Apache YuniKorn (Incubating) - Community Graduation Vote

[Weiwei Yang <ww...@apache.org>]

Hi YuniKorn community and mentors

Based on the discussion thread [1], after 2 years time of incubating, it is
considered that now is a good time to graduate YuniKorn from the ASF
incubator and become a top-level Apache project. We have reviewed the ASF
project maturity model [2] and provided some assessment of the project's
maturity based on the guidelines. Details are included as the following.
Please read this and share your thoughts by replying to this email, your
feedback will be much appreciated!!!

*Code, License, and Copyright*

All code is maintained on github, under Apache 2.0 license. We have
reviewed all the dependencies and ensured they do not bring any license
issues. All the status files, license headers, and copyright are up to date.

*Release*

The community has released 5 releases in the past 2 years, i.e v0.8, v0.9,
v0.10, v0,11, and v0.12. These releases were done by 5 different release
managers [3] and indicate the community can create releases independently.
We have also a well-documented release process, automated tools to help new
release managers with the process.

*Quality*

The community has developed a comprehensive CI/CD pipeline as a guard of
the code quality. The pipeline runs per-commit license check, code-format
check, code-coverage check, UT, and end-to-end tests. All these are built
as automated github actions, new contributors can easily trigger and view
results when submitting patches.

*Community*

The community has developed an easy-to-read homepage for the project [4],
the website hosts all the materials related to the project including
versioned documentation, user docs, developer docs, design docs,
performance docs. It provides the top-level navigation to the software
download page, where links to all our previous releases. It also has the
pages for the new contributors on-boarding with the project, such as how to
join community meetings, events links, etc.

The community shows appreciation to all contributors and welcomes all kinds
of contributions (not just for code). We have built an open, diverse
community and gathered many people to work together. With that, we have 41
unique code contributors and some non-code contributors as well. Many of
them have becoming to be committers and PPMC members while working with the
community. There were 2 new mentors, 8 new committers, 2 new PPMC from 6
different organizations [5] added in the incubating phase. And in total,
the project has 6 mentors, 21 PPMC, and 27 committers from at least 14
different organizations. Community collaboration was done in a wide-public,
open manner, we leverage regular bi-weekly/weekly community meetings for 2
different timezones [6] and dev/user slack channels, mailing lists for
offline discussions.

*Independence*

The project was initially donated by Cloudera, but with a diverse open
source community, it has been operated as an independent project since it
entered into ASF incubator. The committers and PPMC members are a group of
passionate people from at least 14 different organizations, such as
Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft, Snowflake, etc.
The project's success is not depending on any single entity.

I have enough reasons to believe the project has done sustainable
development successfully in the Apache way. Again, please share your
thoughts, all YuniKorn contributors, committers, PPMC, and mentors. Thank
you!

[1] https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
[2]
https://community.apache.org/apache-way/apache-project-maturity-model.html

[3] https://yunikorn.apache.org/community/download
[4] https://yunikorn.apache.org/
[5] https://incubator.apache.org/projects/yunikorn.html

[6]
https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Weiwei Yang <ww...@apache.org>]

Good point, let's get that fixed as well during the preparation.
Thanks for the input!

On Mon, Jan 10, 2022 at 7:25 PM Wilfred Spiegelenburg <wi...@apache.org>
wrote:

