Index
Links: 2009 - All years
- Original The Apache Software Foundation
Board of Directors Meeting Minutes
June 17, 2009
1. Call to order
The meeting was scheduled for 10:00am (Pacific) and began at
10:03 when a sufficient attendance to constitute a
quorum was recognized by the chairman. The meeting was held
via teleconference, hosted by Jim Jagielski and SpringSource.
IRC #asfboard on irc.freenode.net was used for backup
purposes.
2. Roll Call
Directors Present:
Bertrand Delacretaz
Justin Erenkrantz
J Aaron Farr
Jim Jagielski
Geir Magnusson Jr
William Rowe Jr
Sam Ruby
Greg Stein
Directors Absent:
Henning Schmiedehausen
Guests:
Doug Cutting
Roy T. Fielding joined at 10:10
Santiago Gala
Ross Gardler
Niclas Hedhman
Brett Porter
Paul Querna joined at 10:07
Sander Striker
Henri Yandell
Jukka Zitting
Shane Curcuru joined at 10:35 for 30 minutes
3. Minutes from previous meetings
Minutes (in Subversion) are found under the URL:
https://svn.apache.org/repos/private/foundation/board/
None reviewed.
Jim asks for the status of Sander's minutes? Sander will
commit.
4. Executive Officer Reports
A. Chairman [Jim]
Since the last board meeting, there has been continued discussion
and debate regarding the budget and the budget process. It would
be a mistake to call these smooth. However, the hope and the
goal is that we have learned from this process and that the
next go-round with be more smooth and more reserved.
With the upcoming members meeting (and board election), there
has also been ongoing discussions regarding more general aspects
of the ASF, mostly related to marketing and PR and its alignment
(if any) with our mission. Also under discussion has been the
sponsorship program and its influence and impact (if any) on
our mission. I created an Email thread specifically about
this to try to gauge what the specific issues are and what
specific, actionable remedies may exist (if required).
It is, btw, somewhat ironic, that 2 major action items that
the foundation have been trying to accomplish for years
(the budget and the sponsorship program), once they have been
realized, have created so much conflict.
Regarding the board elections, we will see another large
turn-over in directors; at the very least, 3 current directors
have chosen not to rerun.
A reminder that the ASF members meeting is scheduled for July
7th (and 9th) and that time remains for new member and new
director nominations.
With the conflict of the last several weeks, it is easy for that
to influence the perception of the board and the effectiveness of
the board over the last 12 months. That is, imo, a darn shame,
because we have successfully made some major changes and major
strides in getting the ASF on auto-pilot. Back when we were much
smaller, it was easy for volunteers to do all the "foundation
infrastructure" work, since there wasn't much. As we have grown
significantly larger, that is no longer the case and getting us
to a place where we can continue to allow and empower volunteers
to do that, while ensuring continuity and closure of issues is
a difficult task, which this board has been very crucial in
handling. My personal thanks go to each and every director
and officer.
B. President [Justin]
This last month has been largely spent recuperating from the
budget process. I feel that there are some clear lessons
to be learned from the budget process and hope that we can
improve the experience going forward. Two suggestions
that I think should be noted for posterity:
- Require each committee to have a formal vote on their request
- Require each committee to submit a justification
It is my hope that such actions greatly smooth the budget
process in future years.
I have talked with Noirin (via concom@ list) about the
contract situation with SCP and ApacheCon. We feel
that it is best to pause the contract negotiations
until the September timeframe. This will give Noirin
time to get acclimated to her new role as ConCom VP and
allow for some more discussion (within concom and a new
Board) about what we hope to achieve with a new event
contract.
I look forward to the upcoming Board elections as I
think the discussions around nominations are bringing
up some good ideas and perhaps some fresh perspectives.
BUDGET COMMITTEE UPDATE:
See above for lessons learned.
I now consider the Budget Committee as having concluded its
appointed task and have disbanded it.
Thanks to Jim and Bill for serving on the committee!
ADMINISTRATIVE SEARCH COMMITTEE UPDATE:
With the budget being passed it should have been a lot easier
to move forward with the tasks for the committee. With
the current different views and opinions on the future
direction of the ASF, I think the foundation is best
served with putting its task on hold until after the
elections. As such, there is currently no update.
C. Treasurer [Geir]
Books are currently up to date as of 2009-06-14 for checking,
savings and credit card accounts.
Contributions :
- Current PayPal balance is $11,327.74 USD. Contributions via PayPal for
May 2009 were $234. This is not reflected in statement of position below.
(I want the reports to always accurately represent Quickbooks data).
PayPal history reporting seems to be often broken.
- IONA 2009 invoice outstanding from 4/1
- Google 2009 invoice outstanding from 5/16
Tasks Done :
- bills : PRNewsWire
- resent Sunstar check
- Direct Pay is setup, I have Yet Another Dongle
Todo :
- Move Sunstar, Sally, (?) to direct pay if they are willing
- FY2008 taxes - due date is August 15th
- review switching from accrual to cash accounting
- list of donors for "thank you's"
- figure out why PayPal and I don't get along
Question : Contract for Catherine Ruby is ended or will be ended. What is
her last month of work?
Financial Reports :
1) Statement of Financial Income and Expense - May 2008 - Accrual Basis
Ordinary Income/Expense
Income
Interest Income 126.97
Contributions Income
Unrestricted 100,000.00
Total Contributions Income 100,000.00 (1)
Total Income 100,126.97
Expense
Bank Service Charges 349.22
Contract Labor 800.00
Postage and Delivery 26.42
Professional Fees
Legal Fees 400.00
Total Professional Fees 400.00
Program Expenses
Infrastructure
Colocation Expenses 518.00
Infrastructure Staff 0.00 (2)
Total Infrastructure 518.00
Public Relations
Public Relations Staff 3,636.36
Public Relations - Other 1,615.00
Total Public Relations 5,251.36
Total Program Expenses 5,769.36
Total Expense 7,345.00
Net Ordinary Income 92,781.97
Net Income 92,781.97
Notes :
(1) - this is the 2009 Google Platinum Sponsorship Invoice. Haven't been paid yet.
(2) - Should be 6k, but as it's accrual, the 6k check we sent was offset by a 6k check returned.
2) Statement of Financial Position - as of May 31, 2009 - Accrual Basis
May 31, 09 May 31, 08 $ Change % Change
ASSETS
Current Assets
Checking/Savings
PayPal 10,885.17 14,027.77 -3,142.60 -22.4%
Wells Fargo Analyzed Account 26,930.92 100,996.05 -74,065.13 -73.3%
Wells Fargo Savings 299,048.98 157,214.03 141,834.95 90.2%
Total Checking/Savings 336,865.07 272,237.85 64,627.22 23.7%
Accounts Receivable
Accounts Receivable 120,000.00 0.00 120,000.00 100.0%
Total Accounts Receivable 120,000.00 0.00 120,000.00 100.0%
Total Current Assets 456,865.07 272,237.85 184,627.22 67.8%
TOTAL ASSETS 456,865.07 272,237.85 184,627.22 67.8%
LIABILITIES & EQUITY
Liabilities
Current Liabilities
Credit Cards
ASF Credit Card - Paul Querna 528.39 0.00 528.39 100.0%
ASF Credit Card - Ruby 46.37 0.00 46.37 100.0%
ASF Credit Card - Erenkrantz 0.00 348.31 -348.31 -100.0%
Total Credit Cards 574.76 348.31 226.45 65.0%
Total Current Liabilities 574.76 348.31 226.45 65.0%
Total Liabilities 574.76 348.31 226.45 65.0%
Equity
Retained Earnings 363,508.34 261,948.68 101,559.66 38.8%
Net Income 92,781.97 9,940.86 82,841.11 833.3%
Total Equity 456,290.31 271,889.54 184,400.77 67.8%
TOTAL LIABILITIES & EQUITY 456,865.07 272,237.85 184,627.22 67.8%
3) Ad-hoc Budget Tracking
Summary : We're way behind in income on a flat monthly plan, but we're also far ahead in expenses.
(Expenses are less their budget by more than income is less than target, on a percentage basis.)
Income :
Current monthly income target is $541,200 / 12 = $45,100
Interest income : $127
PayPal Contributions : $234
Sponsorship contributions for May 2009 :
Platinum : ($100,000 / 12 = $8333)
Microsoft $8333
Yahoo $8333
Google $8333 (invoiced with high degree of confidence - we haven't actually received any money yet)
Silver : ($20,000 / 12 = $1667)
HP $1667
Bronze : ($5,000 / 12 = $417
BlueNog $417
Intuit $417
Joost $417
Mullenweg $417
Sponsorship Subtotal : $28,333
Monthly Total : $28,694
% of monthly target : 64%
YTD Total : $28,694
% of annual plan : 5%
Expense :
Current monthly expense budget is $404,541 / 12 = $33,711
Expense for May 2009 (cash basis) : $13,345
% of monthly target : 40% (this is good!)
YTD Total : $13,345
% of plan : 3%
May was Catherine's last month.
Like the idea of an Apache person signing thank you's, Justin
and Geir suggests coordinating this through the PRC, Jim
suggests having the Secretary coordinate this.
Yahoo and Microsoft are coming up due in August. Sally will
contact both. If it not clear when Microsoft's term started:
OSCON or when we actually invoiced them?
D. Secretary [Sam]
No report submitted.
E. Executive Vice President [Sander Striker]
Verbal report provided.
Admin search is on hold until member elections.
There will be some speaking opportunities in October, may
conflict with ApacheCon.
Executive officer reports approved as submitted by General Consent.
5. Additional Officer Reports
1. VP of JCP [Geir Magnusson Jr]
See Attachment 1
Unrelated to the JCP, we discussed how to handle W3C reports. Jim
indicated that W3C will be added as a monthly report.
2. Apache Legal Affairs Committee [Sam Ruby]
See Attachment 2
3. Apache Security Team Project [Mark Cox / Geir]
See Attachment 3
4. Apache Conference Planning Project [Lars Eilebrecht / Bertrand]
See Attachment 4
5. Apache Public Relations Project [Jim Jagielski]
See Attachment 5
There will be an official vote on the new members, expect a
resolution next month.
6. Apache Infrastructure Team [Paul Querna / Justin]
See Attachment 6
7. Apache Travel Assistance Committee [Gavin McDonald / Bill]
See Attachment 7
Question: SCP should be a simple request? No action taken.
Additional officer reports approved as submitted by General Consent.
6. Committee Reports
A. Apache Ant Project [Conor MacNeill / Jim]
See Attachment A
B. Apache APR Project [Bojan Smojver / Justin]
See Attachment B
Justin to pursue a report for APR
C. Apache Archiva Project [Maria Odea Ching / Henning]
See Attachment C
D. Apache Attic Project [Henri Yandell / J Aaron]
See Attachment D
Aaron to add link to mail-archives.apache.org.
E. Apache Camel Project [Hadrian Zbarcea / Sam]
See Attachment E
Can the PRC help raise buzz/awareness for Camel 2.0? No action taken.
