From dev-return-48887-archive-asf-public=cust-asf.ponee.io@ignite.apache.org Thu Dec 26 15:50:21 2019 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [207.244.88.153]) by mx-eu-01.ponee.io (Postfix) with SMTP id 8D17C180636 for ; Thu, 26 Dec 2019 16:50:21 +0100 (CET) Received: (qmail 47917 invoked by uid 500); 26 Dec 2019 15:50:20 -0000 Mailing-List: contact dev-help@ignite.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@ignite.apache.org Delivered-To: mailing list dev@ignite.apache.org Received: (qmail 47905 invoked by uid 99); 26 Dec 2019 15:50:20 -0000 Received: from Unknown (HELO mailrelay1-lw-us.apache.org) (10.10.3.159) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 26 Dec 2019 15:50:20 +0000 Received: from mail-lj1-f173.google.com (mail-lj1-f173.google.com [209.85.208.173]) by mailrelay1-lw-us.apache.org (ASF Mail Server at mailrelay1-lw-us.apache.org) with ESMTPSA id 579A510FC for ; Thu, 26 Dec 2019 15:50:20 +0000 (UTC) Received: by mail-lj1-f173.google.com with SMTP id y4so10665013ljj.9 for ; Thu, 26 Dec 2019 07:50:20 -0800 (PST) X-Gm-Message-State: APjAAAXWViRcpVHmO8JIfjjhohxDByEJYwwjgle2YdLkXrq89pT8HKQ7 XW2WAkvMfDuNw9L/7yTFpMq8L/n6vXk6XYP5+b8= X-Google-Smtp-Source: APXvYqy4Tm0K6DoxtXIuaQfV2pa6w2oKAPsX+XFeoW5L3Cd/pmJVh55KB/LUcWOpRzwP6z0+LrQu/utpI1MVGdoPvyo= X-Received: by 2002:a2e:7005:: with SMTP id l5mr26891385ljc.230.1577375419403; Thu, 26 Dec 2019 07:50:19 -0800 (PST) MIME-Version: 1.0 References: <1577182948.967805691@f380.i.mail.ru> In-Reply-To: From: Maxim Muzafarov Date: Thu, 26 Dec 2019 18:50:07 +0300 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Apache Ignite 2.8 RELEASE [Time, Scope, Manager] To: dev@ignite.apache.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Ilya, I agree with you that there is no risk and spring-data-2.2 can be safely cherry-picked to the ignite-2.8 branch. I'm OK with it. Will you do such merge or I should do it by myself? As for the second part of your email, you are proposing to bump up a minor dependencies version (no API changes) for the whole components mentioned in the parent/pom.xml file, right? From a point of the release view, it seems not a good thing since a scope test of the release becomes too wider. I don't think we will simplify thus the year-long release test scope, so as for me, this sounds not good but I'd like to hear thoughts of other community members on this point. As an alternative, for instance, we can bump minor versions only for those components which have security vulnerabilities. To find such dependencies, I've run some local test with a maven dependency-check-maven [1] an open-source dependency check tool. Here is a brief report (only a few modules tested): spring-core-4.3.18.RELEASE.jar : CVE-2018-15756 [2] h2-1.4.197.jar : CVE-2018-10054, CVE-2018-14335 (discussed also [3]) ignite-shmem-1.0.0.jar : CVE-2017-14614 [1] https://jeremylong.github.io/DependencyCheck/index.html [2] https://nvd.nist.gov/vuln/detail/CVE-2018-15756 [3] https://issues.apache.org/jira/browse/IGNITE-10801 On Thu, 26 Dec 2019 at 15:52, Ilya Kasnacheev w= rote: > > Hello! > > I propose to add the following ticket to the scope: > https://issues.apache.org/jira/browse/IGNITE-12259 (3 commits, be careful > with release version) > > Adding tickets to scope surely seems crazy now, but I will provide the > following considerations: > * This is Spring Data 2.2 integration, which we currently do not have, > leading to lots of confused questions on stack overflow and mailing list. > Spring Data is important to our public image since many people may learn > about out project by starting with Spring Data. > > * It has zero code impact outside of its own module (just 2 POM file > touched and that's all). > > * The core was ready since early November but, due to gmail quirk, we did > not react to it in time. > > WDYT? > > Another semi-related question. *Should we bump our dependencies' versions > before releasing 2.8?* I talk mainly about spring and hibernate > dependencies. We could switch them to their latest maintenance versions t= o > avoid shipping default links to outdated packages. > > I think this is one of things that are very hard to do between releases, = so > I think this dependencies bumping should be a part of a formal > release/testing cycle, and then be backported to master. > > I could volunteer to do that myself, if we agree to merge these version > upgrades to ignite-2.8 and then re-test. > > Regards, > -- > Ilya Kasnacheev > > > =D0=B2=D1=82, 24 =D0=B4=D0=B5=D0=BA. 2019 =D0=B3. =D0=B2 13:22, Zhenya St= anilovsky >: > > > > > Igniters, i`l try to compare 2.8 release candidate vs 2.7.6, > > last sha 2.8 was build from : 9d114f3137f92aebc2562a > > i use yardstick benchmarks, 4 bare machine with: 2x Xeon X5570 96Gb 51= 2GB > > SSD 2048GB HDD 10GB/s > > 1 for client (driver) and 3 for servers. > > this mappings for graphs and real yardstick tests: > > > > atomic-put: IgnitePutBenchmark > > sql-merge-query: IgniteSqlMergeQueryBenchmark > > atomic-get: IgniteGetBenchmark > > tx-get: IgniteGetTxBenchmark > > tx-put: IgnitePutTxBenchmark > > atomic-put-all-bs-10: IgnitePutAllBenchmark > > tx-put-all-bs-10: IgnitePutAllTxBenchmark > > > > cacheMode =E2=80=94 partitioned > > CacheWriteSynchronizationMode.FULL_SYNC > > 1 backup > > > > 1. wal =3D log_only 2. wal =3D none 3. persistence disabled. > > Thanks Maxim for wiki page [1] > > > > > > [1] > > https://cwiki.apache.org/confluence/display/IGNITE/Apache+Ignite+2.8#Ap= acheIgnite2.8-Benchmarks > > > > do we need some bisect or other work here ? > > > > > > > > > > >------- Forwarded message ------- > > >From: "Maxim Muzafarov" < mmuzaf@apache.org > > > >To: dev@ignite.apache.org > > >Cc: > > >Subject: Apache Ignite 2.8 RELEASE [Time, Scope, Manager] > > >Date: Fri, 20 Sep 2019 14:44:31 +0300 > > > > > >Igniters, > > > > > > > > >It's almost a year has passed since the last major Apache Ignite 2.7 > > >has been released. We've accumulated a lot of performance improvements > > >and a lot of new features which are waiting for their release date. > > >Here is my list of the most interesting things from my point since the > > >last major release: > > > > > >Service Grid, > > >Monitoring, > > >Recovery Read > > >BLT auto-adjust, > > >PDS compression, > > >WAL page compression, > > >Thin client: best effort affinity, > > >Thin client: transactions support (not yet) > > >SQL query history > > >SQL statistics > > > > > >I think we should no longer wait and freeze the master branch anymore > > >and prepare the next major release by the end of the year. > > > > > > > > >I propose to discuss Time, Scope of Apache Ignite 2.8 release and also > > >I want to propose myself to be the release manager of the planning > > >release. > > > > > >Scope Freeze: November 4, 2019 > > >Code Freeze: November 18, 2019 > > >Voting Date: December 10, 2019 > > >Release Date: December 17, 2019 > > > > > > > > >WDYT? > > > > > > > >