> Yes, that is the jira. It has been an issue for a long time. All repos
> are stuck on a commit from January 2021.
> Not sure what changed at that point but it looks like it is linked to
> the change from YUNIKORN-531, the move to github actions.
>
> Wilfred
>
> On Tue, 11 Jan 2022 at 14:07, Chaoran Yu <yu...@gmail.com> wrote:
> >
> > I agree. It makes PR reviews really hard.
> > Is this the JIRA for it
> https://issues.apache.org/jira/browse/YUNIKORN-583?
> >
> > On Mon, Jan 10, 2022 at 7:04 PM Sunil Govindan <su...@apache.org>
> wrote:
> >>
> >> Yes, Chenya.
> >> I found that very troubling as well.
> >>
> >> We have to clean that up. Thanks for chiming in.
> >>
> >> Thanks
> >> Sunil
> >>
> >> On Mon, Jan 10, 2022 at 6:57 PM Chenya Zhang <
> chenyazhangchenya@gmail.com> wrote:
> >>>
> >>> 👍
> >>>
> >>> Another thing in my mind is our PR code check... :D
> >>>
> >>> The "check warning" from Codecov is everywhere which makes our PR
> review inconvenient. I'm not sure if the ASF board will randomly check our
> PRs and find it not ideal.
> >>>
> >>> If there is no ticket tracking this, I could help to create one and do
> some investigation there.
> >>>
> >>> Thanks,
> >>> Chenya
> >>>
> >>> On Mon, Jan 10, 2022 at 12:49 PM Sunil Govindan <su...@apache.org>
> wrote:
> >>>>
> >>>> I created YUNIKORN-1007
> >>>> <https://issues.apache.org/jira/browse/YUNIKORN-1007>
> >>>>
> >>>> We have to look at LC20 more closely given the public artifacts that
> we
> >>>> have.
> >>>>
> >>>> + @Wilfred Spiegelenburg <wi...@apache.org>
> >>>>
> >>>> Thanks
> >>>> Sunil
> >>>>
> >>>> On Mon, Jan 10, 2022 at 11:59 AM Chenya Zhang <
> chenyazhangchenya@gmail.com>
> >>>> wrote:
> >>>>
> >>>> > Thanks Weiwei for creating the tickets! I will help to work on
> >>>> > https://issues.apache.org/jira/browse/YUNIKORN-1006 to address QU
> 30, 40,
> >>>> > 50.
> >>>> >
> >>>> > On Mon, Jan 10, 2022 at 10:21 AM Weiwei Yang <ww...@apache.org>
> wrote:
> >>>> >
> >>>> >> I think we can add some documents to clearly address QU 30, 40, 50.
> >>>> >> I have created a task under YUNIKORN-1005
> >>>> >> <https://issues.apache.org/jira/browse/YUNIKORN-1005> to address
> them.
> >>>> >> Thank you Chenya, Holden for your feedback, please comment more if
> there
> >>>> >> is
> >>>> >> anything else outstanding.
> >>>> >>
> >>>> >> On Mon, Jan 10, 2022 at 9:45 AM Holden Karau <holden@pigscanfly.ca
> >
> >>>> >> wrote:
> >>>> >>
> >>>> >> > For "The project provides a well-documented, secure and private
> channel
> >>>> >> to
> >>>> >> > report security issues, along with a documented way of
> responding to
> >>>> >> them.'
> >>>> >> > the standard that I've seen used is to tell people to e-mail
> private@
> >>>> >> > when they think they might have a security related issue. I
> think that
> >>>> >> > would probably work well for Yunikorn too.
> >>>> >> >
> >>>> >> >
> >>>> >> > On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
> >>>> >> chenyazhangchenya@gmail.com>
> >>>> >> > wrote:
> >>>> >> >
> >>>> >> >> Hi Weiwei,
> >>>> >> >>
> >>>> >> >> Thanks for driving this! The evaluation is quite comprehensive
> >>>> >> overall. I
> >>>> >> >> checked our Apache project maturity guidelines and noticed the
> below
> >>>> >> three
> >>>> >> >> items. Not sure if we already have them but they are not
> blockers to
> >>>> >> our
> >>>> >> >> graduation. We could think more about them along the way.
> >>>> >> >>
> >>>> >> >> QU30
> >>>> >> >>
> >>>> >> >> The project provides a well-documented, secure and private
> channel to
> >>>> >> >> report security issues, along with a documented way of
> responding to
> >>>> >> them.
> >>>> >> >>
> >>>> >> >> QU40
> >>>> >> >>
> >>>> >> >> The project puts a high priority on backwards compatibility and
> aims to
> >>>> >> >> document any incompatible changes and provide tools and
> documentation
> >>>> >> to
> >>>> >> >> help users transition to new features.
> >>>> >> >>
> >>>> >> >> CO50
> >>>> >> >>
> >>>> >> >> The project documents how contributors can earn more rights
> such as
> >>>> >> >> commit access or decision power, and applies these principles
> >>>> >> consistently.
> >>>> >> >>
> >>>> >> >>
> >>>> >> >> Thanks,
> >>>> >> >>
> >>>> >> >> Chenya
> >>>> >> >>
> >>>> >> >>
> >>>> >> >>
> >>>> >> >> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org>
> wrote:
> >>>> >> >>
> >>>> >> >>> Hi YuniKorn community and mentors
> >>>> >> >>>
> >>>> >> >>> Based on the discussion thread [1], after 2 years time of
> incubating,
> >>>> >> it
> >>>> >> >>> is
> >>>> >> >>> considered that now is a good time to graduate YuniKorn from
> the ASF
> >>>> >> >>> incubator and become a top-level Apache project. We have
> reviewed the
> >>>> >> ASF
> >>>> >> >>> project maturity model [2] and provided some assessment of the
> >>>> >> project's
> >>>> >> >>> maturity based on the guidelines. Details are included as the
> >>>> >> following.
> >>>> >> >>> Please read this and share your thoughts by replying to this
> email,
> >>>> >> your
> >>>> >> >>> feedback will be much appreciated!!!
> >>>> >> >>>
> >>>> >> >>> *Code, License, and Copyright*
> >>>> >> >>>
> >>>> >> >>> All code is maintained on github, under Apache 2.0 license. We
> have
> >>>> >> >>> reviewed all the dependencies and ensured they do not bring any
> >>>> >> license
> >>>> >> >>> issues. All the status files, license headers, and copyright
> are up to
> >>>> >> >>> date.
> >>>> >> >>>
> >>>> >> >>> *Release*
> >>>> >> >>>
> >>>> >> >>> The community has released 5 releases in the past 2 years, i.e
> v0.8,
> >>>> >> >>> v0.9,
> >>>> >> >>> v0.10, v0,11, and v0.12. These releases were done by 5
> different
> >>>> >> release
> >>>> >> >>> managers [3] and indicate the community can create releases
> >>>> >> >>> independently.
> >>>> >> >>> We have also a well-documented release process, automated
> tools to
> >>>> >> help
> >>>> >> >>> new
> >>>> >> >>> release managers with the process.
> >>>> >> >>>
> >>>> >> >>> *Quality*
> >>>> >> >>>
> >>>> >> >>> The community has developed a comprehensive CI/CD pipeline as
> a guard
> >>>> >> of
> >>>> >> >>> the code quality. The pipeline runs per-commit license check,
> >>>> >> code-format
> >>>> >> >>> check, code-coverage check, UT, and end-to-end tests. All
> these are
> >>>> >> built
> >>>> >> >>> as automated github actions, new contributors can easily
> trigger and
> >>>> >> view
> >>>> >> >>> results when submitting patches.
> >>>> >> >>>
> >>>> >> >>> *Community*
> >>>> >> >>>
> >>>> >> >>> The community has developed an easy-to-read homepage for the
> project
> >>>> >> [4],
> >>>> >> >>> the website hosts all the materials related to the project
> including
> >>>> >> >>> versioned documentation, user docs, developer docs, design
> docs,
> >>>> >> >>> performance docs. It provides the top-level navigation to the
> software
> >>>> >> >>> download page, where links to all our previous releases. It
> also has
> >>>> >> the
> >>>> >> >>> pages for the new contributors on-boarding with the project,
> such as
> >>>> >> how
> >>>> >> >>> to
> >>>> >> >>> join community meetings, events links, etc.
> >>>> >> >>>
> >>>> >> >>> The community shows appreciation to all contributors and
> welcomes all
> >>>> >> >>> kinds
> >>>> >> >>> of contributions (not just for code). We have built an open,
> diverse
> >>>> >> >>> community and gathered many people to work together. With
> that, we
> >>>> >> have
> >>>> >> >>> 41
> >>>> >> >>> unique code contributors and some non-code contributors as
> well. Many
> >>>> >> of
> >>>> >> >>> them have becoming to be committers and PPMC members while
> working
> >>>> >> with
> >>>> >> >>> the
> >>>> >> >>> community. There were 2 new mentors, 8 new committers, 2 new
> PPMC
> >>>> >> from 6
> >>>> >> >>> different organizations [5] added in the incubating phase. And
> in
> >>>> >> total,
> >>>> >> >>> the project has 6 mentors, 21 PPMC, and 27 committers from at
> least 14
> >>>> >> >>> different organizations. Community collaboration was done in a
> >>>> >> >>> wide-public,
> >>>> >> >>> open manner, we leverage regular bi-weekly/weekly community
> meetings
> >>>> >> for
> >>>> >> >>> 2
> >>>> >> >>> different timezones [6] and dev/user slack channels, mailing
> lists for
> >>>> >> >>> offline discussions.
> >>>> >> >>>
> >>>> >> >>> *Independence*
> >>>> >> >>>
> >>>> >> >>> The project was initially donated by Cloudera, but with a
> diverse open
> >>>> >> >>> source community, it has been operated as an independent
> project
> >>>> >> since it
> >>>> >> >>> entered into ASF incubator. The committers and PPMC members
> are a
> >>>> >> group
> >>>> >> >>> of
> >>>> >> >>> passionate people from at least 14 different organizations,
> such as
> >>>> >> >>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft,
> Snowflake,
> >>>> >> >>> etc.
> >>>> >> >>> The project's success is not depending on any single entity.
> >>>> >> >>>
> >>>> >> >>> I have enough reasons to believe the project has done
> sustainable
> >>>> >> >>> development successfully in the Apache way. Again, please
> share your
> >>>> >> >>> thoughts, all YuniKorn contributors, committers, PPMC, and
> mentors.
> >>>> >> Thank
> >>>> >> >>> you!
> >>>> >> >>>
> >>>> >> >>> [1]
> https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
> >>>> >> >>> [2]
> >>>> >> >>>
> >>>> >> >>>
> >>>> >>
> https://community.apache.org/apache-way/apache-project-maturity-model.html
> >>>> >> >>>
> >>>> >> >>> [3] https://yunikorn.apache.org/community/download
> >>>> >> >>> [4] https://yunikorn.apache.org/
> >>>> >> >>> [5] https://incubator.apache.org/projects/yunikorn.html
> >>>> >> >>>
> >>>> >> >>> [6]
> >>>> >> >>>
> >>>> >> >>>
> >>>> >>
> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
> >>>> >> >>>
> >>>> >> >>
> >>>> >> >
> >>>> >> > --
> >>>> >> > Twitter: https://twitter.com/holdenkarau
> >>>> >> > Books (Learning Spark, High Performance Spark, etc.):
> >>>> >> > https://amzn.to/2MaRAG9  <https://amzn.to/2MaRAG9>
> >>>> >> > YouTube Live Streams: https://www.youtube.com/user/holdenkarau
> >>>> >> >
> >>>> >>
> >>>> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> For additional commands, e-mail: dev-help@yunikorn.apache.org
>
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Wilfred Spiegelenburg <wi...@apache.org>]

Yes, that is the jira. It has been an issue for a long time. All repos
are stuck on a commit from January 2021.
Not sure what changed at that point but it looks like it is linked to
the change from YUNIKORN-531, the move to github actions.

Wilfred

On Tue, 11 Jan 2022 at 14:07, Chaoran Yu <yu...@gmail.com> wrote:
>
> I agree. It makes PR reviews really hard.
> Is this the JIRA for it https://issues.apache.org/jira/browse/YUNIKORN-583?
>
> On Mon, Jan 10, 2022 at 7:04 PM Sunil Govindan <su...@apache.org> wrote:
>>
>> Yes, Chenya.
>> I found that very troubling as well.
>>
>> We have to clean that up. Thanks for chiming in.
>>
>> Thanks
>> Sunil
>>
>> On Mon, Jan 10, 2022 at 6:57 PM Chenya Zhang <ch...@gmail.com> wrote:
>>>
>>> 👍
>>>
>>> Another thing in my mind is our PR code check... :D
>>>
>>> The "check warning" from Codecov is everywhere which makes our PR review inconvenient. I'm not sure if the ASF board will randomly check our PRs and find it not ideal.
>>>
>>> If there is no ticket tracking this, I could help to create one and do some investigation there.
>>>
>>> Thanks,
>>> Chenya
>>>
>>> On Mon, Jan 10, 2022 at 12:49 PM Sunil Govindan <su...@apache.org> wrote:
>>>>
>>>> I created YUNIKORN-1007
>>>> <https://issues.apache.org/jira/browse/YUNIKORN-1007>
>>>>
>>>> We have to look at LC20 more closely given the public artifacts that we
>>>> have.
>>>>
>>>> + @Wilfred Spiegelenburg <wi...@apache.org>
>>>>
>>>> Thanks
>>>> Sunil
>>>>
>>>> On Mon, Jan 10, 2022 at 11:59 AM Chenya Zhang <ch...@gmail.com>
>>>> wrote:
>>>>
>>>> > Thanks Weiwei for creating the tickets! I will help to work on
>>>> > https://issues.apache.org/jira/browse/YUNIKORN-1006 to address QU 30, 40,
>>>> > 50.
>>>> >
>>>> > On Mon, Jan 10, 2022 at 10:21 AM Weiwei Yang <ww...@apache.org> wrote:
>>>> >
>>>> >> I think we can add some documents to clearly address QU 30, 40, 50.
>>>> >> I have created a task under YUNIKORN-1005
>>>> >> <https://issues.apache.org/jira/browse/YUNIKORN-1005> to address them.
>>>> >> Thank you Chenya, Holden for your feedback, please comment more if there
>>>> >> is
>>>> >> anything else outstanding.
>>>> >>
>>>> >> On Mon, Jan 10, 2022 at 9:45 AM Holden Karau <ho...@pigscanfly.ca>
>>>> >> wrote:
>>>> >>
>>>> >> > For "The project provides a well-documented, secure and private channel
>>>> >> to
>>>> >> > report security issues, along with a documented way of responding to
>>>> >> them.'
>>>> >> > the standard that I've seen used is to tell people to e-mail private@
>>>> >> > when they think they might have a security related issue. I think that
>>>> >> > would probably work well for Yunikorn too.
>>>> >> >
>>>> >> >
>>>> >> > On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
>>>> >> chenyazhangchenya@gmail.com>
>>>> >> > wrote:
>>>> >> >
>>>> >> >> Hi Weiwei,
>>>> >> >>
>>>> >> >> Thanks for driving this! The evaluation is quite comprehensive
>>>> >> overall. I
>>>> >> >> checked our Apache project maturity guidelines and noticed the below
>>>> >> three
>>>> >> >> items. Not sure if we already have them but they are not blockers to
>>>> >> our
>>>> >> >> graduation. We could think more about them along the way.
>>>> >> >>
>>>> >> >> QU30
>>>> >> >>
>>>> >> >> The project provides a well-documented, secure and private channel to
>>>> >> >> report security issues, along with a documented way of responding to
>>>> >> them.
>>>> >> >>
>>>> >> >> QU40
>>>> >> >>
>>>> >> >> The project puts a high priority on backwards compatibility and aims to
>>>> >> >> document any incompatible changes and provide tools and documentation
>>>> >> to
>>>> >> >> help users transition to new features.
>>>> >> >>
>>>> >> >> CO50
>>>> >> >>
>>>> >> >> The project documents how contributors can earn more rights such as
>>>> >> >> commit access or decision power, and applies these principles
>>>> >> consistently.
>>>> >> >>
>>>> >> >>
>>>> >> >> Thanks,
>>>> >> >>
>>>> >> >> Chenya
>>>> >> >>
>>>> >> >>
>>>> >> >>
>>>> >> >> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org> wrote:
>>>> >> >>
>>>> >> >>> Hi YuniKorn community and mentors
>>>> >> >>>
>>>> >> >>> Based on the discussion thread [1], after 2 years time of incubating,
>>>> >> it
>>>> >> >>> is
>>>> >> >>> considered that now is a good time to graduate YuniKorn from the ASF
>>>> >> >>> incubator and become a top-level Apache project. We have reviewed the
>>>> >> ASF
>>>> >> >>> project maturity model [2] and provided some assessment of the
>>>> >> project's
>>>> >> >>> maturity based on the guidelines. Details are included as the
>>>> >> following.
>>>> >> >>> Please read this and share your thoughts by replying to this email,
>>>> >> your
>>>> >> >>> feedback will be much appreciated!!!