F. Apache Cayenne Project [Andrus Adamchik / Greg]
See Attachment F
G. Apache Commons Project [Torsten Curdt / Sam]
See Attachment G
H. Apache Excalibur Project [Carsten Ziegeler / Bill]
See Attachment H
Aaron to bring up on the Excalibur list the potential for this
project to go to the Attic and/or portions to go to Felix.
I. Apache Felix Project [Richard Hall / Bertrand]
See Attachment I
J. Apache Gump Project [Stefan Bodewig / Jim]
See Attachment J
The board is pleased to see support for more SCMs.
K. Apache Harmony Project [Tim Ellison / Greg]
See Attachment K
General discussion about publishing regular builds until we get
approval for the TCK. Tim Ellison confirms that Harmony is publishing
regular builds.
L. Apache iBATIS Project [Clinton Begin / Justin]
See Attachment L
Justin to pursue a report for iBATIS
M. Apache Incubator Project [Noel J. Bergman / Henning]
See Attachment M
Bertrand to investigate the mailed software grants for Ace.
wrp4j: Sam to investigate the legal issue.
Should RAT be a TLP? The board did not see an issue with that
approach. Henri suggested that it be an infrastructure
project. It is a tool rather than a community.
Jim to communicate the remaining issues to incubator.
N. Apache Jackrabbit Project [Jukka Zitting / J Aaron]
See Attachment N
Again: any noteworthy regarding the release that the PRC can
help with? Jukka to pursue.
O. Apache Jakarta Project [Martin van den Bemt / Geir]
See Attachment O
A PMC chair resolution is expected for the next board meeting.
P. Apache Labs Project [Bernd Fondermann / Greg]
See Attachment P
Q. Apache Lucene Project [Grant Ingersoll / Bertrand]
See Attachment Q
R. Apache OFBiz Project [David E. Jones / Bill]
See Attachment R
S. Apache Portals Project [David Sean Taylor / Geir]
See Attachment S
T. Apache Quetzalcoatl Project [Gregory Trubetskoy / Justin]
See Attachment T
Henri suggested that if there is no visible Apache presence,
this project should end up in the Attic. Aaron to follow up.
U. Apache Santuario Project [Berin Lautenbach / Jim]
See Attachment U
V. Apache ServiceMix Project [Guillaume Nodet / Henning]
See Attachment V
W. Apache SpamAssassin Project [Daryl C. W. O'Shea / Sam]
See Attachment W
Sam to pursue a report for SpamAssassin
X. Apache Synapse Project [Paul Fremantle / J Aaron]
See Attachment X
Y. Apache Tiles Project [Greg Reddin / Henning]
See Attachment Y
Z. Apache Tomcat Project [Mladen Turk / Justin]
See Attachment Z
We should highlight 10 years of Tomcat at the next ApacheCon US.
AA. Apache Web Services Project [Glen Daniels / Bill]
See Attachment AA
Glen Daniels requested skipping June in favor of a July report.
AB. Apache Wicket Project [Martijn Dashorst / Geir]
See Attachment AB
AC. Apache XMLBeans Project [Cezar Andrei / Greg]
See Attachment AC
Greg to pursue a report for XMLBeans
Committee reports approved as submitted by General Consent.
7. Special Orders
A. Change of Public Relations Committee Charter
WHEREAS, the Public Relations Committee was chartered and
responsible for organization and oversight of efforts to handle
public relations on behalf of The Apache Software Foundation,
including trademark licensing and other issues regarding
management of the Apache brand and raising of funds, but
excluding the ApacheCon conferences (which shall remain a
responsibility of the Apache Conference Planning Committee); and
WHEREAS, the Apache Conference Planning Committee would benefit
from the oversight and expertise of Public Relations Committee
in relation to the Apache brand, and coordination in the raising
of funds;
NOW, THEREFORE, BE IT RESOLVED, that the Public Relations
Committee, an ASF Board Committee, hereby is rechartered
pursuant to Bylaws of the Foundation; and be it further
RESOLVED, that the phrase, "excluding the ApacheCon conferences
(which shall remain a responsibility of the Apache Conference
Planning Committee)" is struck from the Public Relations
Committee charter; and be it further
RESOLVED, that the Public Relations Committee be and hereby is
responsible for organization and oversight of efforts to handle
public relations on behalf of The Apache Software Foundation,
including trademark licensing and other issues regarding
management of the Apache brand and raising of funds.
Special Order 7A, Change of Public Relations Committee
Charter, Tabled as the vote is still ongoing.
B. Establish the Apache Sling Project
WHEREAS, the Board of Directors deems it to be in the best
interests of the Foundation and consistent with the
Foundation's purpose to establish a Project Management
Committee charged with the creation and maintenance of
open-source software related to a scriptable web framework
that uses a Java Content Repository, such as Apache
Jackrabbit, to store and manage content for distribution
at no charge to the public.
NOW, THEREFORE, BE IT RESOLVED, that a Project Management
Committee (PMC), to be known as the "Apache Sling Project",
be and hereby is established pursuant to Bylaws of the
Foundation; and be it further
RESOLVED, that the Apache Sling Project be and hereby is
responsible for the creation and maintenance of software
related to a scriptable web framework that uses a Java
Content Repository, such as Apache Jackrabbit, to store
and manage content; and be it further
RESOLVED, that the office of "Vice President, Apache Sling" be
and hereby is created, the person holding such office to
serve at the direction of the Board of Directors as the chair
of the Apache Sling Project, and to have primary responsibility
for management of the projects within the scope of
responsibility of the Apache Sling Project; and be it further
RESOLVED, that the persons listed immediately below be and
hereby are appointed to serve as the initial members of the
Apache Sling Project:
* Alexandru Popescu <apopescu at apache dot org>
* Bertrand Delacretaz <bdelacretaz at apache dot org>
* Christophe Lombart <clombart at apache dot org>
* Carsten Ziegeler <cziegeler at apache dot org>
* Felix Meschberger <fmeschbe at apache dot org>
* Gianugo Rabellino <gianugo at apache dot org>
* Padraic Hannon <hannonpi at apache dot org>
* Juan José Vázquez Delgado <juanjo at apache dot org>
* Karl Pauls <pauls at apache dot org>
* Vidar Ramdal <vramdal at apache dot org>
NOW, THEREFORE, BE IT FURTHER RESOLVED, that Felix Meschberger
be appointed to the office of Vice President, Apache Sling, to
serve in accordance with and subject to the direction of the
Board of Directors and the Bylaws of the Foundation until
death, resignation, retirement, removal or disqualification,
or until a successor is appointed; and be it further
RESOLVED, that the initial Apache Sling PMC be and hereby is
tasked with the creation of a set of bylaws intended to
encourage open development and increased participation in the
Apache Sling Project; and be it further
RESOLVED, that the Apache Sling Project be and hereby
is tasked with the migration and rationalization of the Apache
Incubator Sling podling; and be it further
RESOLVED, that all responsibilities pertaining to the Apache
Incubator Sling podling encumbered upon the Apache Incubator
Project are hereafter discharged.
Special Order 7B, Establish the Apache Sling Project, passed with
6 yes votes and 1 abstention.
C. Change the Conference Planning Chair
WHEREAS, the Board of Directors heretofore appointed Lars
Eilebrecht to the office of Vice President, Conference
Planning, and
WHEREAS, the Board of Directors is in receipt of the resignation
of Lars Eilebrecht from the office of Vice President, Conference
Planning, and
WHEREAS, the members of the Conference Planning Committee have
chosen by vote to recommend Noirin Shirley as the successor to
the post;
NOW, THEREFORE, BE IT RESOLVED, that Lars Eilebrecht is relieved
and discharged from the duties and responsibilities of the
office of Vice President, Conference Planning, and
BE IT FURTHER RESOLVED, that Noirin Shirley be and hereby is
appointed to the office of Vice President, Conference Planning,
to serve in accordance with and subject to the direction of the
Board of Directors and the Bylaws of the Foundation until death,
resignation, retirement, removal or disqualification, or until a
successor is appointed.
Special Order 7C, Change the Conference Planning Chair, was
approved by Unanimous Vote of the directors present.
D. Appoint Raul Benito as Apache Santuario chairman
WHEREAS, the Board of Directors heretofore appointed Berin Lautenbach
to the office of Vice President, Apache Santuario, and
WHEREAS, the Board of Directors is in receipt of the resignation of
Berin Lautenbach from the office of Vice President, Apache Santuario;
NOW, THEREFORE, BE IT RESOLVED, that Berin Lautenbach is relieved and
discharged from the duties and responsibilities of the office of Vice
President, Apache Santuario, and
BE IT FURTHER RESOLVED, that Raul Benito be and hereby is
appointed to the office of Vice President, Apache Santuario, to
serve in accordance with and subject to the direction of the Board of
Directors and the Bylaws of the Foundation until death, resignation,
retirement, removal or disqualification, or until a successor is
appointed.
Special Order 7D, Appoint Raul Benito as Apache Santuario
chairman, was approved by Unanimous Vote of the directors
present.
E. Update Legal Affairs Committee Membership
WHEREAS, the Legal Affairs Committee of The Apache Software
Foundation (ASF) expects to better serve its purpose through the
periodic update of its membership; and
WHEREAS, the Legal Affairs Committee is an Executive Committee
whose membership must be approved by Board resolution; and
WHEREAS, the Legal Affairs Committee is in receipt of Roy
Fielding's resignation.
NOW, THEREFORE, BE IT RESOLVED, that the following ASF members be
added as Legal Affairs Committee members:
Niclas Hedhman <niclas@hedhman.org>
Lawrence Rosen <lrosen@rosenlaw.com>
BE IT FURTHER RESOLVED, that the following ASF member be removed
as a Legal Affairs Committee member:
Roy Fielding <fielding@gbiv.com>
Special Order 7E, Update Legal Affairs Committee Membership,
was approved by Unanimous Vote of the directors present.
F. Update Public Relations Committee Membership
WHEREAS, the Public Relations Committee (PRC) of The Apache
Software Foundation (ASF) expects to better serve its purpose
through the periodic update of its membership; and
WHEREAS, the PRC is a Board-appointed committee whose
membership must be approved by Board resolution; and
WHEREAS, the Board is in receipt of Bertrand Delacretaz's,
Yoav Shapira's and Ted Leung's resignation as a member of the PRC,
NOW, THEREFORE, BE IT RESOLVED, that the following ASF
members be removed from the list of Public Relations Committee
members:
Bertrand Delacretaz <bdelacretaz@apache.org>
Yoav Shapira <yoavs@apache.org>
Ted Leung <twleung@sauria.com>
Special Order 7F, Update Public Relations Committee
Membership, was approved by Unanimous Vote of the directors
present.
8. Discussion Items
9. Review Outstanding Action Items
10. Unfinished Business
11. New Business
12. Announcements
Aaron will be moving and his wife is expecting. Congrats!
Justin is on leave from Joost, and focusing on his Ph.D.
13. Adjournment
Adjourned at 11:18 a.m. (Pacific)
============
ATTACHMENTS:
============
-----------------------------------------
Attachment 1: Report from the VP of JCP
The Apache Software Foundation was the recipient of the 2009
JCP Member of the Year Award. This is the 3rd time we've
been selected to receive this, and I think it's nice
recognition for the work that we all do in the JCP, including
engagement and activism on the EC, direct participation in
expert groups, and building, testing and distributing leading
implementations of the specifications.
In terms of the Sun acquisition by Oracle and any news we have
from there regarding the future of the JCP or our current
dispute with Sun over the Java SE TCK, I can only report that
I have nothing to report. Oracle practices exceptional
message control (except when Ellison speaks at conferences,
it seems) and so far I have no information regarding the
future. Oracle has always been a prominently outspoken
supporter of our position and cause, and while I'm hopeful
that will continue in the future, remember that power comes
from the barrel of a gun. They now have the gun.
Elsewhere, I'm still pursuing an action item to get the language
for the JPA draft spec license fixed - Sun is aware, Sun agrees
but an official letter or such has yet to materialize. I will
keep pushing.
There are also some outstanding requests for updated TCK materials
which are being attended to.
-----------------------------------------
Attachment 2: Status report for the Apache Legal Affairs Committee
Summary:
* In general, things appear to be progressing smoothly, though I think I see
the first signs of things that might end up falling through the cracks.
Will continue to monitor. See items marked with a (*)
* While I am quite comfortable with the split between the PRC and Legal(and
Incubator, for that matter) on trademarks, the topic of trademark selection
and enforcement continues to pop up. As long as nobody raises any concerns
about the discussions and no decisions are reached exclusively on legal
mailing lists, I'm OK with it.
Details:
Larry extended the time (for 6 months) in which the ASF must respond to the
PTO before the SpamAssassin Trademark becomes effective. He can not proceed
until the website is corrected.
PHP license approved as category A.
GPLv3 license identified as category X. Statements by the FSF indicating
that the ASF license is "compatible" with GPLv3 was, as predicted, a cause
of confusion.
Pivot decided to continue with their plans to host their Flex BlazeDB demo
outside of the ASF infrastructure given that that code has a dependency on
GPLv3 licensed code.
Henri noted some "dodgy" code in Checkstyle (specifically some Sun specific
Swing code). The code is available under BSD with 'no nuclear facility'
clause. (*)
General discussion (without providing any legal advice) occurred in response
to a question about establishing another open source non-profit.
We discussed using JIRA for tracking ICLAs. It wasn't clear what benefit
that provided.
A general question on "reciprocity" with respect to section 5 of our license
was answered. No change to the license is planned. The author of the
dictionary in question agreed to provide a copy under the Apache License.
Extensive discussion about improving the release process documentation.
Patches expected to be forthcoming. (*)
CUP Parser Generator license a.k.a. "Standard ML of New Jersey" was reviewed
and thought to be Category A. (*)
General discussion on what 'required notices' meant. Unsurprisingly, the
answer was 'notices that are required' :-)
A question about using Apache CXF in a GPL licensed codebase was answered by
pointing the ASF and FSF faqs.
General discussion on trademarks (IMHO, bordering on PRC's responsibility,
but as no decisions were made, no harm)
Lengthy discussion (without concrete results) on tagging release candidates
and Java.
A question about ECCN exports was answered by pointing to the web page
describing our export licenses.
A question about binary PDF documents in a release for Apache Stonehenge was
answered. It involved README vs NOTICE and Copyright vs Trademark
considerations. Developing more general education and posting it on our
website would be helpful in this area.
General question on the trademark-ability of greek letters. Delta airlines
seem to have done so.
A question on how we view the Day spec license was asked, without attracting
an answer (*). It doesn't directly affect Jackrabbit, as Day has a CCLA on
file.
Question (motivated by VCL, but applies to a number of ASF projects) on
whether or not we intend to trademark names that were in use prior to
donation to the ASF.
A few com.sun.* APIs seem to have found their way into effectively becoming
part of standards. Notes were shared on how to deal with this.
Microsoft Limited Public License was categorized as "X" as it has a field of
use clause.
A TM was added to the Tomcat logo. Another case that properly is something
the PRC should be concerned with. When this discussion moved onto the ASF
feather logo, Larry did request that this be continued at the PRC.
PDFBox wishes to include some CJK fonts which are licensed in a way that
does not permit modification. As it doesn't affect the ability for us to
release our code under our license, this license is thought to be category
B.
Active discussion (incomplete) on copyright and trademark of hosting of
research papers on our site.
Larry dealt with a DMCA notice that was misdirected towards the ASF.
-----------------------------------------
Attachment 3: Status report for the Apache Security Team Project
For May 2009: There continues to be a steady stream of reports of
various kinds arriving at security@apache.org. These continue to be
dealt with promptly by the security team.
1 Support question
3 Vulnerability report
of which
1 Vulnerability report [tomcat, via security@apache.org]
1 Vulnerability report [httpd, via security@apache.org]
1 Vulnerability report [xerces, via security@apache.org]
-----------------------------------------
Attachment 4: Status report for the Apache Conference Planning Project
General News
------------
* Lars Eilebrecht is resigning from the V.P. position. The Conference
Planning Committee has voted to make Noirin Shirley the new V.P. of
the Conference Planning project.
ApacheMeetUp/BarCampApache Asia 2009 (December TBD)
---------------------------------------------------
* The planning team has decided to push the event back to December 2009.
ApacheCon US 2009 News (2-6 November)
-------------------------------------
* The first media call occurred to detail how SCP, Planners, ConCom and
PageOne would best work together.
* Planning and scheduling work continues.
* Opening of registration was scheduled on the 22nd, but due to many
busy schedules and slow responses to planners questions, this may no
longer be realistic. It will certainly open in the coming weeks.
-----------------------------------------
Attachment 5: Status report for the Apache Public Relations Project
GENERAL INFO
Concom has voted on and requested that the PRC charter be expanded to
include oversight of ApacheCon publicity. A vote is progressing in
PRC.
Charel/SCP has agreed to retain PageOne PR to help drive publicity for
ApacheCon US/OAK in connection with the 10th Anniversary Big Feather
Birthday Bash. Sally has scoped the project and has begun the dialogue with
Jim to help PageOne prioritize outreach activities and coordinate
messaging. Sally is meeting with PageOne weekly to track progress.
Received request from ConCom for PRC to officially oversee the ApacheCon
Business & Community Track
The PRC --specifically Sally-- was tasked with the oversight, planning, and
management of the Big Feather Birthday Bash at ApacheCon/OAK in November.
Jim will be her counterpart on these activities.
Jim stated he had intended to resign as PRC chair, and later agreed to stay
on through ApacheCon/November following discussion on the PRC list,
particularly with his role as co-lead on BFBB/ApacheCon PR oversight with
Sally. Both Shane and Sally were nominated as his replacement; there was
debate regarding possible conflict of interest for Sally, as head of HALO,
in "managing" her own contract.
Shane submitted an in-depth vision statement of where he'd like to see the
PRC heading if elected Chair, and that he intends to reorient his primary
attention from ConCom to PRC.
Jim offers to buy anyone he's offended a drink.
Sally requested the Twitter login credentials; in updating the Foundation
blog she broke the Roller stylesheet by cutting-and-pasting from MSWord.
Gavin corrected the immediate problem, but there doesn't seem to be a
long-term solution. Apache.org, etc. are out of date
ASF received a Linux Journal Readers' Choice category winner again :-)
Sebastian ("sebb") noticed that the directory
http://apache.org/foundation/press/ is a flatfile as it doesn't have an
index and suggests that we possibly redirect to
http://apache.org/foundation/news.html for now
Jim has received some queries about the "influence" that Progress Software
appears to have on Apache Camel, CXF, ActiveMQ and ServiceMix, particularly
that the majority of committers to these projects are employed by Progress,
and that the direction of the projects may be corporate and not
community-- driven.
Jim wants to hold monthly concalls to discuss the PRC reports in advance of
the Board meetings
Jim clarified to the Board the current draft budget is accurate: Whether or
not we contract HALO to do the sponsorship or go with an external (a
different external) person/agency, $30K is projected for the Sponsor
development activity.
Jim clarified a charge from PRNewswire for additional distribution channel
for the OFBiz announcement to (eCommerce focus)., as well as $1,560 for the
ACEU09/10th Anniversary press release distributed outside of our usual wire
outlets.
Jim requests folks to update their membership status. Diffs: Yoav and Ted
Leung pull out; Noirin, Larry, Sanjiva, and Henri want to join. Jukka wants
to be obliquely involved.
Matthias wants a slide master template.
Hen suggests a suggestion for the PRC on organization to help the
volunteers know what their tasks are: 1) List the general things the PRC
does; 2) List the ones that have been outsourced to HALO; 3) Work out which
ones are independent and which require PRC involvement. For the volunteer
tasks, identify process to follow in each case. Break the emails press@
gets into a few categories: Analyst asking for general phone call; Analyst
asking for specific expertise phone call; PMC asking to send out press
release; Sponsor query.; etc etc.
COMMUNITY OUTREACH
Niclas Hedhman notified the PRC that he has accepted an invitation to
represent the ASF on a panel on the commercialization of Open Source at the
MSC Malaysia Open Source Conference on 1 June.
Jukka requested a technical boilerplate for releases; Sally created one:
"About The Apache Software Foundation: Established in 1999, The Apache
Software Foundation provides organizational, legal, and financial support
for more than 100 freely-available, collaboratively-developed Open Source
projects. The pragmatic Apache License enables individual and commercial
users to easily deploy Apache software; the Foundation's intellectual
property framework limits the legal exposure of its 2,500+ contributors.
For more information, visit http://www.apache.org/"
Shane wanted to know what boilerplates exist: we have the long official
"marketing" one http://apache.org/press/media.html#about , the shorter
"marketing" one that's used in press releases "the 'who'" at
http://apache.org/foundation/press/pr_2009_03_04.html , and the 50-word
"technical" one above.
Craig forwarded an invitation from O'Reilly to participate in the .org pods
on the expo floor of OSCON. Sally will attend, with Justin, Paul Querna,
and Craig (possibly others). We selected the booth next to OFBiz (brand
continuity!)
We approved a draft press release for Hippo
Isabel Drost asked that we help publicize the Hadoop GetTogether in Berlin
on 25 June (Sally hasn't done this with her editing problems; not sure if
anyone else has volunteered to do it)
Received request from NLUUG for members of the ASF Board to attend their
conference the week before ApacheCon; officially declined but may have
someone from EU not attending ApacheCon who may be interested
Sander is speaking in Dirk's place at the Fuse OSS Day
MEDIA AND ANALYST RELATIONS
Lars responded to an inquiry by David Worthington of SDTimes (referred to
us by Paul Fremantle) regarding the security development lifecycle within
ASF Projects.
Sally gave a top-level overview of Hadoop to MIT Technology Review for
their Cloud computing roundup; the article is expected to be available
after 23 June.
Sally briefs analysts Datamonitor for their report on Open Source in the
Enterprise technology market
Approved draft of press release for Hippo
Cote of RedMonk has requested a briefing for Pivot (in the Incubator)
Still no decision whether or not to formally engage RedMonk. A formal
vote on it is in process.
Total media hits during May: 212
BRAND, TRADEMARK, AND LOGO USAGE
We're starting to define our trademark policy, including a list of ASF
trademarks (checked in), a procedures doc for PMCs to update their websites
(trying to write from Larry's email today), and a task list for concretely
forming official policy in terms of how we treat and defend our trademarks.
Created trademark-plan.txt; key issue is figuring out our trademarks
Craig has worked on updating the OpenJPA web site master pages to include
Apache trademarks in an obvious but not obtrusive way. See
http://openjpa.apache.org/unit-tests.html
David Crossley requests that we review trademark statements about Apache
Forrest: "Apache, Apache Forrest, the Apache feather logo and the Apache
Forrest logo are trademarks of The Apache Software Foundation. Copyright
(C) The Apache Software Foundation. Licensed under Apache License 2.0."
Larry states that there is no need to the "The" in the name.
Larry brings to our attention that "...of potentially far greater
importance than the notice itself is our filing of a registration of the
copyright with the U.S. Library of Congress. The procedures are simple,
online, and inexpensive (~ $40). I'll bet that nobody has budgeted for
that."
Santiago carried a branding-related discussion over from legal-discuss
regarding acceptable trademark usage stemming from a question regarding a
VCL project name. He's seeking policy regarding semi-automated permissions
for usage of trademarks of services such as hosting providers (who sell
Apache Vhosts); (Apache) Tomcat Provider/servlet containers with Tomcat;
etc. and that explicit rules stating when it is OK to use the brands are
required to minimize the number of queries and erroneous attributions.
Larry explained that we're not yet ready for a semi-automated system for
our trademarks, as the following situations need to first be clarified: 1)
ASF-owned products (e.g., "Apache" and the Apache feather, particularly as
distributed by others); 2) applying ASF certification marks to third party
goods under certain circumstances (e.g., ingredient brand: "Powered by
SpamAssassin", similar to "Intel Inside"; we need to specify and monitor
the certification requirements); 3) statements that don't require our
permission: "XYZ Hosting for Apache VHosts", "ZZZ Provider for Apache
Tomcat", etc.; 4) uses that infringe Apache's trademarks: "Apache Hosting
Provider", "Apache Tomcat Provider".
Hen stresses that some items cannot be trademarked, such as "Web Services",
HTTP, TCL, and XML, as they're not ours. He also shares his concern with
broad use of TM on a community website, as it's both a new thing in
community-driven Open Source, as well as sends out a strong message with
its corporate overtones
Received request from HotWaxMedia to pursue the sale of Apache-branded
goods. (this also opened up the use of the TM in the ASF name, as well as
using the "The" in the name; our suggestion of donating a part of the
proceeds to the ASF; and the need to pre-approve the design to ensure it
meets our standards)
Martijn Dashorst forwarded a request from Craig Tataryn to use the Wicket
logo for a brochure and website promoting his training services. Permission
granted.
Ted Husted responded to an inquiry to use the ASF logo on a South African
Web development consultant's Website. Responded that it was approved for
the "Powered by Apache" usage only. Larry stated that the information on
the ASF Website doesn't tell the whole story, and has offered to draft new
trademark FAQ questions for http://www.apache.org/foundation/marks/once the
rules are delineated and agreed to.
Shane summarized that the current situation is that we're starting to
define our trademark policy, including a list of ASF trademarks (checked
in), a procedures doc for PMCs to update their websites , and a task list
for concretely forming official policy in terms of how we treat and defend
our trademarks. He feels that the biggest issue with trademarks is getting
enough of the PRC members to vote on basic policy: we need to have the
start of a formal policy decided - either by vote of the PMC, or by fiat by
the VP, so we can have a base that is truly the policy of the ASF. The next
hard step will be working with each PMC to get them to put the TM and
"Apache Foo is a product that does blah" statements on their websites.
Besides the general complaining that the ASF is becoming too bureaucratic,
that will take work working with each PMC and sometimes just submitting
patches to the variety of website management systems that different projects
use.
Shane also stated the issue on trademark-plan.txt is figuring out what we
think our trademarks are. First let's get consensus within the PRC of what
we think our trademarks are (we can pass any *specific* questions by
legal-internal@ later). See http://www.apache.org/foundation/marks/list/ to
reference.
Larry stated that the feather logo and the graphics and words at the top
ought to be standardized by PRC for use by all projects. Trademarks should
be used as adjectives, not nouns, with standardized wording at the bottom
of our web pages, in small print: "Copyright (C) 2009 Apache Software
Foundation. Licensed under Apache License 2.0 (see www.apache.org). Apache
and the Apache feather logo are trademarks of Apache Software Foundation."
He's hoping there will be a page at www.apache.org that will list all our
trademarks, which will become the official list and the official notice.
Michael Dick suggested that keeping pages up to date could be problematic.
Having a template banner / footer might be well received by a lot of
projects, like http://www.eclipse.org/projects/listofprojects.php
Martijn is concerned that we seem to be turning into "Trademark Enforcers"
Sebastian noticed that the Apache feather logo is used on the main Apache
site, www.apache.org, as well as on various project sites, e.g.
jakarta.apache.org, httpd.apache.org, etc., but is inconsistent (mirror
image, color variances, etc.), where other projects such as
lenya.apache.org/ use a completely different version of the feather
altogether. Also, that the published SVG version of the feather at:
http://apache.org/foundation/press/kit/feather.svg is a mirror image of the
one actually used on the ASF website.
Bill Rowe moved discussion on example of "Apache Ki" from legal-internal,
where Larry stresses that we have to associate that feather indelibly in
consumers' minds with "Apache Software Foundation" and with the software
available at "www.apache.org". All our other trademarks are secondary to
that brand graphic and to the trademark "Apache" itself.
We declined the "offer" to purchase apacheproducts.com domain; Larry
suggests (internally) that the company 'make a charitable donation of their
domain name to our non-profit Apache Software Foundation and perhaps it
will prove useful to us later. We remind you that "Apache" is a famous
trademark for software from the Apache Software Foundation. Your domain
name cannot be used for distributing software or related products or
services, by you or any third party, without our express permission.' Go
Larry.
Henning came across http://www.apachefriends.org/en/contact.html, which
reads "XAMPP and Apache Friends are registered trademarks of Kai Seidler."
This non-profit German support forum for running Apache web servers fails
to mention the Foundation anywhere. We should contact him to include the
ASF trademark notice. @@has this happened?
Received request to include ASF logo on diploma and technical documentation
from course that employs XAMPP-Package. @@has this happened?
Larry drafted usage policies for projects in the Incubator and is
investigating "first in time use" for projects at the ASF
Discussion on distributing ASF Member shirts at ApacheCon
HotWaxMedia has requested the use of the ASF logo to produce swag
Jim rejected request for use of ASF logo in the ICT Handbook from UK author
the image was malformed, and therefore wasn't approved
SPONSORSHIP
Who will manage Sponsor development (i.e., augment HALO contract vs. retain
Delia Frees or another candidate) is still undecided. In the meantime,
Sally is continuing stewardship-related activities.
Shane wants us to formalize record-keeping for sponsor activities.
Google has committed to renew for 2009 at the Platinum level; Geir has
processed their invoicing against the Google purchase order. In addition,
they have agreed to pay the ASF 50% of the back money owed during the 2007
time period.
Progress/IONA has committed to renew for 2009 at the Silver level, and have
stated that they are currently processing payment to the ASF. Once their
renewal is in place, we need to update the Sponsor Thanks page to "Progress
Software" and their logo, vs. IONA.
HP has committed to renew for 2009 at the Silver level, but have asked that
we extend them Gold Sponsorship status a.k.a. "Vermeil/upgraded Silver"
level in recognition of their contributions. We also forwarded a copy of
their CCLA per their request.
SpringSource/Covalent has committed to renew for 2009 at the Silver level,
and will be in touch regarding when we should invoice them. They stated
that the chance for us to reclaim back money due is extremely slim, as
this was initially a Covalent budget line item; now that the company is
gone (acquired by SpringSource), the funding is no longer available.
However, they will see if they can do something for us. In addition, they
would like to keep their cash contribution to 75% of the Sponsorship value,
with the maximum allowed 25% allocated to in-kind contributions (e.g.,
donation of teleconference bridge, hardware, etc.) Once their renewal is in
place, we need to update the Sponsor Thanks page to "SpringSource", along
with their logo, vs. Covalent.
Matt Mullenweg confirmed he renewed his Bronze Sponsorship in January 2009
Tetsuya Kitahata confirmed that he will not renew his Bronze Sponsorship.
FUNDRAISING
Ross Gardler suggested we consider using CiviCRM to track smaller donations
should we choose to pursue a formal method for this. Karl Fogel offers his
help as well: "feel free to ping me privately, or find me on
irc.freenode.net ("kfogel")."
Larry invited Donald Lobo and his sponsors from CiviCRM to become ASF
Sponsors, as they collectively donate more than $500K annually to various
foundations and seem amenable to switching over to the Apache license.
Sally to follow up, pending Board decision on who will oversee Sponsor
development.
-----------------------------------------
Attachment 6: Status report for the Apache Infrastructure Team
Tony Stevenson completed phase 1 of the LDAP migration, migrating user
accounts on people.apache.org into LDAP.
Sander Striker promised to someday order a replacement disk for aurora
(websites) and have it shipped to Bart van der Schans in the Netherlands.
The SAS cable we RMA'd back to Provantage was returned back to us as an
invalid RMA. We have procured an UPS shipping label from Provantage and
are attempting to resend it.
Infrastructure has made a request to PMC chairs to help us with Phase 2 of
the LDAP migration: bringing groups into LDAP. The majority have complied,
while a large number of PMC's have yet to do so.
IPv6 support was disabled until we are better positioned to be able to
monitor and maintain it.
Henk Penning continued to keep a careful eye on the mirroring system.
Brian Fox continued his support for the Nexus installation at
repository.apache.org.
Mark Thomas upgraded our Bugzilla instances to the latest version.
Chris Rhodes was voted in as a new Infrastructure committer.
Gavin McDonald continued to enhance our buildbot service at ci.apache.org.
-----------------------------------------
Attachment 7: Status report for the Apache Travel Assistance Committee
General News
============
Forgot to mention in last months report, we scheduled an online IRC
meeting to discuss the lead up to AC US 09. Unfortunately it never happened,
so trying again for perhaps 1st week of July.
Sent a request for Invoices for what we owe for AC US 08 and AC Europe 09
to SCP via the planners-eu-09 list.
Feedback from a board member and from other TAC list members - including
those that represented TAC on the ground at the previous 2 ApacheCon events
indicates a strong need to have someone on the ground at future AC events to
specifically deal with and look after TAC attendees. I sent an email to the
board list (2nd June) asking if I needed to alter our resolution to allow for
funds to be allocated to help such a person offset some/all of their expenses
to an AC event, or if we could just go ahead and allocate funds for that
purpose. Still awaiting replies on that one.
No other news at this time.
