help users solve the data consistency problems encountered in micro-service applications.
 - Apache ServiceComb Saga Actuator v0.3.0 released http://servicecomb.apache.org/

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies. 
 - Apache Tomcat 8.5.37 and 9.0.14 released http://tomcat.apache.org/

Did You Know?

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, now in its 20th year.
 - CFP Now Open: Apache Roadshow Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/index.html
 - Save the Date: ApacheCon North America 2019 will take place 9-13 September in Las Vegas http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield grand performance at 99.64% uptime. http://status.apache.org/

Apache Code Snapshot –this week, 469 Apache contributors changed 968,811 lines of code over 2,704 commits. Top 5 contributors, in order, are: Mark Robert Miller, Mark Thomas, Andrew Purtell, Andrea Cosentino, and Matteo Merli.

Apache Beam™ –an Open Source unified programming model to define and execute Big Data processing pipelines.
 - Apache Beam 2.9.0 released https://beam.apache.org/

Apache Calcite™ Avatica –a framework for building database drivers.
 - Apache Calcite Avatica 1.13.0 released https://calcite.apache.org/

Apache Geode™ –a Big Data management platform that provides a database-like consistency model, reliable transaction processing and a shared-nothing architecture to maintain very low latency performance with high concurrency processing.
 - Apache Geode 1.8.0 released http://geode.apache.org/

Apache Griffin™ –Open Source Big Data quality solution.
 - The Apache Software Foundation Announces Apache® Griffin™ as a Top-Level Project https://s.apache.org/n21m

Apache Gobblin (incubating) –a distributed data integration framework that simplifies common aspects of Big Data integration.
 - Apache Gobblin (incubating) 0.14.0 released https://gobblin.apache.org/

Apache Groovy™ –a multi-faceted programming language for the JVM.
 - Apache Groovy 2.4.16 released http://groovy.apache.org

Apache Hivemall (incubating) –a scalable machine learning library implemented as Hive UDFs/UDAFs/UDTFs. 
 - Apache Hivemall 0.5.2-incubating released http://hivemall.incubator.apache.org/

Apache Jackrabbit™ –a fully compliant implementation of the Content Repository for Java(TM) Technology API, version 2.0 (JCR 2.0) as specified in the Java Specification Request 283 (JSR 283).
 - Apache Jackrabbit 2.19.0 released http://jackrabbit.apache.org/

Apache Log4j™ Audit –a framework for performing audit logging using a predefined catalog of audit events.
 - Apache Log4j-Audit 1.0.1 released http://logging.apache.org/

Did You Know?

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA