river-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bryan Thompson <br...@blazegraph.com>
Subject Re: May Board Report
Date Sun, 13 May 2018 13:58:35 GMT
Peter, the report is Ok.

+1

Bryan

On Sat, May 12, 2018 at 17:07 Peter Firmstone <peter.firmstone@zeus.net.au>
wrote:

> Actually we can still submit up to 24 hours prior to the meeting.
>
> Does anyone have any thoughts or anything they want to add?
>
> Regards,
>
> Peter.
>
> On 12/05/2018 8:41 AM, Peter wrote:
> > This board report is due, however it will need to be delayed until June,
> > I have been aware since last month that it needed to be done.
> > ## Description:
> >
> > - Apache River provides a platform for dynamic discovery and lookup
> >    search of network services.  Services may be implemented in a number
> >    of languages, while clients are required to be jvm based (presently at
> >    least), to allow proxy jvm byte code to be provisioned dynamically.
> > ## Issues:
> >
> > No significant issues requiring board attention at this time.
> >
> > ## Activity:
> >
> > Interest in making Jini specifications programming language agnostic.
> >
> > Release roadmap:
> >
> > River 3.1 - Modular build restructure (&   binary release)
> > River 3.2 - Input validation 4 Serialization, delayed unmarshalling&
> > safe ServiceRegistrar  lookup service.River 3.3 - OSGi support
> >
> > ## Health report:
> >
> > - Minimal activity at present on dev.
> > - Some recent commit activity, around modular build.
> >
> > - Future Direction:
> >
> >     * Target IOT space with support for OSGi and IPv6 (security fixes
> >       required prior to announcement)   * Input validation for java
> deserialization - prevents DOS and
> >       Gadget attacks.
> >     * IPv6 Multicast Service Discovery (River currently only supports
> >       IPv4 multicast discovery).
> >     * Delayed unmarshalling for Service Lookup and Discovery (includes
> >       SafeServiceRegistrar mentioned in release roadmap), so
> >       authentication can occur prior to downloading service proxy's,
> >       this addresses a long standing security issue with service lookup
>    while significantly improving performance under some use cases.
> >     * Security fixes for SSL endpoints, updated to TLS v1.2 with
> removal     of support for insecure cyphers.
> >     * Maven build to replace existing ant built that uses
> >       classdepandjar, a bytecode dependency analysis build tool.
> >     * Updating the Jini specifications.
> >
> > ## PMC changes:
> >
> > - Currently 12 PMC members.
> > - Last PMC addition was Dan Rollo on Fri 1st December 2017
> >
> > ## Committer base changes:
> >
> > - Currently 16 committers.
> >
> > ## Releases:
> >
> > - River-3.0.0 was released on Wed Oct 05 2016
> >
> > ## Mailing list activity:
> >
> > - Relatively quiet .
> >
> > ## JIRA activity:
> >
> > - Activity around making Jini specifications programming language
> >    agnostic.- Some additional bug reports
> >
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message