-----------------------------------------
Attachment A: Status report for the Apache Ant Project
* Current Releases
Ant Core
--------
Ant 1.7.1 was released on June 27, 2008.
Ivy
----
Ivy 2.0.0 was released on Jan 20, 2009.
* Community
No issues.
Ant continues to tick over. Most recent commit activity is around the Ivy
project. We are close to releasing IvyDE, an eclipse plugin for Ivy
-----------------------------------------
Attachment B: Status report for the Apache APR Project
The activity on the project in the last 3 months (Mar 9 2009 to Jun 18
2009) was as follows:
APR trunk: 100 commits
APR util trunk: 2 commits
APR 1.4.x: 10 commits
APR util 1.4.x: 15 commits
APR 1.3.x: 14 commits
APR util 1.3.x: 22 commits
APR 0.9.x: 4 commits
APR util 0.9.x: 8 commits
APR iconv trunk: 0 commits
APR iconv 0.9.x: 0 commits
site: 8 commits
Current stable release of APR is 1.3.5, released Jun 5 2009. Legacy release
0.9.18 occurred on the same day.
Current stable release of APR util is 1.3.7, released Jun 5 2009. Legacy
release 0.9.17 occurred on the same day.
Current stable APR iconv release is 1.2.1, released Nov 15 2007.
Several security issues have been fixed in the latest round of releases:
CVE-2009-1955: apr-util billion laughs attack
CVE-2009-1956: apr-util single NULL byte buffer overflow
CVE-2009-0023: apr-util heap buffer underwrite
On the development front, the trunk of apr-util has been folded into apr. From
version 2.0 onward, these two will be one and the same library.
-----------------------------------------
Attachment C: Status report for the Apache Archiva Project
Releases:
* 1.2 was released on March 26, 2009
* 1.1.4 was released on April 22, 2009
* 1.2.1 was released on May 28, 2009
Community
* Contributions to revive the webapp Selenium tests are being applied in
the trunk version.
* 1.2.2 is lined up to fix bugs in the 1.2 release.
Issues
* No board level issues at this time.
-----------------------------------------
Attachment D: Status report for the Apache Attic Project
This month Apache Shale entered the Attic, pending INFRA-2072.
The process for entering the Attic has been defined:
http://attic.apache.org/process.html
We are not aware of any projects entering the Attic next month.
-----------------------------------------
Attachment E: Status report for the Apache Camel Project
Community:
* We saw the usual level of intense activity this quarter.
* The community continues to grow.
* Charles Moulliard is a new committer.
Development:
* Development continues on both 1.x maintenance branch and trunk.
* Camel continues to gain ground as an integration framework.
* Final release of Camel 2.0 expected in a month or so.
Releases:
* Camel 1.6.1 maintenance release.
* Camel 2.0-M2 just released.
-----------------------------------------
Attachment F: Status report for the Apache Cayenne Project
Development
* 3.0M6 was released in May 2009
* We are aiming for the next release to be a beta for 3.0 final.
* Andrey Razumovsky was elected to the PMC after a productive year
as committer
Community
* Activity on the user and development lists has been steady.
-----------------------------------------
Attachment G: Status report for the Apache Commons Project
General
=======
o Activity on the dev list increasing now since September '08. User list
traffic dropped significantly though.
o Accepted Sanselan from the Incubator.
o Discussions about the future of commons-logging in respect to slf4j.
o No new sandbox components
Releases
========
o CLI 1.2
http://markmail.org/thread/cd4rnpdrdbdsb5u7
o DbUtils 1.2
http://markmail.org/thread/3vi5ghp22bwvhhwx
o Compress 1.0
http://markmail.org/thread/h7xa4n33n5wjsnt5
o Pool 1.5
http://markmail.org/thread/way7wsgcle34lcdd
o Pool 1.5.1
http://markmail.org/thread/bkcpvelhkkopbndq
Community
=========
o No new sandbox committers
o New committer
- Jim Jagielski
- Christian Grobmeier
o New PMC members
- Mark Thomas (pending)
-----------------------------------------
Attachment H: Status report for the Apache Excalibur Project
There are no known issues.
Nearly zero activity in all places, recently a new idea to migrate the
Avalon stuff to OSGi (and maybe collaborate with the Felix project)
has been discussed briefly. Maybe this can help to increase the interest
in the project a little bit again.
-----------------------------------------
Attachment I: Status report for the Apache Felix Project
Community
* Added two new PMC members: Clement Escoffier and Guillaume Nodet.
* Added five new committers: Chris Custine, Hiram Chirino, Freeman Yue
Fang, James Strachan, and Gert Vanthienen.
* Contribution from Paremus of Sigil OSGi tooling project; this has been
voted on and is undergoing the IP clearance process.
* OSGi tutorial using Felix Framework given at EclipseCon in late March.
* Apache Felix presentation and BOF at ApacheCon EU 2009.
Software
* Released the following subprojects:
o Bundle Repository (1.4.0) - Some improvements to align with the OSGi
RFC, but mostly minor.
o Dependency Manager (2.0.1)
o Dependency Manager Shell (2.0.1)
o Framework (1.6.0, 1.6.1, 1.8.0) - The latest release adds more
complete support for fragment bundles, bringing Felix ever closer to
specification compliance.
o Log Service (1.0.0) - Initial release of a very simple OSGi Log
Service implementation.
o Main (1.6.0, 1.6.1, 1.8.0) - This subproject is released in lockstep
with the framework subproject.
o Maven SCR Plugin (1.0.10, 1.2.0)
o junit4osgi (1.0.0)
o File Install (0.9.2, 1.0.0) - Continued improvements and bug fixes.
o SCR (1.0.8)
o Jetty HTTP Service (1.0.0) - Initial release of Jetty-based
implementation of the OSGi HTTP Service.
o Shell (1.2.0) - Added some new commands for inspecting framework
state and other minor improvements.
o Shell TUI (1.2.0) - Minor bug fix release.
o UPnP Extra (0.4.0)
o UPnP Tester (0.4.0)
o Web Console (1.2.8, 1.2.10)
* Incorporated the Apache ServiceMix Kernel contribution, renamed to
Apache Felix Karaf, into the Felix project.
* Peter Kriens' OSGi shell contribution has finished IP clearance and is
awaiting inclusion into SVN repo.
Licensing and other issues
* None.
-----------------------------------------
Attachment J: Status report for the Apache Gump Project
Infrastructure:
* no news is good news.
Technical:
* during this quarter Gump has gained support for Bazaar, darcs,
git and Mercurial - only git support is currently required
because JUnit moved to github but we expect projects to pick up
the new scm options at Sourceforge or Google Code sooner or
later as well.
* the installation is happily chugging along with active metadata
maintenance
Other:
* still all Apache committers have access to metadata in svn.
* no releases.
-----------------------------------------
Attachment K: Status report for the Apache Harmony Project
Summary
=======
The Apache Harmony community is healthy, and has recently released a new
milestone build. The lack of a JCK continues to be an issue for Harmony.
Development and Releases
========================
The Harmony community continues to improve the quality of the existing
code, with the latest release of Apache Harmony 5.0 Milestone 10
containing over fifty bug fixes, plus numerous JavaDoc enhancements.
Our last release was in April 2009.
Contributions into the 5.0M10 code base includes:
- compatibility: enhancements to ensure the behavior of the runtime
is equivalent to that of the reference implementation.
- documentation: tidy-up of the license/notice/readme files, and
substantial improvements to the JavaDoc in a number of modules.
- porting work: in the class libraries for AIX and zOS operating
systems.
- performance: improvements to string handling and start-up speed were
implemented.
- testing: additional tests, and enabling of existing tests across all
platforms.
We have also discussed the option of releasing a reduced footprint
runtime, based on the Java 6.0 branch, called Harmony Select, which
would be targeted specifically at headless applications. This would be
an opportunity to publish the 6.0 code stream early in a useful
configuration.
Security
========
No reported security incidents this period.
Community
=========
Apache Harmony featured in a general session at JavaOne this year, with
a demo of Harmony running the Eclipse IDE, and Harmony running Roller on
Geronimo.
There were no changes to the committership or PMC during this period.
There are currently 39 committers, of which ~10 were active this period.
The Harmony project are participating in the Google Summer of Code
program, and discussion with the students who have a project with
Harmony is underway on the developer mailing list.
---------------
Confidential, not for inclusion in public minutes:
============
A prospective downstream consumer of Apache Harmony contacted us with
details of a US patent application that may read on an algorithm we
have implemented.
The issue was raised with legal-internal where it was noted that the
algorithm was described publicly more than one year before the
application was submitted.
We have decided not to proactively remove the code implementing the
algorithm.
-----------------------------------------
Attachment L: Status report for the Apache iBATIS Project
-----------------------------------------
Attachment M: Status report for the Apache Incubator Project
This past month has been a normally good month for the Incubator.
There is a project, Traffic Server, that appears to be of interest to the
HTTPd crowd. Another project, VXQuery, is in the process of being sponsored
by the XMLBeans PMC.
The Incubator is pleased to see that log4php has gained new life, and we
wish them much success in this next incarnation of the project.
Despite the confusion over when the reports are due this month, almost
everyone got their report in. SocialSite and Wink are the exceptions. Wink
is brand new, and SocialSite only a month old. We'll look for reports from
them in each of the next three months.
The issue with Apache JSecurity/Apache Ki having trouble finding a name has
been, once again, resolved. The new name is Apache Shiro.
The continued problems of specification publishing organizations permitting
IP restrictions on specifications intended for shared use is reflected in
this month's WSRP report.
---------------------------------------------------
= Ace =
Apache ACE is a software distribution framework that allows you to centrally
manage and distribute software components, configuration data and other
artifacts to target systems. ACE started incubation on April 24th 2009.
There are currently no issues requiring board or Incubator PMC attention.
Community:
* The infrastructure is all in place, community is ready and waiting for
the IP clearance process to be completed.
* Several people already looked at the donated codebase, and Toni Menzel
even has a couple of patches ready.
* A logo was designed for the project, which is used in the wiki currently.
Software:
* Initial codebase and documentation have been donated.
* Software grant was mailed twice without success, now faxed it, just got
notified that it is on record now.
Licensing and other issues:
* None at the moment, no code has been committed yet.
= Bluesky =
BlueSky has been incubating since 01-12-2008. It is an e-learning solution
designed to help solve the disparity in availability of qualified education
between well-developed cities and poorer regions of China.
Finally we committed our source code, though part of the source code, to SVN
repository. Now the most urgent things for us is to replace FFmpeg with
Theora and Vorbis. We've started to learn Theora and Vorbis but not too much
progress were gained. Another bad news is that we are now severely short of
hands. Some students are gonna graduate in days. Thus we have to enroll some
undergraduate students to our lab. We've already got one and he is now
getting familiar with our system. I hope that his participation would help.
Next step:
*Continue to learn Theora and Vorbis, try to replace FFmpeg soon;
= Cassandra =
Cassandra is a distributed storage system providing reliability at a massive
scale. Started incubation: 01/2009. Opened to community in 03/2009.
