Index
Links: 2008 - All years
- Original The Apache Software Foundation
Board of Directors Meeting Minutes
August 20, 2008
1. Call to order
The meeting was scheduled for 10:00am (Pacific) and began at
10:01 when a sufficient attendance to constitute a
quorum was recognized by the chairman. The meeting was held
via teleconference, hosted by Jim Jagielski and Covalent.
IRC #asfboard on irc.freenode.net was used for backup
purposes.
2. Roll Call
Directors Present:
Justin Erenkrantz
J Aaron Farr
Jim Jagielski
William Rowe Jr
Sam Ruby
Henning Schmiedehausen
Greg Stein (except for 10:54 to 11:00)
Directors Absent:
Bertrand Delacretaz
Geir Magnusson Jr.
Guests:
Sander Striker (until 11:30)
Craig Russell
Henri Yandell
3. Minutes from previous meetings
Minutes (in Subversion) are found under the URL:
https://svn.apache.org/repos/private/foundation/board/
A. The meeting of July 16, 2008
See: board_minutes_2008_07_16.txt
Minutes were tabled and were the basis of a discussion item later
in the agenda.
4. Executive Officer Reports
A. Chairman [Jim]
Since the last board meeting, the major foundation-wise news was the
announcement of Microsoft as a new Platinum Sponsor (as noted in
the PRC report). The significance of this should not be minimized:
The ASF is seen, by Microsoft as well as others, as the pragmatic
yet steadfast voice (and organization) in the FOSS space. Our
committment to FOSS, our charter and our (for lack of a better term)
"moral compass" is never in question, yet we are also considered
as reasonable and realistic people. In addition to creating an
organization which allows us to develop code and grow communities,
we are also in a unique position to help other entities understand
more about open source (and open source collaboration and methods)
as they make their transitions towards embracing FOSS. We should be
proud.
Our D&O Insurance was renewed but with a higher liability coverage
this cycle as compared with last year. We are also looking at
extending coverage for other items as well. Thanks goes to the EA
for handling this effort.
As noted in the Action Items section, I worked with the EA to
get the Parallels partition (which contains our QB installation)
up and running on his Windows machine (via WMWare). It's good to
know, for future information, that the Parallels->VMWare partition
converter works just fine, since I know that Aaron has expressed
some interest in migrating to VMWare.
There was some (healthy) discussion regarding the level of detail
we "want" included in the board minutes. This is noted as a
discussion item for this meeting.
There were no other board related issues/discussions during this
time, nor any TLP graduations. There were a handful of PMC change
requests, which have been acked as normal.
Justin was concerned that no officer had approved the renewal;
Jim confirmed that he had done so. All agreed that this
constituted adequate oversight. Jim expressed that overlap
between assigned tasks is normal and expected, the only area
where improvement could be made is on communication.
B. President [Justin]
The big event over the last month was OSCON. A number of member
and committers were present, so it was good to see so many ASF
folks! Obviously, Sam Ramji's keynote announcement (of which I
got up on stage for) of Microsoft becoming our third (and final
for now) Platinum sponsor was the biggest visible news from the
event. I am delighted to welcome Microsoft as sponsors and see
the continued filling-out of our sponsorship program. Over a
number of fronts, we continue to talk with Microsoft about how
they can further increase their participation with the ASF.
Paul Querna and I had conversations with Amazon regarding
extending EC2 credit to ASF projects. Amazon indicated that they
only have an interest in supporting novel uses of EC2 and are not
interested in supporting mundane tasks on EC2 (such as build farms).
We will be collecting 'pilot' projects which meet this 'novel'
criteria and passing them along to Amazon for approval.
As mentioned last month, I have been invited to the OSL Advisory
Board. Roy Fielding and I drove down to Corvallis after OSCON and
did a meet-and-greet with their director and Roy's wife took some
pictures for the infrastructure team to use. Initial tasks for
the advisory board include advising OSL on their fundraising
strategies. Since OSL is not directly supported by OSU and the
majority of our infrastructure is hosted there, I believe it is
in our best interest to provide some logistical assistance to OSL.
During OSCON, a number of folks expressed an interest in seeing
the ASF step up our involvement and visibility with OSCON. In
coordination with Sally and the PRC, I will discuss with Allison
Randal how we could be more visible in future iterations of OSCON.
As also noted in the Secretary's report, our address with Wells
Fargo has largely been transitioned over to the Secretary. After
our last meeting, I sent all of my Treasurer materials to the
Secretarial Assistant for processing and safekeeping. This month,
I have just received one stray "Client Analysis Statement" from
Wells Fargo, which will be sent off shortly.
Finally, I will note that we seem to have continued problems
paying our invoices and such on-time. Besides missing payments for
our new Florida ISP, I believe we are currently past due on the
invoice from Dell for the Geronimo machines. This may have an
impact on our future dealings with Dell as they may require full
payment upfront due to our delinquent payment history - this will
needlessly increase the complications in the ordering process.
Bill suggests that Justin mention OSCON visibility on the
travel-assistance mailing list. Bertrand and Ross are on the
PRC with focus on out-reach. At least two members of the ASF
are on the OSCON Conference Committee. Sam confirmed that
Allison was the one that Justin should be working with. Jim
requests that the PRC be copied on such discussions.
C. Treasurer [J Aaron]
I'm still in the middle of working on the taxes and updating
the books. I had hoped to have it done for the meeting today,
but I expect I need one more day. The taxes are my top
priority right now.
Current treasurer tasks include:
- Invoices to Microsoft and Yahoo! for sponsorship money
- Follow-up with Wells Fargo on increase in credit line
- Follow-up with Wells Fargo on why new cards are not listed in
our online banking (CEO) account.
- Get Sander reimbursed for the flowers
The $360.04 different between the two reports is due to an
equivalent payment on Justin's and Sam's credit cards. Our
large income was from Stone Circle productions for ApacheCon US
2007 profit.
Statement of Financial Income and Expense
July 16 through August 20, 2008
TOTAL
Ordinary Income/Expense
Income
Program Income
Conference 18,394.00
Total Program Income 18,394.00
Contributions Income
Unrestricted 617.13
Total Contributions Income 617.13
Total Income 19,011.13
Expense
Bank Service Charges 280.27
Contract Labor 1,800.00
Program Expenses
Public Relations Staff 4,444.44
Infrastructure Staff 6,000.00
Colocation Expenses 1,043.77
Total Program Expenses 11,488.21
Total Expense 13,568.48
Net Ordinary Income 5,442.65
Net Income 5,442.65
The Apache Software Foundation
Statement of Financial Position
As of August 20, 2008
Aug 20, 08 Jul 15, 08 $ Change % Change
ASSETS
Current Assets
Checking/Savings
Paypal 304.11 196.98 107.13 54.4%
Wells Fargo Analyzed Account 96,671.55 91,696.07 4,975.48 5.4%
Wells Fargo Savings 157,214.03 157,214.03 0.00 0.0%
Total Checking/Savings 254,189.69 249,107.08 5,082.61 2.0%
Total Current Assets 254,189.69 249,107.08 5,082.61 2.0%
TOTAL ASSETS 254,189.69 249,107.08 5,082.61 2.0%
Aaron will take care of the Dell invoice, and will work on defining a
better workflow for invoices.
Bill suggested that "Public Relations" should be "Public
Relations Services".
D. Secretary [Sam]
0 grants, 50 iclas, and 6 cclas were processed since the last report.
The draft minutes for the last minute provoked a discussion as to
what should be minuted. I look forward to the agenda item below
where this is to be discussed further.
Four invoices are in svn:financials/Bills/received directory.
As this process becomes more routine, it is my intention to delegate
it to the Secretary Assistant (presuming that we have one).
A modest request: if people have documents (such as invoices) that
they want to be processed, please copy the secretary@ alias. I'm
not suggesting that this is a hard requirement, just that it will
hopefully reduce the number of documents that fall through the cracks.