>>>> >> >>>
>>>> >> >>> *Code, License, and Copyright*
>>>> >> >>>
>>>> >> >>> All code is maintained on github, under Apache 2.0 license. We have
>>>> >> >>> reviewed all the dependencies and ensured they do not bring any
>>>> >> license
>>>> >> >>> issues. All the status files, license headers, and copyright are up to
>>>> >> >>> date.
>>>> >> >>>
>>>> >> >>> *Release*
>>>> >> >>>
>>>> >> >>> The community has released 5 releases in the past 2 years, i.e v0.8,
>>>> >> >>> v0.9,
>>>> >> >>> v0.10, v0,11, and v0.12. These releases were done by 5 different
>>>> >> release
>>>> >> >>> managers [3] and indicate the community can create releases
>>>> >> >>> independently.
>>>> >> >>> We have also a well-documented release process, automated tools to
>>>> >> help
>>>> >> >>> new
>>>> >> >>> release managers with the process.
>>>> >> >>>
>>>> >> >>> *Quality*
>>>> >> >>>
>>>> >> >>> The community has developed a comprehensive CI/CD pipeline as a guard
>>>> >> of
>>>> >> >>> the code quality. The pipeline runs per-commit license check,
>>>> >> code-format
>>>> >> >>> check, code-coverage check, UT, and end-to-end tests. All these are
>>>> >> built
>>>> >> >>> as automated github actions, new contributors can easily trigger and
>>>> >> view
>>>> >> >>> results when submitting patches.
>>>> >> >>>
>>>> >> >>> *Community*
>>>> >> >>>
>>>> >> >>> The community has developed an easy-to-read homepage for the project
>>>> >> [4],
>>>> >> >>> the website hosts all the materials related to the project including
>>>> >> >>> versioned documentation, user docs, developer docs, design docs,
>>>> >> >>> performance docs. It provides the top-level navigation to the software
>>>> >> >>> download page, where links to all our previous releases. It also has
>>>> >> the
>>>> >> >>> pages for the new contributors on-boarding with the project, such as
>>>> >> how
>>>> >> >>> to
>>>> >> >>> join community meetings, events links, etc.
>>>> >> >>>
>>>> >> >>> The community shows appreciation to all contributors and welcomes all
>>>> >> >>> kinds
>>>> >> >>> of contributions (not just for code). We have built an open, diverse
>>>> >> >>> community and gathered many people to work together. With that, we
>>>> >> have
>>>> >> >>> 41
>>>> >> >>> unique code contributors and some non-code contributors as well. Many
>>>> >> of
>>>> >> >>> them have becoming to be committers and PPMC members while working
>>>> >> with
>>>> >> >>> the
>>>> >> >>> community. There were 2 new mentors, 8 new committers, 2 new PPMC
>>>> >> from 6
>>>> >> >>> different organizations [5] added in the incubating phase. And in
>>>> >> total,
>>>> >> >>> the project has 6 mentors, 21 PPMC, and 27 committers from at least 14
>>>> >> >>> different organizations. Community collaboration was done in a
>>>> >> >>> wide-public,
>>>> >> >>> open manner, we leverage regular bi-weekly/weekly community meetings
>>>> >> for
>>>> >> >>> 2
>>>> >> >>> different timezones [6] and dev/user slack channels, mailing lists for
>>>> >> >>> offline discussions.
>>>> >> >>>
>>>> >> >>> *Independence*
>>>> >> >>>
>>>> >> >>> The project was initially donated by Cloudera, but with a diverse open
>>>> >> >>> source community, it has been operated as an independent project
>>>> >> since it
>>>> >> >>> entered into ASF incubator. The committers and PPMC members are a
>>>> >> group
>>>> >> >>> of
>>>> >> >>> passionate people from at least 14 different organizations, such as
>>>> >> >>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft, Snowflake,
>>>> >> >>> etc.
>>>> >> >>> The project's success is not depending on any single entity.
>>>> >> >>>
>>>> >> >>> I have enough reasons to believe the project has done sustainable
>>>> >> >>> development successfully in the Apache way. Again, please share your
>>>> >> >>> thoughts, all YuniKorn contributors, committers, PPMC, and mentors.
>>>> >> Thank
>>>> >> >>> you!
>>>> >> >>>
>>>> >> >>> [1] https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
>>>> >> >>> [2]
>>>> >> >>>
>>>> >> >>>
>>>> >> https://community.apache.org/apache-way/apache-project-maturity-model.html
>>>> >> >>>
>>>> >> >>> [3] https://yunikorn.apache.org/community/download
>>>> >> >>> [4] https://yunikorn.apache.org/
>>>> >> >>> [5] https://incubator.apache.org/projects/yunikorn.html
>>>> >> >>>
>>>> >> >>> [6]
>>>> >> >>>
>>>> >> >>>
>>>> >> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
>>>> >> >>>
>>>> >> >>
>>>> >> >
>>>> >> > --
>>>> >> > Twitter: https://twitter.com/holdenkarau
>>>> >> > Books (Learning Spark, High Performance Spark, etc.):
>>>> >> > https://amzn.to/2MaRAG9  <https://amzn.to/2MaRAG9>
>>>> >> > YouTube Live Streams: https://www.youtube.com/user/holdenkarau
>>>> >> >
>>>> >>
>>>> >