The original authors of Cassandra from facebook (Avinash and Prashant) have
gone back to developing against an internal repository. We have never seen
any involvement from initial committer Dan, either.
Despite this setback we continue to make progress; a 0.3.0 release is
imminent and two more committers have been nominated, out of six who
regularly submit patches. Cassandra was represented at the recent NoSQL
distributed database summit by Avinash and Jonathan and was very well
received.
Past action items:
* Consensus about the development process. Done. Development is done
in trunk with branches for releases. A pre-commit patch review process is
followed that will be familiar to most apache committers.
* JIRA permissions and configuration. Done.
* A bit more information on the web site. Done.
Next steps:
* Get new committers voted on
* Get 0.3.0 release out
= Chemistry =
Apache Chemistry is an effort to provide a Java (and possibly others, like
JavaScript) implementation of the upcoming CMIS specification. Chemistry
entered incubation on April 30th, 2009.
The incubation process has started well. All the project infrastructure is
in place and all initial committers have their Apache accounts. We even
increased the headcount of the initial team as David Caruana joined the
project as a new committer.
Development of the Chemistry codebase has moved to Apache svn and there's
been a number or related discussions on the mailing list. Overall the
project is still in a startup phase as people are getting oriented with the
scope and structure of the project. A number of license headers were updated
to match Apache policies.
Issues before graduation:
* Stabilize the general interest into a sustainable development community
* Make sure that all licensing details conform with Apache policies
* Create an Apache release of the Chemistry codebase
= Click =
Click is a stateless page and component oriented Java web framework.
Click has been incubating since July 2008.
Tasks completed since March:
* Released Click 1.5.2, a non-Apache maintenance release hosted at
!SourceForge
* Graduation to TLP was postponed as the IPMC felt that more PPMC members
are needed
Top priorities:
* Grow the current developer community
* Release Apache Click 2.1.0
= ESME =
Enterprise Social Messaging Experiment (ESME) is a secure and highly
scalable microsharing and micromessaging platform that allows people to
discover and meet one another and get controlled access to other sources of
information, all in a business process context.
ESME entered the incubator in 2008-12-02.
The following items have been performed since the last reporting period
* Creation of initial draft of Apache Wiki
* Dick Hirsch has successfully submitted his Apache CLA
* Worked on cleaning up code with a focus on better separation of UI and
server code
* Creation of branch to deal with access pools prototype
The following items are planned for the next reporting period:
* Finish work on Apache wiki and replace old forrest site
* Merge access pool branch into trunk
* Work on new UI
Top 2 or 3 things to resolve prior to graduation
* Move all collaboration to the esme-dev mailing list
* Increase community involvement in the project
* Provide instructions for people to build, install and evaluate EMSE by
themselves
= Etch =
Etch was accepted into Incubator on 2 September 2008.
Etch is a cross-platform, language- and transport-independent framework for
building and consuming network services. The Etch toolset includes a network
service description language, a compiler, and binding libraries for a
variety of programming languages.
On April 16 we announced the availability of a bug fix release (1.0.2) The
1.0.2 release also includes updated licensing information in compliance with
Apache standards. A 1.1 release is now being vetted and we hope to vote on
it soon. The 1.1 release includes proper package names, bug fixes,
enhancements, and also new code contributions in support of c and python
bindings (not yet fully functional).
Our problem with finding a home for our continuous build continues. Various
plans have been proposed and failed due to lack of a Windows-friendly c#
build environment. Cisco is no longer hosting our build environment. We need
to find a place do public builds.
Cisco folks continue to be the primary source of discussion and commits.
There are some external nibbles, but none that are ready to pitch-in in a
serious way yet. More work needs to be done on the web site to make steps to
participation more evident. Work also needs to be done on the build
environment to make it easier to get started. Some of the etch committers
have left Cisco, more will soon follow.
Also in April, Manoj Ganesan (Dell) has been accepted by the incubator pmc
to be our newest etch committer. Seth Call and JD Liau have withdrawn from
the project.
I believe all of the outstanding items are done, but it isn't clear to me
(scott) what the process is to check them off.
Outstanding items:
* Check and make sure that the papers that transfer rights to the ASF been
received...
* Check and make sure that the files that have been donated have been
updated to reflect the new ASF copyright...
* Check and make sure that for all code included with the distribution that
is not under the Apache license...
* Check and make sure that all source code distributed by the project is
covered by one or more of the following approved licenses...
= Hama =
Hama has been incubating since 19 May, 2008. It is a parallel matrix
computational package based on Hadoop Map/Reduce.
Recent developments:
* We implemented the matrix norm and transpose methods.
Required before graduation:
* More practical examples of matrix manipulation
* Increase community size and activity
* First Apache release
= Kato =
Kato was accepted into the Incubator on 6 November 2008.
Kato is a project to develop the Specification, Reference Implementation,
and TCK for JSR 326: the JVM Post-mortem Diagnostics API
Recent Activity:
* We produced two implementations of the Apache Kato API - one based on
Hprof and another on JVMTI using python.
* A Developerworks article on Apache Kato and JSR-326 was published.
* The API is being built and Javadoc is available on Hudson.
* Builds are now being performed on the ASF's Hudson server
* A presentation was given on the Apache Kato API. Recordings are available
on the Wiki.
* A BOF on Apache Kato and JSR-326 was held at Java One 2009 - BOF-4870.
The following is planned for next reporting period:
* We will produce an Early Draft Review for the JSR in time to meet it's
deadline.
* We will build all of the project on the ASF's Hudson server.
* We will have a viable reference implementation of the API and TCK.
Before this project can be graduated we need to produce a usable
implementation of the API and more useful tools to encourage adoption and
participation of a much needed community.
= Log4php =
Log4PHP is a logging framework similar to Log4J, but in PHP. The project
entered incubation in 2004, retired and restarted again on 2007-07-04.
After some discussions beginning 2009 about lack of committer and community
interest, several people showed up their interest in continuing this
project. The following people joined the project:
* 2009-04-28 - New Committer: Christian Grobmeier
* 2009-04-28 - New Committer: Gavin McDonald
* 2009-04-28 - New Mentor: Niclas Hedhman
* 2009-04-28 - New Mentor: Gavin McDonald
Log4PHP now has a PPMC private list - log4php-private at incubator.
Current Mentors and existing committers have been emailed asking them to
join this list.
Several code changes has been done in the following weeks:
* Activity on porting log4php to PHP5
* Increased the number of test cases
* Cleaned up code and codestyle
Next steps:
* Finishing php5 port
* Cleaning up code
* Updating documentation + Website
* Try to attract more developers for Log4PHP
* Bringing Continuus Integration to a Apache Host (currently hosted on
private servers bei Knut Urdalen)
* Looking at getting an incubating release done.
Issues before graduation:
* Still less community interaction
= OpenWebBeans =
OpenWebBeans will be an ASL-licensed implementation of the Contexts and
Dependency Injection for Java EE Specification which is defined as JSR-299.
OpenWebBeans entered the incubator in October 26, 2008. The following items
have been made after the last report
* We released the M2 version
* We created additional documentation in the wiki page
* We implemented full blown JSF + JPA + OWB application that shows usage of
the OpenWebBeans
* Gurkan Erdogdu replaces Matthias Wessendorf seat on the JSR-299 EG
Belows are the next steps;
* We will release the M3 version.
* We will create more documentation in the wiki
* We will continue to attract new committers into the project.
There are some concerns related with the specification and its
implementation,
* JSR-299 specification has changed so much from the last draft. It has
been having a negative impact on the implementation.
* Last draft specification has a tight integration with Java EE's other
specifications so that integration with an EJB, Servlet, Managed Beans etc.
with the OWB is unavoidable. So, we have to work closely with other Apache
Teams who have been implementing aforementioned specifications to fully
implement the JSR-299 and to pass TCK.
= RAT =
Rat was accepted into the incubator in November 2007
Rat audits releases.
Since the last report:
* The first release here at Apache was cut (which drew assistance from
lurkers)
* The code has been simplified with the aim of making it more accessible to
new developers
We hope to extend RAT to provide a central way of verifying the status of
source code in Incubator projects (and eventually all ASF projects). The hope
is that by making it more useful to the wonderful ASF committers we will see
RAT becoming more functional.
The biggest problem that needs to be resolved before graduation is final
destination.
To graduate as a top level project, significant numbers of new developers
would need to be attracted. This would probably require significant energy
to be devoted first into extending it's usefulness beyond Apache-like open
source projects then raising it's profile.
Conversely, ATM there is no candidate top level project which could home Rat
as a sub-project (suggestions welcomed).
= River =
River is aimed at the development and advancement of the Jini technology
core infrastructure. Jini technology is a service oriented architecture that
defines a programming model which both exploits and extends Java technology
to enable the construction of secure, distributed systems which are adaptive
to change. River has been incubating since December 2006.
* Recently there has been increased activity in River's development
process with the arrival of three new committers: Jonathan Costers, Peter
Firmstone and Tom Hobbs.
* AR2 is almost ready for release, and the committers are learning how to
use the testing framework from Sun, and gradually move things to JUnit or
more commonly understood testing systems.
* For testing reasons, additional server resources might be requested for
the jtreg and integration tests; An HTTP proxy (River-306) and KDC server
(River-307) are necessary.
* The decision was made to allow developers to use Java 5 new language
features and change the com.sun.jini.* and com.artima.* namespaces to
org.apache.river.* (River-261) after the release of AR2.
* Efforts are being made for preservation of existing documentation, mail
lists and River dependent projects that currently exist outside of River.
Sun is closing Jini and RMI mailing lists, including the archives, which
contains a wealth of information.
* Consolidation of external Jini projects was discussed as optional
add-ons, this discussion is still open, pending River incubation graduation.
Mentor's (Niclas) additional reporting; It is good to see new fresh blood
getting active in the community and a more positive atmosphere is starting
to emerge, and I think the worries in the previous report is decreasing.
= Shindig =
Shindig is a reference implementation of the !OpenSocial and gadgets stack.
The active community has built two parallel implementations of the
!OpenSocial and gadgets spec; one in Java and one in PHP.
Incubating since: 2007-12-06
High-level status summary during last quarter:
* stable release compliant to !OpenSocial v0.8.1 currently being
reviewed by PMC
* updates for !OpenSocial v0.9 are implemented and in production on
several sites that support !OpenSocial
* updated http://incubator.apache.org/shindig/ with a new layout and
more resources
* held a logo contest and adopted a new logo
= SocialSite =
DID NOT REPORT
= Wink =
DID NOT REPORT
= WSRP4J =
The WSRP4J Project is an implementation of WSRP 1.0 Producer. WSRP is an
OASIS specification that describes a protocol which allows portlets to be
accessed remotely using Web Services.
The WSRP4J Project has been adopted by the Portals PMC, while still in the
Apache Incubator, with the intent to eventually graduate as a sub-project of
Apache Portals.
However, there has been no changes nor real activity in the WSRP4J project
for quite some time.