The lack of direct access to an ASF credit card increases the
possibility of human error, and in the case of ordering hard drives
from Sun, apparently mine. Aaron has already indicated that he
will seek such a credit card. If I can do anything to help correct
this issue, let me know.
The mail forwarding issues will Wells Fargo seem to be (largely)
corrected. Still a stray mail or two to address. Will work with
Aaron.
I have received a new credit card for Justin to replace his current
(expiring) one. I've updated the (encrypted) financials/Accounts
file with the new information, and will be making arrangements to
forward on the actual credit card to Justin.
Executive officer reports approved as submitted by General Consent.
5. Additional Officer Reports
1. Executive Vice President [Sander Striker / Justin]
See Attachment 1
Jim also notes that he is available for speaking
opportunities, much in the same way that Greg was as the
previous chair. General consensus is that this discussion
should continue on the PRC list.
Jim agreed to move this report into section 4.
2. VP of JCP [Geir Magnusson Jr]
See Attachment 2
3. Apache Legal Affairs Committee [Sam Ruby]
See Attachment 3
Jim asked if the board should request a status update
regarding the 3rd party license policy. Sam indicated that
this was not necessary based on the areas of consensus already
are published on the web site, and the items being worked
appear in JIRA. No action was taken.
4. Apache Security Team Project [Mark Cox / Geir]
See Attachment 4
Jim request that the projects for which the vulnerability was
reported be included in the report
5. Apache Conference Planning Project [Lars Eilebrecht / Henning]
See Attachment 5
Aaron provided an update on the call with Charel, and
confirmed that the ConCom is looking into options including a
potential new two day event, with a new name, in Beijing, and
will be following up on this early next week.
6. Apache Audit Project [William Rowe]
See Attachment 6
Sam noted that rather than providing direction, the previous
discussion was tabled before coming to a consensus. Others
noted that they were comfortable with drawing the conclusion
that that's what the consensus would have been.
In any case, all the directors present were happy with the
new direction described in this month's report.
7. Apache Public Relations Project [Jim Jagielski]
See Attachment 7
Jim indicated that in the future he will trim the link
sections for purposes of board reports.
8. Apache Infrastructure Team [Paul Querna / Justin]
See Attachment 8
Henning will work with Geronimo folks to start load monitoring
on the new machines provided to their projects.
Additional officer reports approved as submitted by General Consent.
6. Committee Reports
A. Apache Ant Project [Conor MacNeill / Bill]
See Attachment A
B. Apache Beehive Project [Eddie O'Neil / Jim]
See Attachment B
C. Apache C++ Standard Library Project [Martin Sebor / Jim]
See Attachment C
D. Apache Cocoon Project [Vadim Gritsenko / Greg]
See Attachment D
E. Apache Continuum Project [Emmanuel Venisse / Sam]
See Attachment E
F. Apache Forrest Project [David Crossley / Justin]
See Attachment F
G. Apache HiveMind Project [James Carman / J Aaron]
See Attachment G
Aaron to request more information. Does "no active" mean nobody
is available? Hivemind will be requested to submit a report
with this information next month.
H. Apache HTTP Server Project [Roy T. Fielding / Geir]
See Attachment H
I. Apache HttpComponents Project [Erik Abele / Henning]
See Attachment I
Henning to pursue a report for HttpComponents
J. Apache Incubator Project [Noel J. Bergman / Bill]
See Attachment J
The board is uncomfortable with the current state of BlueSky,
and supports the work that the incubator is doing to correct
this.
In general, the board would like to see a renewed focus on
graduating, and the board members who also happened to be
mentors of Abdera, CouchDB, and BlueSky (namely Sam, Jim, and
Aaron) volunteered to communicate this back.
Additionally, it was requested that the incubator resume its
prior practice of listing the "top 3" items needed for
graduation as this was very much appreciated.
K. THERE IS NO K
L. Apache JAMES Project [Danny Angus / Sam]
See Attachment L
The board noted "heated and not wholly productive debate", and
appreciates the PMC's focus on this. No additional action was
taken.
M. Apache Lenya Project [Gregor J. Rothfuss / Justin]
See Attachment M
Justin to find out if the results of the developer meeting was
made public (i.e., no binding decisions were made at the
meeting).
N. Apache Logging Project [Curt Arnold / Jim]
See Attachment N
O. Apache Perl Project [Geoffrey Young / Jim]
See Attachment O
P. Apache POI Project [Nick Burch / J Aaron]
See Attachment P
The board was pleased to see that the OOXML issue was
resolved.
Q. Apache Roller Project [Dave Johnson / Greg]
See Attachment Q
The board reaffirmed its position that LGPL dependencies such
as Hibernate must be optional. We discussed whether there was
any potential naming issues that the PRC needed to follow up
on w.r.t. the known forks, and decided that no action was
warranted at this time.
R. Apache Santuario Project [Berin Lautenbach / Bill]
See Attachment R
Bill to obtain clarification as to which library this report was
referring to and as to whether they are following the process for
IP clearance.
S. Apache Shale Project [Gary VanMatre / Sam]
See Attachment S
No report submitted.
Sam to follow up. The board expects either a full report next
month or a resolution to terminate the Shale PMC.
T. Apache Turbine Project [Scott Eade / Greg]
See Attachment T
U. Apache Tuscany Project [Ant Elder / Jim]
See Attachment U
V. Apache Velocity Project [Will Glass-Husain / Jim]
See Attachment V
W. Apache Xalan Project [Brian Minchau / Henning]
See Attachment W
X. Apache Xerces Project [Gareth Reakes / Justin]
See Attachment X
Y. Apache XML Project [Gianugo Rabellino / J Aaron]
See Attachment Y
If Gianugo doesn't get a reply from Matt, the board suggests
that Gianugo contact Justin Mason as he has indicated that he
knows how to contact Matt.
Z. Apache XML Graphics Project [Jeremias Maerki / Geir]
See Attachment Z
The board is pleased to see that this project is "back to
normal"
Committee reports approved as submitted by General Consent.
7. Special Orders
A. Change the Apache SpamAssassin Project Chair
WHEREAS, the Board of Directors heretofore appointed Justin Mason to
the office of Vice President, Apache SpamAssassin, and
WHEREAS, the Board of Directors is in receipt of the resignation of
Justin Mason from the office of Vice President, Apache SpamAssassin,
and
WHEREAS, the Project Management Committee of the Apache SpamAssassin
project has chosen by vote to recommend Daryl C. W. O'Shea as the
successor to the post;
NOW, THEREFORE, BE IT RESOLVED, that Justin Mason is relieved and
discharged from the duties and responsibilities of the office of Vice
President, Apache SpamAssassin, and
BE IT FURTHER RESOLVED, that Daryl C. W. O'Shea be and hereby is
appointed to the office of Vice President, Apache SpamAssassin, to
serve in accordance with and subject to the direction of the Board of
Directors and the Bylaws of the Foundation until death, resignation,
retirement, removal or disqualification, or until a successor is
appointed.
Special Order 7A, Change the Apache SpamAssassin Project
Chair, was approved by Unanimous Vote of the directors
present.
B. Update Public Relations Committee Membership
WHEREAS, the Public Relations Committee (PRC) of
The Apache Software Foundation (ASF) expects to better serve
its purpose through the periodic update of its membership; and
WHEREAS, the PRC is a Board-appointed committee whose membership
must be approved by Board resolution,
NOW, THEREFORE, BE IT RESOLVED, that the following ASF members be
added as Public Relations Committee members:
Sander Striker <striker@apache.org>
Special Order 7B, Update Public Relations Committee
Membership, was approved by Unanimous Vote of the directors
present.
C. Secretarial Assistant Renewal
WHEREAS, the Board of Directors has deemed it necessary to
contract secretarial and organizational services to support
the work of the Secretary, and
WHEREAS, Catherine Ruby has been determined to meet the
requirements of the Foundation, and
WHEREAS, the current six-month contract expires as of
August 31st, 2008, and
WHEREAS, the Board of Directors has determined that the
contract should be revised and renewed for another six month term;
NOW, THERFORE, BE IT RESOLVED, that the President of The Apache
Software Foundation, Justin Erenkrantz, is hereby directed to
proceed with contracting Catherine Ruby for the secretarial and
organizational services necessary to support the work of the
Secretary.
Special Order 7C, Secretarial Assistant Renewal, was approved
with 6 Yes votes and one Abstention.
This was based on the understanding that Justin was to ensure
that the contract offered covered the scanning of materials
for archive, and that future Secretary reports will cover this
activity.
D. Executive Assistant Renewal
WHEREAS, the Board of Directors has deemed it necessary to
contract support and organizational services to support
the work of the President, and
WHEREAS, Jon Jagielski has been determined to meet the
requirements of the Foundation, and
WHEREAS, the current six-month contract expires as of
August 31st, 2008, and
WHEREAS, the Board of Directors has determined that the
contract should be revised and renewed for another six month term;
NOW, THERFORE, BE IT RESOLVED, that the President of The Apache
Software Foundation, Justin Erenkrantz, is hereby directed to
proceed with contracting Jon Jagielski for the services
necessary to support the work of the President.
Special Order 7D, Executive Assistant Renewal, was approved
with 6 Yes votes and one Abstention.
This was based on the understanding that Justin will convert
the contract into an hourly rate and expand the scope to allow
others to task the EA, on the proviso that Justin be kept in
the loop on such activities.
Bill agreed to seed a STATUS file with potential tasks, primarily
for the Executive Assistant, but also potentially for the
Secretarial Assistant, to pick up.
8. Discussion Items
What should official and published Board of Directors Meeting Minutes
cover?
Sam agreed to include a summary of discussions that occur during the
formation of the agenda into the minutes, and in fact had already
updated the previous minutes with his understanding of what that
might look like.
Full and unedited archived discussions will be maintained in an
archived_agendas directory in svn.
Jim to review the updated and annotated minutes.
9. Review Outstanding Action Items
* Jim to work with Sam Ramji to clarify relationship between MS's IP
and POI
Update: AFAICT, this is resolved to everyone's mutual satisfaction.
* Geir to work with QPid on rationale and licensing
Update: Contacted the QPid IPMC, and there was what appears to be a
3-message thread on this back in May, but it's fizzled. I'm not
sure if this is something to restart ourselves, or wait until someone
is interested again.
Jim to follow up with Geir
* Jim to contact Grant re: TREC
Update: Grant replayed TREC contact info to Jim. Jim contacted
them regarding our interest in utilizing TREC but how
our setup doesn't quite fit in with their existing system.
As of Aug 17, no response back.
* Aaron to task the EA to do some data entry tasks, coordinating
this effort with Justin and Jim as required.
Update: Aaron FedExed over external disk with Parallels
image of Windows/QB partition. This was converted to a VMWare
partition to be used by EA under VMWare Player. Confirmed
that all works. Activation key for partition not working; EA
contacted Aaron and also contacted Justin as well.
* Geir to work with the PRC to work out how to pro-actively
generate press interest around the JCP/TCK issue.
Update: This is hard, mainly because from what I gather from
press friends, Sun is recalcitrant to talk about it.
See JCP report regarding recent EC discussions
regarding what excatly about EC meetins are
confidential. Please keep this as an open item
for me.
* Bertrand to review scheduling of podling reports with incubator.
Update: This item remains open.
* Aaron to follow up with Quetzalcoatl on the implications of this
project going dormant.
Update: This item remains open.
* Sam to arrange payment for the Florida colo with Traci.net
Update: Sam called Traci.net and provided the credit card information.
Darin indicated that the card will not actually be billed until
the equipment is installed. The amount to be $518.00.
* Jim to fax FedEx request for updated CC information to Sam for
processing
Update: Done and done.
* Jim to provide feedback to Sally, asking her to only include
"significant" links in PRC report.
Update: Done.
* Henning to follow up on hardware utilization report w/infrastructure
Update: Machines have been handed over to Geronimo by Infrastructure
just now. I will start to talk to the Geronimo people this
month about how to implement this.
Nothing else has happened yet.
* Sam to look into CCLA/ICLA issue with Imperius
Update: Per Craig L Russell, holdup is internal to Sun. Sam does
not plan to pursue this further.
10. Unfinished Business
11. New Business
12. Announcements
13. Adjournment
Adjourned at 12:03 p.m. (Pacific)
============
ATTACHMENTS:
============
-----------------------------------------
Attachment 1: Report from the Executive Vice President
Last month I've spent some time synchronizing with Justin
on ASF presence. Events he can't make, and I potentially
can. One is the International Workshop on Public Data
about Software Development. The second is a speaking
oportunity at Paris Capitale du Libre.
In closing, one of our fellow committers, Maurice Marrink,
passed away. To show our respect we've sent flowers to
the family.
-----------------------------------------
Attachment 2: Report from the VP of JCP
This was a very slow month. We currently remain in a state of
deadlock. The effect of this on those who know the details
as well as the overall progress of Java itself has been fairly
profound, and I'm looking for ways to get the information of
the history and status out to the community.
I've thought about drastic action that we could take - such as
exiting the JCP EC - but I think that given the reasons for
Sun's lack of compliance with the JSPA in this matter, I
don't think it would help. The only thing I can think of is
a fall information campaign when the world gets back from
vacation and wakes up. I also think that there are opportunities
for the Apache Harmony project, such as a runtime for OSGi,
cloud/grid computing, etc that are forward-facing and
fresh, but this is really a Apache Harmony community issue.
One thing of interest is that it's been discovered that by
the letter of the law, EC meetings don't formally fall under the
technical definition of Confidential Material according to the
JSPA. We're discussing (well, were discussing - August is quiet
in Europe and North America due to vacations) exactly what we
may do about that.
As one of my actions, I've been trying to get some press interest,
and right now, it's clear that it's difficult, both from the
perspective of the time of year, as well as the difficulty in
finding enough sources of information. I'll continue to work
on both.
Finally, Happy 2nd Birthday, Ongoing Apache Java SE TCK License
Application!
-----------------------------------------
Attachment 3: Status report for the Apache Legal Affairs Committee
While comments were made on a half-dozen or so JIRA issues, none were either
created or closed this month. I believe that this process is working
smoothly, and does not warrant board attention.
Notable discussions that occurred during this month:
As reported elsewhere, Microsoft clarified their position on their Open
Specification Promise. As near as I can tell, everybody feels that this
completely resolves the issues surrounding the upcoming OOXML support by POI.
The division of labor between the PRC, the incubator, and the Legal Affairs
Committee continues to confuse people. My understanding is that the PRC is
responsible for enforcing our claim to names, the incubator is responsible for
IP clearance (including names), and the Legal Affairs Committee helps respond
to claims made against the ASF.
A GPL license question surfaced -- this started out with Xapian which is
licensed under GPL v2 and confusion over what the FSF claims of
"compatibility" with the Apache License means. Eventually this discussion
wandered off into the territory of hypotheticals. GPL v2 remains on the ASF's
restricted list (a.k.a. Category "X").
By contrast, syntax highlighter (licensed under the LGPL) was approved for the
limited purposes of non-essential enhancement of online documentation.
There was a brief discussion on "blanket" grants and "commit by proxy". This
was resolved by citing the relevant sections of the ICLA which has explicit
provisions for the enablement of submitting code on behalf of a third party.
There was a brief discussion as to whether an ICLA sufficient when a person
may have been exposed to ideas and alternate implementations from a previous
employer. Our position is yes. Individual PMCs are welcome to set a higher
bar for themselves.
A permathread re-erupted: when are Apache License Headers needed? The general
guidance is that they should be added whenever practical, but only where
practical.
There is an ongoing discussion about notice requirements when code is reused
from other projects.
-----------------------------------------
Attachment 4: Status report for the Apache Security Team Project
There continues to be a steady stream of reports of various kinds
arriving at security@apache.org. These continue to be dealt with
promptly by the security team. For July 2008:
1 Support question
1 Security vulnerability question, but not a vulnerability report
1 Phishing/spam/attacks point to site "powered by Apache"
3 Vulnerability report
Note that the statistics given each month are for queries sent to
security@apache.org and does not include any that are sent to specific
project lists advertised separately such as
security@tomcat.apache.org. Most projects do not advertise separate
lists (or really need to given the low volume of issues affecting most
projects), and the only one which gets really any direct reports is
security@tomcat. We'd only advise a project advertising a separate
security response address if they get or expect a significant number
of issues.
For these board reports we do not plan on giving more detail about
specific issues unless they are significant in some way (critical
vulnerability or threat) as issues can take several months through the
lifecycle of dealing with the reporter during which time they are
usually non-public.
For interest now we have two years of data, here is the cummulative
total emails to security@apache.org for each type:
Jul-Dec06 Jan-Jun07 Jul-Dec07 Jan-Jun08 Total
Support 24 14 25 13 [76]
Query 11 10 4 11 [36]
PoweredBy 17 20 19 11 [67]
NotASFHack 7 5 0 3 [15]
Report 24 23 23 20 [90]
Total [83] [72] [71] [58] [284]
Support : Support question, not vulnerability related. We won't
answer these but will refer them to some public list.
Query : Security vulnerability question, but not a vulnerability
report. We answer some of these but in most cases refer to a public
list for discussion.
PoweredBy : Phishing/spam/attacks point to site "powered by Apache".
We try to help the users understand what happened, but many still
don't believe us, or don't understand.
NotASFHack : User was hacked, but after investigation it turns out it
wasn't ASF software at fault. Note that there isn't a "WasASFHack"
row because we've not yet heard from anyone whose machine was
compromised where it turned out to be via some flaw (fixed or unfixed)
in ASF software.
Report : What the list is designed for, a vulnerability report. We
include here all reports of possible vulnerabilities even if they turn
out not to be vulnerabilities (as they require effort to investigate
and/or respond). It's pretty constant though the years.
-----------------------------------------
Attachment 5: Status report for the Apache Conference Planning Project
General News
------------
* no general news
ApacheCon US 2008 News
----------------------
* On 30 July, another press release has been issued highlighting the
OFBiz Symposium, BarCampApache, CampHadoop, the voluntourism day, and
the CrowedVine site for the conference.
* Early bird prices are being extended by 2 weeks to drive early
registration.
* Issues when registering for training classes when using the committer
discount code (for the conference) are being corrected by SCP;
a note to the committers list will be sent out when fixed.
* The OFBiz and various special event schedules are being posted on the
Web site, showcasing the wide variety of content we'll have, and the
first keynote speaker is being confirmed shortly.
OSSummit Asia 2008 News
-----------------------
* OSSummit Asia 2008, as originally envisioned, is canceled.
The corresponding entry has been removed from the ApacheCon Web site.
* The Eclipse Foundation has notified us that they have withdrawn
from this event. As such, we're now on our own in terms of a
China/Asia event.
* On Tuesday, 19 August, before the Board meeting the Asia 2008 planning
team will hold a conference call with Charel to discuss options.
There's a chance of still running a smaller event in Beijing in
December. We'll work out a new proposal and submit it back to the
conference comittee for review.
ApacheCon Europe 2009 News
--------------------------
* The planning meeting will be held 1-2 November in New Orleans, the
weekend before ApacheCon US 2008.
ApacheCon US 2009 News
----------------------
* no news since last report
-----------------------------------------
Attachment 6: Status report for the Apache Audit Project
With respect to FY2007-08 internal review, there is nothing to report,
still awaiting preparation of the records and financial statements to
begin the review.
Based on previous discussion by the board, the committee will proceed
with an internal review for FY2007-08, and at the board's direction
will not seek external review.
However, there is a pro bono offer of feedback by a CPA on the table,
and the committee will pursue this possibility once the records become
available.
-----------------------------------------
Attachment 7: Status report for the Apache Public Relations Project
The HALO contract is up for renewal within a few months, and so we
have started discussions regarding what has, or has not, worked with.
The PRC is very strongly leaning towards renewal and we are operating
under that assumption, so mainly we are looking how to better utilize
the talents and resources of HALO and how to not so much be the
"choke point" in the whole PR process. Ideally, this would mean a
much more active PRC roster, and it is hoped that the recent additions
(as well as adding Sander, as per today's resolution) will alleviate
a lot of this.
Over the last month the big news was the addition of Microsoft as
a Platinum Sponsor of the ASF (as announced at OSCON). Quite a lot of
work was done by various people to see this through, but Sally should
be noted with special commendation in being a crucial part of this.
Not only did Sally see things through, but coordinated efforts with
myself, Justin and others regarding the whole media effort.
The Microsoft sponsorship started a discussion regarding Sponsor
Logo sizes as displayed on the Thanks page. The issue is that forcing
logos, especially those with widely variant aspect ratios, into our
allowed space, is detrimental to some sponsors. There was a suggestion
to make it "same area" but there was concern that this would also result
in unfair visual space being applied to some logos (the general concept
is that each logo should have the same "visual impact"). Unfortunately,
this has not reached closure yet. In anticipation of this, we have
received a new Yahoo! logo, however.
Justin coordinated with Yahoo! for a new contact regarding their
Sponsorship. Renewals by Google and Springsource (was Covalent) is
on track.
PRNewswire updated their Nonprofit Rate packages, which offer significant
discounts over what we had been paying previously. We elected to choose
their "10-pack" offering, in which we prepay for 10 releases, and pay
extra (akthough still a very reduced rate) for any releases past
10.
Tuscany is interested in doing a combo "Graduation to TLP/New Release"
PR, to help drum up interest and community around Tuscany. It is
anticipated that this will happen within a few weeks and before next
month's board meeting.
HALO's report is as follows:
The Apache Software Foundation
Promotion and Outreach Campaign
Kindly Note:
The activities below reflect the tasks undertaken during the 1-31 July 2008 timeframe.
CONTENT
DEVELOPMENT
- (no ASF-issued announcements made during this time period)
- Reviewed Wicket draft announcement
- Coordinated with Microsoft on sponsorship announcement on Port25
OUTREACH & LIAISON
- Coordinated CXF press release review process with IONA's PR team
- ASF Sponsor Liaison: final workings with Microsoft on ASF sponsorship
- Follow-up with Microsoft on ApacheCon sponsorship
MEDIA RELATIONS/
COORDINATION
- Liaised media inquiry on Apache MDM project (ex-Apache CXF announcement)
- Handled several press inquiries on Microsoft sponsorship
-----------------------------------------
Attachment 8: Status report for the Apache Infrastructure Team
We have a functional backup system in place, complete
with backups of select files within user home dirs,
thanks to Tony Stevenson, Gavin McDonald, Norman
Maurer, and Roy T. Fielding.
Philip Gollucci was flown down to Fort Lauderdale
to help set up the new colo site at TRACI.net.
The two Geronimo build machines, selene and phoebe,
were set up and handed off to the Geronimo PMC.
An experimental LDAP zone was set up to pursue
the idea of deploying LDAP in some capacity at the ASF.
Purchased a SCSI card for thor (build zones). Unfortunately
the existing array failed miserably (both PSU's died).
Currently pursuing a different path of installing drives
in thor (said drives were also purchased from Sun for ~$2000,
but need to be replaced due to incompatible drive trays.)