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
For additional commands, e-mail: dev-help@yunikorn.apache.org

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Chaoran Yu <yu...@gmail.com>]

I agree. It makes PR reviews really hard.
Is this the JIRA for it https://issues.apache.org/jira/browse/YUNIKORN-583?

On Mon, Jan 10, 2022 at 7:04 PM Sunil Govindan <su...@apache.org> wrote:

> Yes, Chenya.
> I found that very troubling as well.
>
> We have to clean that up. Thanks for chiming in.
>
> Thanks
> Sunil
>
> On Mon, Jan 10, 2022 at 6:57 PM Chenya Zhang <ch...@gmail.com>
> wrote:
>
>> 👍
>>
>> Another thing in my mind is our PR code check... :D
>>
>> The "check warning" from Codecov is everywhere which makes our PR review
>> inconvenient. I'm not sure if the ASF board will randomly check our PRs and
>> find it not ideal.
>>
>> If there is no ticket tracking this, I could help to create one and do
>> some investigation there.
>>
>> Thanks,
>> Chenya
>>
>> On Mon, Jan 10, 2022 at 12:49 PM Sunil Govindan <su...@apache.org>
>> wrote:
>>
>>> I created YUNIKORN-1007
>>> <https://issues.apache.org/jira/browse/YUNIKORN-1007>
>>>
>>> We have to look at LC20 more closely given the public artifacts that we
>>> have.
>>>
>>> + @Wilfred Spiegelenburg <wi...@apache.org>
>>>
>>> Thanks
>>> Sunil
>>>
>>> On Mon, Jan 10, 2022 at 11:59 AM Chenya Zhang <
>>> chenyazhangchenya@gmail.com>
>>> wrote:
>>>
>>> > Thanks Weiwei for creating the tickets! I will help to work on
>>> > https://issues.apache.org/jira/browse/YUNIKORN-1006 to address QU 30,
>>> 40,
>>> > 50.
>>> >
>>> > On Mon, Jan 10, 2022 at 10:21 AM Weiwei Yang <ww...@apache.org> wrote:
>>> >
>>> >> I think we can add some documents to clearly address QU 30, 40, 50.
>>> >> I have created a task under YUNIKORN-1005
>>> >> <https://issues.apache.org/jira/browse/YUNIKORN-1005> to address
>>> them.
>>> >> Thank you Chenya, Holden for your feedback, please comment more if
>>> there
>>> >> is
>>> >> anything else outstanding.
>>> >>
>>> >> On Mon, Jan 10, 2022 at 9:45 AM Holden Karau <ho...@pigscanfly.ca>
>>> >> wrote:
>>> >>
>>> >> > For "The project provides a well-documented, secure and private
>>> channel
>>> >> to
>>> >> > report security issues, along with a documented way of responding to
>>> >> them.'
>>> >> > the standard that I've seen used is to tell people to e-mail
>>> private@
>>> >> > when they think they might have a security related issue. I think
>>> that
>>> >> > would probably work well for Yunikorn too.
>>> >> >
>>> >> >
>>> >> > On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
>>> >> chenyazhangchenya@gmail.com>
>>> >> > wrote:
>>> >> >
>>> >> >> Hi Weiwei,
>>> >> >>
>>> >> >> Thanks for driving this! The evaluation is quite comprehensive
>>> >> overall. I
>>> >> >> checked our Apache project maturity guidelines and noticed the
>>> below
>>> >> three
>>> >> >> items. Not sure if we already have them but they are not blockers
>>> to
>>> >> our
>>> >> >> graduation. We could think more about them along the way.
>>> >> >>
>>> >> >> QU30
>>> >> >>
>>> >> >> The project provides a well-documented, secure and private channel
>>> to
>>> >> >> report security issues, along with a documented way of responding
>>> to
>>> >> them.
>>> >> >>
>>> >> >> QU40
>>> >> >>
>>> >> >> The project puts a high priority on backwards compatibility and
>>> aims to
>>> >> >> document any incompatible changes and provide tools and
>>> documentation
>>> >> to
>>> >> >> help users transition to new features.
>>> >> >>
>>> >> >> CO50
>>> >> >>
>>> >> >> The project documents how contributors can earn more rights such as
>>> >> >> commit access or decision power, and applies these principles
>>> >> consistently.
>>> >> >>
>>> >> >>
>>> >> >> Thanks,
>>> >> >>
>>> >> >> Chenya
>>> >> >>
>>> >> >>
>>> >> >>
>>> >> >> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org>
>>> wrote:
>>> >> >>
>>> >> >>> Hi YuniKorn community and mentors
>>> >> >>>
>>> >> >>> Based on the discussion thread [1], after 2 years time of
>>> incubating,
>>> >> it
>>> >> >>> is
>>> >> >>> considered that now is a good time to graduate YuniKorn from the
>>> ASF
>>> >> >>> incubator and become a top-level Apache project. We have reviewed
>>> the
>>> >> ASF
>>> >> >>> project maturity model [2] and provided some assessment of the
>>> >> project's
>>> >> >>> maturity based on the guidelines. Details are included as the
>>> >> following.
>>> >> >>> Please read this and share your thoughts by replying to this
>>> email,
>>> >> your
>>> >> >>> feedback will be much appreciated!!!
>>> >> >>>
>>> >> >>> *Code, License, and Copyright*
>>> >> >>>
>>> >> >>> All code is maintained on github, under Apache 2.0 license. We
>>> have
>>> >> >>> reviewed all the dependencies and ensured they do not bring any