While the the interest for WSRP4J might seem to have dwindled, several
active Apache Portals committers still belief there is a real potential to
reactivate this project, especially in the light of the new WSRP 2.0 OASIS
specification. As the only existing "open" standard in this area, interest
for a formal release also has been expressed (privately) by several large
organizations, including governmental.
Furthermore, even while there hasn't been a formal WSRP4J (incubator)
release so far, in reality its codebase has been adapted and is in use by
non ASF products and projects quite a lot.
But the primary reason why further development has been stalled is a legal
one with regards to IPR. Two parties of the WSRP technical committee, IBM
and WebCollage, have stated patent claims on the WSRP specification. See
also: http://www.oasis-open.org/committees/wsrp/ipr.php. Concerning the
claims from IBM we think those are not limiting us to produce an ASF
compliant release of WSRP4J. But we are still not sure about the claims
from WebCollage.
Last year, with the help from legal-internal, we have pursuit to resolve
these uncertainties, and there has been preliminary contact with WebCollage,
but this has stalled again.
We still hope we can resolve this satisfactory, but we do seek further help
and legal advise how to proceed.
-----------------------------------------
Attachment N: Status report for the Apache Jackrabbit Project
Apache Jackrabbit is a fully conforming implementation of the Content
Repository for Java Technology API (JCR, specified in JSR 170).
The Apache Jackrabbit project is in good shape. We have no board-level
issues at this time.
o Releases
We made the following releases from the 1.5 branch:
* Apache Jackrabbit 1.5.4 on April 7th
* Apache Jackrabbit 1.5.5 on April 28th
* Apache Jackrabbit 1.5.6 on June 4th
We also made the first alpha release of the upcoming Jackrabbit 2.0:
* Apache Jackrabbit 2.0 alpha1 on June 4th
o Legal
The current Jackrabbit trunk and the 2.0 alpha1 release have a system
dependency to an early "for review only" version of the JCR 2.0 API jar
from JSR 283. No major concerns were raised when this case was discussed
on the legal-discuss@ mailing list.
o Community / Development
Jackrabbit was present at the ApacheCon EU where we also organized
a quite successful JCR meetup.
The CMIS effort that started in the Jackrabbit sandbox has now become
the Apache Chemistry project in the Incubator. The other podling with
Jackrabbit as the sponsoring PMC, Apache Sling, is just about to graduate
into a standalone TLP.
The JCR 2.0 specification (JSR 283) is expected to become final in a few
months, as soon as we've completed the required RI and TCK work in Jackrabbit
trunk. We're producing source-only alpha releases of the 2.0 codebase to
give people a chance to review all the new features and to better track our
progress.
We are also planning to release Jackrabbit 1.6 as the last minor release
from the 1.x branch that's still based on the JCR 1.0 API.
o Infrastructure
We are about to start using the Nexus installation at repository.apache.org
for staging and deploying our releases to the Maven repository.
-----------------------------------------
Attachment O: Status report for the Apache Jakarta Project
Status
======
Note: The board determined that the Jakarta report provided in May was
lacking in detail. This report seeks to address this criticism.
_From outgoing Chair, Martin van den Bemt_
It has been a while since I reported the last time. In june 2008 I
announced that I wanted to be replaced because of time constraints, with no
one volunteering. After that however I got caught up with what was
happening in my personal life and also was shutdown for over 3 months,
which ended up in a long period of silence. Now all major personal events
(positive I might add, so please don't worry) have passed, I however still
find myself fighting to find time (and energy) to spend at Apache.
In the light of this, I hand in my resignation as VP Apache Jakarta. To my
relief a discussion about the (in reality already effective) vacancy
started and some people stood up to volunteer to take over the position.
I myself regret the long absence and silence and I hope it didn't cause to
much worry and problems.
-- EOM --
_New chair?_
We are in the process of electing a new chair (voting is in progress).
Apart from the need to elect a new chair the Jakarta has no board level
issues at this time.
Releases
========
* Cactus-1.8.1 - January 26, 2009
* BSF-3.0-b3 - April 5, 2009
* JMeter 2.3.3 - May 24, 2009
Subproject news
===============
_BCEL_
No activity - maintenance mode.
_BSF_
Did a 3.0 beta3 release to fix a bug for a user. Otherwise very quiet.
-- sebb, antelder
_Cactus_
Cactus version 1.8.1 was released in January. This version fixes a number of
bugs, provides a maven2 plugin to cactify WAR and EAR files and a sample
application showing how to test EJB3 projects.
-- ptahchiev
_ECS_
No activity - maintenance mode.
_JCS_
There were a bunch of new features added at the end of last year. I'm in the
process of fixing a few bugs and plan to cut a tag for a new release in the
next month or so.
-- asmuts
_JMeter_
Lots of fixes and incremental improvements have been made to the JMeter code.
JMeter user list is quite busy. There are a good few experienced JMeter users
who help out with user questions.
JMeter 2.3.3 was released on May 24.
-- sebb
_ORO_
No activity - maintenance mode.
_Regexp_
No activity - maintenance mode.
_Taglibs_
Standard Taglib (implementation of JSTL) migrated to Maven2. All
non-deprecated Taglibs have migrated to Maven2.
Discussing possibility of Taglibs moving to Tomcat with the Tomcat PMC.
Random, Datetime and I18N taglibs deprecated (aka retired).
An RDC 1.1 release is planned next month.
-- bayard, rahul
_Retired Projects_
* Slide
[Report edited and submitted by Scott Eade with contributions by many.]
-----------------------------------------
Attachment P: Status report for the Apache Labs Project
Apache Labs hosts small and emerging projects from ASF committers.
[SUMMARY]
Nothing that requires board attention at this time.
[DETAILS]
== Labs Statistics ==
- new: 3
- status changes (last 3 months): 2
- orthrus (moved to Google Code)
- vysper (moved to Apache MINA)
- total number: 27
- active: 23
- idle: 1
- promoted: 1
- completed: 2
- labs with commits: bananadb, orthrus, magma, vysper, pinpoint, consite,
clouds, penihip
== New Labs =
clouds (PI Steve Loughran):
This is a special lab. It's not about code. It's about documentation of
cloud related projects at Apache and provides general cloud info. Besides
Steve, Robert Burrell Donkin is a major contributor to it. In Clouds' own
words, its about "Architecture, tools and tests for integrating Apache
products into to 'the cloud'".
consite (PI J. Aaron Farr):
consite is about "conference website management". The lab consists of "a
web application for managing apachecons".
penihip (PI David Crossley):
penihip is a tool generating "new words by applying a caesar cipher to
existing words".
== Re-activated labs ==
None.
== Completed labs ==
Orthrus (PI Paul Querna) has moved out of the ASF realm over to Google Code.
Vysper lab (PI Bernd Fondermann) has been completed. Apache MINA voted to
take it aboard as a subproject. Code and issues are already moved over,
with confluence pages still to be done.
== Outreach ==
There was a proposal to use the new blogging facilities to tell about new
labs and maybe have a 'Lab of the Month' entry once in a while. Not much
feedback on this.
== Labs & Google Summer of Code ==
It has been discussed whether or not Labs can have GSoC students. The
concern was that Labs does not provide a sufficient environment for
mentoring and learning Open Source 'The Apache Way'. In the end, this also
became the general consent. For reference: A substantial part of that
discussion has taken place on the committer-only code-awards@a.o. list.
For the Vysper lab (which already received interest from students at that
point) we compromised to let it take students as a lab, if only the lab
would move out immediately to some of the other projects where community is
more homogeneous. This destination has now become Apache MINA.
Michael Jakl gained a GSoC student slot for the Vysper lab for implementing
the PubSub extension spec.
== Lab hacking ==
Magma again saw many commits this months.
Clouds received a number of contributions to its confluence pages.
-----------------------------------------
Attachment Q: Status report for the Apache Lucene Project
=== Lucene Status Report: March, 2009 ===
TLP
-The PMC voted to create a new subproject named the Open Relevance Project
designed to collect and distribute collections, queries and relevance
judgments for search (and other) testing.
-The PMC added Mahout committers Sean Owen and Ted Dunning.
-The PMC added PyLucene committer Andi Vajda.
-The PMC added Nutch committer Dennis Kubes.
LUCENE JAVA
Lucene Java is a search-engine toolkit. Development has been active and we
are working towards the release of 2.9. Lucene added Uwe Schindler as a
core committer.
SOLR
Solr is a full text search server. Development and the community is
active. Solr is working towards the release of 1.4. Solr added Mark
Miller and Noble Paul as committers.
NUTCH
Nutch is a web-search engine: crawler, indexer and search runtime. Nutch
1.0 was released on March 28, 2009. Development is active, though slow. A
major redesign and re-targeting of the project is planned and under
discussion.
LUCY
Lucy is a C-based port of Lucene Java. Discussion has picked up on the
Lucy dev mailing list and signs are positive, but we are still monitoring
the project for viability.
LUCENE.NET (incubating)
Lucene.NET is a .NET based port of Lucene Java. Development and the
community are active. Incubating project needs to look towards graduation
soon.
MAHOUT
Apache Mahout is working towards building a suite of scalable machine
learning libraries for text and data mining. Mahout released its first
public release, version 0.1, on April 7, 2009. Mahout marked Ozgur
Yilmazel, Erik Hatcher and Niranjan Balasubramanian as emeritus
committers.
PyLucene
PyLucene is a Python integration of Lucene Java. Development is active.
PyLucene 2.4.1 was first released on April 03, 2009. A refresher release,
PyLucene 2.4.1-2, was released on May 23, 2009.
TIKA
Apache Tika is a toolkit for detecting and extracting metadata and
structured text content from various documents using existing parser
libraries.
Tika 0.3 was released in March, and we are planning to release version 0.4
soon. Tika development continues at a steady pace with no major roadblocks
in sight.
A Solr-based search feature built and hosted by Lucid Imagination was added
to the Tika web site.
-----------------------------------------
Attachment R: Status report for the Apache OFBiz Project
Report for Jun 2009 for OFBiz (Open For Business) as a top level project.
The Apache Open For Business Project (Apache OFBiz) is an open source
enterprise automation software project. By enterprise automation we mean:
ERP, CRM, E-Business / E-Commerce, MRP, SCM, CMMS/EAM, and so on.
Community:
- No new PMC members have been added and no new committers have been added.
Project:
- The stable release09.04 branch was created on 17 April 2009, SVN revision
765913. The last release branch was done a bit over 2 years ago.
- Worked with the PRC to write and distribute a press release about the new
release branch.
- The project web site has been redesigned and is deployed on
http://ofbiz.apache.org
- Significant new development continues, for highlights see:
http://docs.ofbiz.org/display/OFBIZ/Main+New+Features
- Community interaction remains strong: user mailing list traffic is about
75% of what is was in the last quarter, dev mailing has nearly double the
traffic, and the commits remain about the same. This confirms a trend that
seems to be happening where there is more collaboration per commit than has
been done previously.
- There is an effort underway to make additions to OFBiz to make it
suitable to run the project itself (and replace Jira, Confluence, etc);
there is no ETA for this but the effort is underway.