Wendy Smoak was granted infrastructure karma for her
work on the ASF's maven repository.
The maven snapshot repository was purged of all files older
than 30 days, which created some ripples within the community.
At its largest it was over 90GB, which means it contained
more bits than archive.apache.org. It currently stands
at 21GB.
-----------------------------------------
Attachment A: Status report for the Apache Ant Project
o Current Releases
Core
----
Ant 1.7.1 was released on June 27, 2008. This was about 18 months after Ant
1.7 was released. The release is primarily a bug-fix release and also adds
support for some Java6 features.
Ivy
----
The Ivy release status has not changed from the previous report.
Ivy 1.4.1 is the current stable release, released prior to Ivy's Apache
incubation. An Apache Ivy release 2.0.0 is currently in beta. Beta 2 was
released on 14-March-2008
o New PMC member
Nicolas Lalevee (hibou) was added to the Ant PMC (currently awaiting 72
hour ack completion)
o Community
No issues.
-----------------------------------------
Attachment B: Status report for the Apache Beehive Project
== General ==
For another quarter (+1 month), Beehive remains very quiet both from
the perspective of community interaction and commit activity.
Questions on the mailing list continue to be answered in a reasonable
fashion, but it's fair to say that at this point, the project lacks
any forward momentum. There are no new committers or PMC members on
the horizon.
== Export Control Update ==
There has been no change in status here -- the project should be
classified 5D002, and no notification e-mails have been sent and no
web pages updated. The PMC Chair commits to having this done in time
for the next status report in October 2008.
-----------------------------------------
Attachment C: Status report for the Apache C++ Standard Library Project
Notable changes since the last report (May 2008):
The release schedule for the next C++ standard, informally known
as C++ 0x, has changed. The new standard is now expected to be
ratified sometime in 2011 rather than by the end of this decade
as originally planned. The team's progress on the implementation
of the new C++ standard features has been slow in part due to
ongoing changes to the specification and in part due to the limited
availability of the new core C++ features in existing compilers,
or their instability.
BIS Export Control Classification:
Apache C++ Standard Library contains no encryption source code nor
does it make use of any third party encryption software.
Future plans:
Continue to work on implementing C++ 0x.
Community:
The stdcxx community is unchanged since the last report.
16 committers (unchanged), 6 active
11 PMC members (unchanged), 6 active
Mailing List Activity Changes Since February 2008:
commits: 19 (+1) subscribers, 5.10 (+0.72) posts/day
dev: 57 (+2) subscribers, 7.27 (+0.79) posts/day
issues: 13 (+1) subscribers, 11.43 (-0.48) posts/day
user: 48 (+2) subscribers, 0.11 (-0.08) posts/day
Bug Tracking Changes Since January 2008:
Total issues: 997 (+ 59)
Outstanding: 336 (+ 8)
Resolved: 160 (+ 26)
Closed: 501 (+ 25)
Planned releases:
4.2.2 Fall 2008 (was July 2008)
4.3.0 Winter 2008 - 2009
5.0.0 first half of 2009
Release history:
4.2.1 May 1, 2008
4.2.0 October 29, 2007 (incubating)
4.1.3 January 30, 2006 (incubating)
4.1.2 September 7, 2005 (snapshot, incubating)
-----------------------------------------
Attachment D: Status report for the Apache Cocoon Project
New Committers:
* Thorsten Scherler
* Luca Morandini
* Steven Dolg
* Jasha Joachimsthal
* Andreas Hartmann
PMC Changes:
* Gianugo Rabellino has left the PMC
* Added Thorsten Scherler
Releases:
* Cocoon Servlet-Service Framework Impl 1.1.0
* Cocoon Spring Configurator 2.0.0
* Cocoon JNet 1.0.0
* Cocoon Block-Deployment 1.0.0
* Cocoon Maven Plugin 1.0.0-M3
Ongoing Work:
* The work in SVN whiteboard area is progressing on the 'Corona' project.
Cocoon community voted to start doing alpha releases of this work under
'Cocoon 3.0' name instead of using 'Corona' codename.
* Java 1.4 support has been dropped for the Cocoon trunk. Starting with
next Cocoon 2.2 release, Java 1.5 (or newer) will be required.
* Java 1.3 support has been dropped for the Cocoon 2.1 branch. Cocoon 2.1.12
(if it happens) will require Java 1.4 or newer.
-----------------------------------------
Attachment E: Status report for the Apache Continuum Project
Releases
--------------
* No new release since previous report
* Steady progress on the release, continued discussion on dev list.
We'll probably release Continuum 1.2 at the begin of September
Community
--------------
* Discussion continue for the internal architecture in future versions
* One new committer has been voted in, Maria Catherine Tan, but the
account isn't created yet. There have been no changes to the PMC.
Issues
--------
* No issues related to the board.
-----------------------------------------
Attachment F: Status report for the Apache Forrest Project
Apache Forrest mission is software for generation of aggregated multi-channel
documentation maintaining a separation of content and presentation.
Issues needing board attention:
None
Changes in the PMC membership:
None
General status:
Progress has been generally slow this quarter. Most developers seem busy with
other stuff. This quarter feels stronger, committers are obviously still
around and helping each other when occasional issues arise for them.
Last quarter we reported that the user mail list was hardly used. This
quarter it is a little better. One user was encouraged to contribute a patch.
Issues are being attended to by various developers. Some users were helping
other users.
Checked for weak SSH keys on our zone server.
Issues still to be dealt with by the Forrest PMC:
Improve the project guidelines document.
Improve our way of presenting license information for included products.
Progress of the project:
Defined a naming convention for plugin properties.
Added XInclude to our xdoc DTD. XInclude was already handled by Cocoon
processing. Now it can be used in input source XML without validation errors.
Discussion commenced about a potential new plugin which has some obvious
legal issues.
Discussion was re-kindled (towards end of this report period) about moving
our internal document format to be XHTML2.
No releases since 0.8 on 2007-04-18.
-----------------------------------------
Attachment G: Status report for the Apache HiveMind Project
The HiveMind project has remained quite inactive during the last 3
months. There are currently no active developers on the project.
-----------------------------------------
Attachment H: Status report for the Apache HTTP Server Project
The Apache HTTP server project has made small progress through the
lazy northern-hemi-summer quarter without any significant issues.
We have no board-level issues at this time.
We have added two httpd-docs committers, Andrew Ford and Nilgün Belma Bugüner,
and have two more on the way once the paperwork clears. There have not
been any changes to the PMC.
We released httpd 2.2.9 on June 14 and continued maintenance of that
branch will justify another release soon. We have not done any releases
this quarter for flood, libapreq, mod_mbox, mod_wombat, or mod_ftp,
and no progress has been made on the next generation code bases
for httpd. We haven't even had a decent flamewar.
-----------------------------------------
Attachment I: Status report for the Apache HttpComponents Project
-----------------------------------------
Attachment J: Status report for the Apache Incubator Project
The Incubator is running smoothly and largely trouble-free. The biggest
debates in the past month have been related to project names. In the large,
we have good participation and oversight from the PMC.
A number of projects, including Etch and the previously mentioned photo
gallery project have been discussed for Incubator. The photo gallery is
accepted, and has changed its name from PicaGalley to PhotArk.
A number of projects, e.g., Sanselan, UIMA, Pig, and CouchDB had release
votes. Felix registered some IP clearance. XAP may be voted into dormancy,
acknowledging that status quo.
Of more interest to the Board:
We have concern about BlueSky (including licensing and "getting The Apache
Way", but Bill Stoddard and a number of others, including multiple Board
Members, are keeping a close eye on developments. If deemed necessary, the
Incubator PMC will act.
------------------------------------------------------
Abdera
Technical accomplishments:
* Support for AtomPub multipart creation:
http://atompub-mulitpart-spec.googlecode.com/svn/trunk/draft-gregorio-atompu
b-multipart-02.txt
* OpenSearh support improved, it covers the openSearch specification
completely.
* RequestProcessors refactor.
* A lot of bugs fixed.
Community:
* Jim Ancona and David Calavera joined the project as committers.
* Traffic is increasing in both users and developers lists.
Issues before graduation:
Currently we've more than three active committers from diferent
companies. Although we have to finish the documentation and solve some
controversial stuff we are hoping to bring the issue to a vote in the next
months.
------------------------------------------------------
BlueSky
Did not report, but see general comments at top of report.
------------------------------------------------------
Buildr
Development
We recently released Buildr 1.3.2, focusing strictly on bug fixes.
1.3.3 release scheduled for August will also focus on bug fixes and
better error reporting. The bulk consists of issues reported,
tested(!) and patched by community members. There's parallel work to
add C/C++ support to Buildr, currently discussed on the mailing list,
and we're seeing the first set of test cases for Eclipse tasks. Our
little master plan to not accept patches without test cases may work
out after all.
Community
In spite of our best efforts to send everyone on summer vacation,
traffic is steadily picking up on the mailing list.
Issues before graduation
1.3.2 cleared up some missing/mixed copyright issues that slipped past
QA in earlier releases, and as of now we have no outstanding licensing
issues.
------------------------------------------------------
CouchDB
CouchDB is a distributed document-oriented database system written in
Erlang. The project entered incubation on February 12th, 2008.
We have released CouchDB 0.8.0, our first podling release. New features
include incremental reduce, compaction, the Mochiweb erlang HTTP library,
enhancements to the ui interface (Futon) and build system (w/ spidermonkey
now an external dependency). We are also about to release a 0.8.1 to fix
bugs.
The number of libraries and project integrating with CouchDB continues to
grow, as does the number of contributors. We will likely be adding a new
project member soon. CouchDB is now fully integrated with the Apache
resources (bug system, mailing list, wiki, website, etc) and we believe
CouchDB is satisfying all its community requirements to graduate to a full
Apache project.
------------------------------------------------------
Empire-DB
Apache Empire-db is an Open Source relational data persistence
component which allows database vendor independent dynamic query
definition as well as safe and simple data retrieval and updating.
Empire-db entered the incubator on July 8th, 2008
After a slow start things have been picked up: CLAs have been
submitted, accounts have been created, the status page is up and
running, the podling website is online and the initial code has been
imported. The mailinglists are booting up, and we're learning how to
use each list (i.e. ppmc communication only for private matters on
private@).
------------------------------------------------------
JSecurity
JSecurity is a powerful and flexible open-source Java security framework
that cleanly handles authentication, authorization, enterprise session
management and cryptography.
JSecurity has been incubating since June 2008.
The project has been very active, with plenty of discussion around
features, implementation, and strategy, on both user and dev lists.
The code is still at codehaus, with the plan to migrate the code base
with all history to the apache repository once a release has been made.
Once the code is in the apache repository, additional releases of the
org.jsecurity code may be published via codehaus, while the
packages are renamed to org.apache.jsecurity.
Mailing lists have been set up, and most email traffic has been migrated
from the previous lists at codehaus.
The JIRA project is set up and is tracking new issues. Issues will be
migrated from the existing bug tracking system in due time.
The status is being maintained at
http://svn.apache.org/repos/asf/incubator/jsecurity/STATUS
------------------------------------------------------
Hama
Hama is a parallel matrix computational package based on Hadoop. The project
entered incubation on May 19th, 2008.
We are currently working to prepare the first release of Apache Hama in the
Apache Incubator. The first release Roadmap is planned. The number of dev
subscribers has increased. We should have a page about becoming
contributors. We will likely be adding a new project member soon. CCLA sent
for KRIBB and NHN's contribution.
------------------------------------------------------
Lokahi
Very little community development is hampering this otherwise worthwhile
server (as in httpd, tomcat, geronimo, etc.) management project.
------------------------------------------------------
NMaven
NMaven develops plugins and integration for Maven to make building and using
.NET languages a first-class citizen in Maven.
Incubating since: 2006-11-17
== Items to resolve before graduation ==
More active committer involvement. We have two active committers from
different organizations but need at least one more.
== Status ==
* No releases since the last report
* Continue to receive patches from the community, mostly for the previous
version
* Mailing list traffic is steady
== Plans ==
Some work has been contributed for the migration of features to the current
trunk that are being reviewed. Work on this needs to continue.
------------------------------------------------------
PDFBox
Apache PDFBox is an open source Java library for working with PDF documents.
PDFBox entered incubation on February 7th, 2008.
We have finally migrated all sources to Apache svn and set up the project
website at http://incubator.apache.org/pdfbox/. We also set up a CI build
using Hudson. Traffic is picking up on the user and developer mailing lists,
new issues are being reported through Jira, and there is initial discussion
about an incubating 0.8.0 release.
Software Grants have been received from Ben Litchfield and Daniel Wilson who
are the primary authors of the PDFBox, FontBox and JempBox software. There
have been a lot of small contributions (under the BSD license) by a number
of other people to the project and it was asked (see
http://markmail.org/message/zy6oweihmenqt6o4) on the legal-discuss list
whether the primary authors have "sufficient rights" to grant a license for
all of the code, or if we have to contact all the other contributors for
separate grants. Having received no response to the question on
legal-discuss we assumed that software grants from the primary authors was
sufficient.
We're discussing about what to do with the FontBox and JempBox codebases
that are included as subprojects of PDFBox. We might decide to merge them
with similar efforts in other Apache projects, most notably XML Graphics.
Issues before graduation:
* Increase community size and activity
* License review
* Export control notifications
* First Apache release
------------------------------------------------------
Sling
Sling is a framework to develop content centric web applications based on
the idea of modularizing the rendering of HTTP resources.
Sling entered incubation on September 5th, 2007.
== Community ==
* Over the last few months our mailing list has started being more
active, with signs that Sling's user base is increasing steadily. The number
of patches from non-committers is also increasing steadily.
== Software ==
* At long last Apache Sling has seen its initial release end of June.
* The Sling Management Console has been moved to the Apache Felix
project and is now called the "Apache Felix Web Management Console".
* After the first release we have to take up a stab at our site and the
documentation again, which we postponed until after the release due to lack
of time.
== Issues before graduation ==
* Grow a more diverse community (so far commits mostly from Day
employees).
== Licensing and other issues ==
* none
------------------------------------------------------
WSRP4J
DID NOT REPORT
------------------------------------------------------
XAP
XAP has been almost entirely inactive for at least the last 4 months. A
discussion about its status was attempted, and did not elicit much of a
response. The Incubator PMC will look to vote it into a dormant status.
-----------------------------------------
Attachment K: THERE IS NO K
-----------------------------------------
Attachment L: Status report for the Apache JAMES Project
This quarter at JAMES has seen continued slow progress on the server
trunk, allied with some heated and not wholly productive debate around
the quality of the code in trunk, and hence its likely fate, vs the
quality of the stable branch. The choice appears to be the familiar
evolution vs revolution, but as James lacks resources for the latter
we're likely to default to the former whatever anyone thinks.
The extraction of mailet packages has been done, mailets are now
separate from server and crypto mailets are independant of both. This
still needs to be reflected in the crypto notice.
The libraries attracted attention this period, mime4j has attracted
new contributors and seen increased activity. Both Mime4j and Jsieve are
on track for a release in the near future.
No releases were made.
Oleg Kalnichevski was elected commiter for his work on Mime4J.
Serge Knystautas stood down from the PMC. Serge was author of the
original import of James, and the 1st chair of the James PMC after we
were promoted from Jakarta. We're sorry to see him go.