-----------------------------------------
Attachment S: Status report for the Apache Portals Project
-- New releases --
The Apache Portals team released three new Portals projects, all aligned to
the new Portlet API 2.0 specification (JSR-286) on May 28, 2009:
* Version 2.2.0 of the Jetspeed Enterprise Portal
* Version 2.0.0 of the Pluto Container
* Version 1.0 of several new Portals Applications
-- New committers --
none
-- Status --
1. Pluto 2.0.0 released on May 28, 2009
Fully compliant to JSR-286 Portlet API 2.0 Specification Release
Completed all work on Portlet 2.0 Specification compliance. Passing 2.0
TCK. Refactoring is completed. Jetspeed 2.2 and Pluto 2.0 are now back in
full alignment of trunks.
Post release commit activity has slowed down, to be expected, people worked
hard on putting out this release. Activity on the users and dev lists has
been moderate. The release seems stable, only a few problems reported.
2. Jetspeed 2.2.0 released on May 28, 2009
The most important effort of this release was JSR-286 (Portlet 2.0)
conformance. Major New Features include:
* Portlet API 2.0 Support and Compliance
* Inter-Portlet Communication via Events
* New High Speed Preferences Database Storage
* New Extensible Security Model with LDAP Synchronization
* Improved Documentation including 5 New Guides (Users Guide, Admin Guide,
Developers Guide, Build Guide, Deploy Guide)
* New Improved Administrative Portlets
* New Skins
* New Maven-2 Custom Build
* Improved integration support for popular web development frameworks like
Wicket, Spring MVC, JSF, and Struts
Post release commit activity has slowed down, to be expected, people worked
hard on putting out this release. Activity on the users and dev lists has
been lower than expected. The release seems stable, only a few problems
reported, mostly related to Maven build. We are working on a Roadmap for
the 2.2.1 release and expect development to pickup heavily over the next
few weeks.
3. Portals Applications 1.0 released on May 28, 2009
(I'll explain what this project is, since its a new, 1.0 release)
Apache Portals Applications (APA) is a new collaborative software development
project existing under the Apache Portals project. APA is dedicated to
providing robust, full-featured, commercial-quality, and freely available
Portlet Applications under the Apache license developed at the Apache
Software Foundation. The APA project releases 1.0 versions of the following
Portlet Applications and components, all targeted at the Portlet
Specification 2.0 (JR-286):
* Gems - A collection of reusable portlets including Flash,
Google Maps, File, Event and Browser portlets.
* Database Browser - A portlet application dedicated to the
development and database portlet development including scrollable
lists and data entry forms
* Demo - A portlet application dedicated to learning Java and Groovy
portlet programming and tutorials, as well as some helpful weather
and bookmark portlets
* RSS - A portlet application dedicated to the development of RSS
portlet features
* Web Content - A portlet application dedicated to the development of
Web Content rewriting and IFrame based web content.
* Logging - Apache Portals Applications Logging, (APA Logging), is a
utility library used to setup and deploy logging to portlet
applications
Post release commit activity has slowed down, to be expected, people worked
hard on putting out this release. Activity on the users and dev lists has
been almost non-existent. The release seems stable, no problems reported.
We expect development to continue on some of these sub-projects, but in my
opinion we need to improve the community by getting more vendors and end
users involved. IMO, the problem is that the Portlet API just hasn't
received as much acceptance as anticipated. I believe we should look into
supporting more accepted portal and mash-up standards relevant to our
project's charter such as Gadgets.
4. Conformed to Maven/Nexus standards at Apache
The release process took a lot longer than usual this time around. Our goal
was to cleanup and improve our release process, and align with and learn
from other projects at Apache. We invited developers from Geronimo and
Maven to review our release process, and help us improve the process.
We used Nexus to manage our Maven repositories at Apache. We hit a few
bugs with Nexus that slowed us down on the first release, but once we
got past that, the two other releases went quickly. Nexus really helps.
-----------------------------------------
Attachment T: Status report for the Apache Quetzalcoatl Project
This report is a repeat of the previous one:
No new developments to report for Quetzalcoatl this quarter. No new versions
released, no major issues discovered. The pace of development and Jira
issues is very very slow.
-----------------------------------------
Attachment U: Status report for the Apache Santuario Project
Berin Lautenbach says:
Well it's been a long time since I did a report which is clearly an
indication it is time for me to move on. With this report I therefore
wish to resign from the Chair position in Apache Santuario. A vote
within the project has endorsed Raul Benito as our recommendation
to step into the chair position, and I have attached a draft resolution
at the base of this email.
In terms of activity in the project, we have seen a number of bug fixes
in both versions of the library and work has commenced on version 1.5
of the C++ version.
No changes in the committer base, but we are expecting an additional
committer by the time we next report.
-----------------------------------------
Attachment V: Status report for the Apache ServiceMix Project
We have release ServiceMix 4.0.0, which includes a bunch of subprojects
released:
* a set of 21 osgi bundles for third party dependencies
* ServiceMix Kernel 1.1.0
* ServiceMix NMR 1.0.0
* JBI components 2009.01 release
* 4 maven plugins (depends-maven-plugin 1.1, features-maven-plugin 1.1,
jbi-maven-plugin 4.1, xfire-maven-plugin 4.1)
* ServiceMix Utils 1.1.0
* ServiceMix 4.0.0
Following our JBI component roadmap, a new component has been released:
* ServiceMix Exec
Apache ServiceMix Kernel has been donated as Karaf to the Apache Felix TLP
and a few committers have been granted commit rights to Felix to continue
the work on Karaf.
We are mentoring a Google Summer of Code project: Marcin Wilkos is building
a web-based management console for ServiceMix 4 on top of the Felix Web
Console. At this time, most of his work is targeted at the new Apache Felix
Karaf project.
From an infrastructure perspective, we started using Hudson for doing CI
builds. The Apache infra team has also set up the Nexus instance at
http://repository.apache.org so we can now use if for staging our releases
under vote.
There has been no new committers / pmc members this quarter.
-----------------------------------------
Attachment W: Status report for the Apache SpamAssassin Project
-----------------------------------------
Attachment X: Status report for the Apache Synapse Project
Notable Happenings:
------------------------------
We are still working hard towards the Synapse 1.3 release! We expect
it in the next month.
We have an open question to the legal team regarding a committer and
the CCLA that is an ongoing issue.
Community
----------------
We believe the community is continuing to grow in terms of mailing
list traffic, JIRA contributions, patches.
We voted in a new committer Saliya Ekanayake.
Export controls
----------------------
We have now done our TSU notification and the latest release has the
correct documentation.
The next release will ship with the BouncyCastle JAR that excludes the
patented IDEA algorithm.
-----------------------------------------
Attachment Y: Status report for the Apache Tiles Project
It has been a very quiet quarter for Apache Tiles. There have not been
any releases or community changes. Traffic was noticeably slower on the
users@ list as well. Even so, there has been enough discussion to indicate
continued interest in Tiles and its further development.
-----------------------------------------
Attachment Z: Status report for the Apache Tomcat Project
Summary
--------------
The project continues to be active on a number of fronts.
There are no issues requiring Board attention at this time.
Releases
-------------
We have released Tomcat 6.0.20. Tomcat 6.0.19 was not released
due to some small packaging localization issues.
We are currently in the release process for 5.5.28 and 4.1.40
versions. Tomcat 4.1.40 is likely to be the last 4.1.x release.
Mod_jk 1.2.28 was released with numerous of binaries for
selected platforms. Finally JDBC Pool 1.0.3 was released.
Security
------------
We've been working closely with security issue reports and the Apache
Security committee on quickly replying to issues, resolving them, and
coordinating public disclosures.
CVE-2008-5515 - Information disclosure vulnerability
When using a RequestDispatcher obtained from the Request,
the target path was normalised before the query string was removed.
A request that included a specially crafted request parameter could be
used to access content that would otherwise be protected by a security
constraint or by locating it in under the WEB-INF directory.
Fixed and included in 6.0.20 release
CVE-2008-5519 - Information disclosure vulnerability
Situations where faulty clients set Content-Length without providing data,
or where a user submits repeated requests very quickly, may permit one
user to view the response associated with a different user's request.
Fixed in the mod_jk 1.2.27 release, but was assigned CVE number later.
CVE-2009-0033 - DoS vulnerability
If Tomcat receives a request with invalid headers via the
Java AJP connector, it does not return an error and instead closes the AJP
connection. In case this connector is member of a mod_jk load balancing
worker, this member will be put into an error state and will be blocked
from use for approximately one minute. Thus the behaviour can be used for
a denial of service attack using a carefully crafted request.
Fixed and included in 6.0.20 release
CVE-2009-0580 - Information disclosure vulnerability
Due to insufficient error checking in some authentication classes,
Tomcat allows for the enumeration (brute force testing) of user names by
supplying illegally URL encoded passwords. The attack is possible if FORM
based authentication (j_security_check) is used with the MemoryRealm.
Fixed in the SVN for all major Tomcat branches and included in the
Tomcat 6.0.20 release.
CVE-2009-0781 - Cross-site scripting vulnerability
The calendar application in the examples web application contains
an XSS flaw due to invalid HTML which renders the XSS
filtering protection ineffective.
Fixed in the SVN for all major Tomcat branches and included in the
Tomcat 6.0.20 release.
CVE-2009-0783 - Information disclosure vulnerability
Bugs 29936 and 45933 allowed a web application to replace the XML parser
used by Tomcat to process web.xml, context.xml and tld files. In limited
circumstances these bugs may allow a rogue web application to view and/or
alter the web.xml, context.xml and tld files of other web applications
deployed on the Tomcat instance.
Fixed in the SVN for all major Tomcat branches and included in the
Tomcat 6.0.20 release.
Currently there are no pending security issues.
Development
-------------------
Development was concentrated mainly on security issues and fixing
bugs for the current releases.
Jakarta PMC proposed and we accepted to move the
JSP Standard Tag Library technologies project (Taglibs)
from Jakarta and continue its development inside Apache Tomcat.
Also we are currently discussing to reorganize SVN repository
to better server the multiple branches and project modularity.
Tomcat 7 / Servlet 3.0 is still in the early stages of development.
Community
-----------------
There were no changes in the PMC membership during this quarter.
We are very happy that Konstantin Kolinko joined us as a new committer.
We are preparing the Tomcat day for this year Apache Con US, and
it seems majority of Tomcat PMC members will be present on the
conference giving it's best to promote a 10th year anniversary of
both ASF and Apache Tomcat.
-----------------------------------------
Attachment AA: Status report for the Apache Web Services Project
-----------------------------------------
Attachment AB: Status report for the Apache Wicket Project
Apache Wicket is a Java framework for creating highly dynamic, component
oriented web applications, and was established as an Apache project in
June 2007.
Things worthy of note:
- Released 1.3.6 and several release candidates for 1.4
- Our newest member Jeremy Thomerson has been building and releasing
the release candidates for 1.4
No issues require attention from the board.
-----------------------------------------
Attachment AC: Status report for the Apache XMLBeans Project
------------------------------------------------------
End of minutes for the June 17, 2009 board meeting.
Index