Finally please accept apologies for the missing report last month.
o
-----------------------------------------
Attachment M: Status report for the Apache Lenya Project
Releases
=======
A 2.0.2 release was voted on and is being prepared at press time.
Community
========
A development meeting was held in Freiburg, Germany, with lots of
discussions about the future direction for Lenya. Otherwise, it was a
quiet quarter.
-----------------------------------------
Attachment N: Status report for the Apache Logging Project
A log4j 1.2.16 RC1 is imminent (hopefully by
the time of the board meeting).
A release push for Chainsaw is still long overdue
which would also involve a maintenace release
of log4j-extras and initial releases of log4j-receivers,
log4j-component and log4j-zeroconf.
There was more preliminary activity on log4j 2.0:
Ralph Goers (ASF member, several PMCs) was added
as a committer for log4j 2.0, many wish list and
design issues were added to the log4j 2.0 JIRA,
and some earlier experiments were moved from
the log4j sandbox to the log4j 2.0 branch.
However there is nothing close to usable at the moment
and no new code.
log4cxx 0.11.0 is close to an RC1 but has stalled
due to activity on log4j.
log4net 1.2.11 is still overdue. There has been a little activity
and a list of blocking bugs have been identified.
log4php continues to have no development or mailing list activity
and appears to have drifted back off into dormancy
after restarting incubation last summer.
-----------------------------------------
Attachment O: Status report for the Apache Perl Project
-- mod_perl 1.0 --
The mod_perl 1.x is a maintenance track designed to work with httpd
1.3.x.
No new mod_perl 1.x releases since the last report.
--- mod_perl 2.0 --
mod_perl 2.X is designed to work with all httpd 2.X branches.
No new mod_perl 2.x releases since the last report.
--- Apache-Test --
Apache-Test provides a framework which allows module writers to write
test suites than can query a running mod_perl enabled server. It is
used by mod_perl, httpd and several third party applications, and
includes support for Apache modules written in C, mod_perl, PHP
and Parrot.
No new Apache-Test releases since the last report.
--- Apache-SizeLimit --
Apache-SizeLimit is a popular component in most mod_perl production
environments. It is used to kill off large httpd child processes
based on various environmental triggers.
No new Apache-SizeLimit releases since the last report.
--- Apache-Reload --
Apache-Reload is a popular component in most mod_perl development
environments, used to refresh compiled code in the perl interpreter
without completely restarting httpd.
No new Apache-Reload releases since the last report.
-- Development --
mod_perl continues to be a healthy development community, though
as a mature and stable product development moves at a naturally
slower pace than in year past. Bugs are found and discussed and
applied with due consideration for our production userbase.
-- Users --
The mod_perl users list is, as always, thriving. nothing noteworthy
has happened since the last report.
-- PMC --
Torsten Foertsch was granted commit karma this past quarter and has
begun to inject additional life into mod_perl development.
-----------------------------------------
Attachment P: Status report for the Apache POI Project
OOXML Support
-------------
This quarter, with help from board members and pmc members, the legal issues
surrounding the ooxml support has been cleared up with Microsoft, and we now
have all the guarantees we wanted. We're very grateful to all those in the
ASF and at Microsoft who have worked on this for us.
Community
---------
No new committers or PMC members this quarter.
Traffic on the dev list has remained stable this quarter, but with fewer
legal discussions that means more coding discussions! The user list traffic
is slightly up, with lots more interest in the ooxml support. The number of
bug reports is up, but most of these are in edge areas of the code, or the
new ooxml support, so we see this as healthy.
The ooxml support has brought in new users to the project, who we're seeing
on the user list and bug reports. However, it has yet to bring in anyone who
has been identified as a potential new committer. We're hoping that the next
quarter will bring us some more new users who can be mentored towards
committership.
Releases
--------
We did a beta release of poi 3.5 (including the ooxml support) around a
month ago. We're planning another beta of it any day now. The final release
is aiming for some time in the next quarter.
POI 3.1 (no ooxml support) was released on the 30th of June, and included
a large number of bug fixes since POI 3.0.1, along with a small number
of new features. A maintaince release of this branch is expected next
month, and a beta of this is due very soon.
-----------------------------------------
Attachment Q: Status report for the Apache Roller Project
1.0 Community health
Development activity still slow due to committers working on other
projects and the fact that Roller 4.0 is stable and works well as is.
User support questions are coming in at a steady clip and the mailing
list is responding to them adequately.
1.1 Activity begets activity and vice versa
Lack of activity is a problem for the community, because it makes the
project appear to be stagnant and that discourages new users, which
reduces the pool of new community members. So, I will briefly discuss
why we have lack of activity and ways we can address the issue.
One reason for the lack of activity is that two high-profile projects
that use Roller (and employ or employed committers) are now operating
on forks of the code base and the committers have stopped contributing
back to Roller. Why did they fork? I believe this is due to the
instability that was caused by our Apache policy required move away
from Hibernate/LGPL and move to OpenJPA. Those two high-profile
projects are still not using our new implementation and perhaps cannot
justify the time required to get back in sync with main-line Roller
development.
1.2 Ways to get active
How can we get some activity going again? Here are some ideas:
* Make Roller more pluggable so that new features can be added without
de-stabilizing the core of Roller.
* Make it easier to contribute with better guidelines for new
developers and less emphasis on proposal; patches should be preferred
over proposals.
* Learn a lesson from GSoC. Define some projects that we want to have
developed, advertise our need for help on the projects and be prepared
to mentor volunteers.
* Wrap up bug fixes and release Apache Roller 4.0.1
2.0 Status of Apache Roller 4.0
Roller 4.0 is the best available release of Roller. We have made
enough bug fixes in the 4.0 code base to justify a 4.0.1 release,
users have tested snapshot builds and we should wrap things up and
make a final 4.0.1 release as soon as possible.
3.0 Status of work in the trunk
Here's some of the work we've done since 4.0 was release. The user
management work is probably significant enough to justify calling the
next release 5.0. We need to decide whether to push a new release out
soon as is, or later with better plugin support.
* We added a new fully pluggable user management system and better
support for contributed by Dave Johnson working on Sun's social
software for Glassfish efforts.
* Our Google Summer of Code student has completed OpenID support,
using Spring Security to do. We are currently evaluating the final
patch.
* We started working on upgrading from OpenJPA 0.9.7 to OpenJPA 1.0
but ran in to problems and have committed none of this work.
* Allen Gilliland contributed his most recent code for Apache Roller
Planet, from his work on planets.sun.com. This is a separate
application from the Apache Roller Weblogger and has not yet been
released.
3.1 Plans for new work in the trunk
Two students have signed up, as part of the Glassfish community
outreach programs, and applied to work on a project I proposed called
Media Blogging for Roller to improve support for file uploads and
blogging about uploaded pictures, audio and video files. Expect to see
them on the mailing lists before the end of August.
4.0 Promoting the project
My talk was rejected at ApacheCon US, but will be speaking at Open
Source Days on the topic of "The Once and Future Roller", where I'll
tell the story of Roller and ideas on the intersection of
Roller/blogging and social networking.
-----------------------------------------
Attachment R: Status report for the Apache Santuario Project
The 1.4.2 release for the Java library was performed. Otherwise the major
activity in the lists has been around user queries and bug fixes.
In addition, there has been some initial conversation with IBM around the
reference implementation of JSR 106 (XML Encryption) being donated to the
ASF for inclusion in the current Java libarary. IBM have told us that the
code is based on existing library, so this would work well. We will of
course need to go through the appropriate process to accept the code into
the project.
-----------------------------------------
Attachment S: Status report for the Apache Shale Project
-----------------------------------------
Attachment T: Status report for the Apache Turbine Project
Status
======
The project continues on with its typical activity pattern,
i.e. occasional bursts of development.
The Turbine project has no board-level issues at this time.
Community changes
=================
No new committers were voted in since the last board report.
No new PMC members were voted in since the last board report.
Turbine core project
====================
Subsequent to the release of Turbine 2.3.3 RC1, a long standing memory
leak was highlighted and fixed. The 2.3.3 release is now ready to go and
only awaits the attention of the release manager to produce the
artefacts and call for a vote.
Releases since the last board report:
* Turbine 2.3.3 RC1
Fulcrum component project
=========================
Thomas Vandahl continues to port various enhancements made to Turbine
2.3.3 to the separated fulcrum components as well as generally cleaning
up code and adding documentation.
Siegfried Goeschl continues to commit tweaks and more significant
enhancements to a number of fulcrum components (notably the addition of
Spring integration for the YAAFI container and the ability to run an
embedded Jetty container as a service) and on migrating the build
process to Maven 2.
No beta or final releases were made since the last board report.
META project
============
No beta or final releases were made since the last board report.
-----------------------------------------
Attachment U: Status report for the Apache Tuscany Project
Apache Tuscany is an SOA framework based on OASIS OpenCSA. This is the
third monthly board report since graduating from the Incubator.
Tuscany remains fairly active with developer discussion, user
questions, commits and JIRA activity continuing.
Since last months board report there have been two releases SDO 1.1.1
and SCA 1.3. An SCA 1.3.1 maintenance release is also now being
prepared.
One new committer has been voted in, Wojtek Janiszewski, who is one of
the GSoC students working on a Tuscany project. There have been no
changes to the PMC.
-----------------------------------------
Attachment V: Status report for the Apache Velocity Project
Velocity remains a mature product, with development occurring in fits and
starts. At the moment we have one committer driving the majority of the
development activity, though there are three others who participate on JIRA
and the lists regularly and contribute occasional code. Traffic on the
user list remains constant with 2-3 messages a day. Questions continue to
get answered quickly by both project committers and other community
members.
On an encouraging note, in the last month we've had a community member
contribute a substantial set of patches to improve performance of page
rendering. (Particularly with pages involving macros). His tests showed
that our current trunk had a significant performance decrease over the
current version; with his series of patches performance is boosted and now
exceeds the last version. There's been a flurry of activity as he and our
committers have discussed these and other improvements. We'll likely roll
up all these changes into a new release in the next quarter
The Velocity Tools project had a release of Velocity Tools 2.0 Beta 2 on
July 11. We anticipate a final release in the next quarter.
The Velocity project currently has no board-level issues at this time.
There have been no changes to the Velocity Committers or PMC
-----------------------------------------
Attachment W: Status report for the Apache Xalan Project
Xalan-C
=======
Nothing to report.
Xalan-J
=======
Nothing to report.
LEGAL
======
The PMC has looked into the crypto policy. Brian Minchau raised the issue
on the xalan-dev mailing list. All of the PMC members have stated on the
xalan-dev mailing list that they are unaware of any cryptographic code in
source or in binary in the Xalan project.
RESIGNATION
===========
I also regret to announce that Dmitry Hayes has resigned his position as a
member of the Xalan PMC leaving the PMC members as:
o Henry Zongaro
o Santiago Pericas-Geertsen
o Christine Li
o Ramesh Mandava
o John Gentilin
o Brian Minchau
o David Bertoni
-----------------------------------------
Attachment X: Status report for the Apache Xerces Project
Xerces-J
Development continues on the XML Schema 1.1 implementation.
In addition to the help we've been getting through our Google Summer
of Code student we have a new volunteer (Mukul Gandhi) who has made
significant progress on an implementation of the assertions feature.
In tandem with the JAXP 1.4 API updates in XML Commons a number of
JAXP 1.4 features (mostly schema validation related) have been
contributed to the trunk. No releases this quarter but hoping to wrap
one up some time in the fall.
Xerces-C
More work has been done on the 3.0.0 code base in preparation for the
final release planned for mid-September. In particular, all public
interfaces and a large portion of the implementation have been made
64-bit safe, a number of important XML Schema bugs have been fixed
(##other interpretation, large maxOccurs, etc), all diagnostics
messages have been reviewed and cleaned up, and a number of
optimizations have been performed in the DOM and SAX parsers. This all
culminated with the release of a second beta for 3.0.0 on the 24th of
July.
Xerces-P
Xerces-P is preparing for it's first beta release of the 3.0 codebase.
Due to last minute API changes in Xerces-C, Xerces-P no longer
compiled. When fixed many tests for NodeIterators and TreeWalkers
failed. The beta won't be released until these fixes are made. I am
still communicating with for help integrating the Xerces-P/Xerces-C
build process along the lines requested by the debian maintainer, Jay.
XML Commons
Activity in XML Commons picked up in June with some renewed interest
in the development of the resolver component. We have one new
contributor who has provided several patches for the resolver which
we've been gradually reviewing. Also in June, the trunk of
xml-commons-external has been upgraded to the JAXP 1.4 APIs. We had
proposed to do this way back in 2006 but had an open issue with the
authoring of the StAX APIs. In the time since we started the
discussion the the Geronimo folks wrote their own copy of the StAX API
from scratch. We decided to use these sources as the basis for the
StAX API in XML Commons.
General
We have one new committer, John Snelson and a vote has started for
Boris Kolpackov to join the PMC
-----------------------------------------
Attachment Y: Status report for the Apache XML Project
General business
=============
Things are quiet as usual. No changes in the PMC structure. Please see
below for a potential issue with AxKit that might require the board
attention/support.
XIndice
======
XIndice has been quiet this quarter. Users questions are answered, not much
development going on.
AxKit
====
As pointed out by Jeremias Maerki there seems to be a problem with AxKit.
Note that, to start with, the AxKit representative (Matt Sergeant) failed
to report and, specifically, to provide a response to a few issues that
Jeremias noted. Given the lack of responsiveness by Matt, it's probably the
case for the PMC to approach the AxKit community at large and ask them to
provide a new contact and/or discuss the project future. To provide more
context, here is what Jeremias noted:
======
Well, if I look at the AkKit mailing list, the project is almost dead. A
couple of commit messages indicate that the source code is not hosted on
ASF hardware anymore as is policy.
For example: http://trac.axkit.org/axkit2/changeset/259
No commits in the last 22 months in the ASF SVN:
https://svn.apache.org/viewvc/xml/axkit/
The website has never been moved to ASF hardware, AFAIK. It looks to me
as if Matt has taken development elsewhere. There's even a mailing list
on axkit.org where more is going on than on the ASF list.
http://axkit.org/archive/index.xml?year=2008;month=7
IMO, AxKit should be retired on ASF hardware. If Matt wants to
continue elsewhere as he seems to be doing, that's fine. But that would
be without the ASF logo I guess. At any rate, AxKit doesn't behave like
a normal ASF project. Matt, any comments?
-----------------------------------------
Attachment Z: Status report for the Apache XML Graphics Project
General Comments
There are no project-level issues.
Adrian Cumiskey joined the PMC.
XML Graphics Commons
We've released XML Graphics Commons 1.3.1, a bugfix release for 1.3.
Otherwise, there were no major changes here. With the arrival of
PDFBox/JempBox in the incubator, discussions about a unified XMP
implementation (RDF-based metadata) have restarted on the PDFBox dev
list.
Batik
Not much going on. A little bugfixing and code cleanup. Support for Java
1.3 has been removed in Trunk. Activity on users mailing list seems
stable.
FOP
We've released FOP 0.95. Besides the 0.95 release there's the usual
bugfixing and occasional new feature in Trunk. Furthermore, there are
three development branches where larger tasks are being worked on:
Improved page breaking, a new intermediate format and enhancements for
AFP output.
In April there was a little dispute about programming style and about
the question if any committer can tell another what to do. This was
resolved with the help of other committers in the project who stated
their views. We're back to normal.
------------------------------------------------------
End of minutes for the August 20, 2008 board meeting.
Index