>>> >> license
>>> >> >>> issues. All the status files, license headers, and copyright are
>>> up to
>>> >> >>> date.
>>> >> >>>
>>> >> >>> *Release*
>>> >> >>>
>>> >> >>> The community has released 5 releases in the past 2 years, i.e
>>> v0.8,
>>> >> >>> v0.9,
>>> >> >>> v0.10, v0,11, and v0.12. These releases were done by 5 different
>>> >> release
>>> >> >>> managers [3] and indicate the community can create releases
>>> >> >>> independently.
>>> >> >>> We have also a well-documented release process, automated tools to
>>> >> help
>>> >> >>> new
>>> >> >>> release managers with the process.
>>> >> >>>
>>> >> >>> *Quality*
>>> >> >>>
>>> >> >>> The community has developed a comprehensive CI/CD pipeline as a
>>> guard
>>> >> of
>>> >> >>> the code quality. The pipeline runs per-commit license check,
>>> >> code-format
>>> >> >>> check, code-coverage check, UT, and end-to-end tests. All these
>>> are
>>> >> built
>>> >> >>> as automated github actions, new contributors can easily trigger
>>> and
>>> >> view
>>> >> >>> results when submitting patches.
>>> >> >>>
>>> >> >>> *Community*
>>> >> >>>
>>> >> >>> The community has developed an easy-to-read homepage for the
>>> project
>>> >> [4],
>>> >> >>> the website hosts all the materials related to the project
>>> including
>>> >> >>> versioned documentation, user docs, developer docs, design docs,
>>> >> >>> performance docs. It provides the top-level navigation to the
>>> software
>>> >> >>> download page, where links to all our previous releases. It also
>>> has
>>> >> the
>>> >> >>> pages for the new contributors on-boarding with the project, such
>>> as
>>> >> how
>>> >> >>> to
>>> >> >>> join community meetings, events links, etc.
>>> >> >>>
>>> >> >>> The community shows appreciation to all contributors and welcomes
>>> all
>>> >> >>> kinds
>>> >> >>> of contributions (not just for code). We have built an open,
>>> diverse
>>> >> >>> community and gathered many people to work together. With that, we
>>> >> have
>>> >> >>> 41
>>> >> >>> unique code contributors and some non-code contributors as well.
>>> Many
>>> >> of
>>> >> >>> them have becoming to be committers and PPMC members while working
>>> >> with
>>> >> >>> the
>>> >> >>> community. There were 2 new mentors, 8 new committers, 2 new PPMC
>>> >> from 6
>>> >> >>> different organizations [5] added in the incubating phase. And in
>>> >> total,
>>> >> >>> the project has 6 mentors, 21 PPMC, and 27 committers from at
>>> least 14
>>> >> >>> different organizations. Community collaboration was done in a
>>> >> >>> wide-public,
>>> >> >>> open manner, we leverage regular bi-weekly/weekly community
>>> meetings
>>> >> for
>>> >> >>> 2
>>> >> >>> different timezones [6] and dev/user slack channels, mailing
>>> lists for
>>> >> >>> offline discussions.
>>> >> >>>
>>> >> >>> *Independence*
>>> >> >>>
>>> >> >>> The project was initially donated by Cloudera, but with a diverse
>>> open
>>> >> >>> source community, it has been operated as an independent project
>>> >> since it
>>> >> >>> entered into ASF incubator. The committers and PPMC members are a
>>> >> group
>>> >> >>> of
>>> >> >>> passionate people from at least 14 different organizations, such
>>> as
>>> >> >>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft,
>>> Snowflake,
>>> >> >>> etc.
>>> >> >>> The project's success is not depending on any single entity.
>>> >> >>>
>>> >> >>> I have enough reasons to believe the project has done sustainable
>>> >> >>> development successfully in the Apache way. Again, please share
>>> your
>>> >> >>> thoughts, all YuniKorn contributors, committers, PPMC, and
>>> mentors.
>>> >> Thank
>>> >> >>> you!
>>> >> >>>
>>> >> >>> [1]
>>> https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
>>> >> >>> [2]
>>> >> >>>
>>> >> >>>
>>> >>
>>> https://community.apache.org/apache-way/apache-project-maturity-model.html
>>> >> >>>
>>> >> >>> [3] https://yunikorn.apache.org/community/download
>>> >> >>> [4] https://yunikorn.apache.org/
>>> >> >>> [5] https://incubator.apache.org/projects/yunikorn.html
>>> >> >>>
>>> >> >>> [6]
>>> >> >>>
>>> >> >>>
>>> >>
>>> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
>>> >> >>>
>>> >> >>
>>> >> >
>>> >> > --
>>> >> > Twitter: https://twitter.com/holdenkarau
>>> >> > Books (Learning Spark, High Performance Spark, etc.):
>>> >> > https://amzn.to/2MaRAG9  <https://amzn.to/2MaRAG9>
>>> >> > YouTube Live Streams: https://www.youtube.com/user/holdenkarau
>>> >> >
>>> >>
>>> >
>>>
>>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Sunil Govindan <su...@apache.org>]

Yes, Chenya.
I found that very troubling as well.

We have to clean that up. Thanks for chiming in.

Thanks
Sunil

On Mon, Jan 10, 2022 at 6:57 PM Chenya Zhang <ch...@gmail.com>
wrote:

> 👍
>
> Another thing in my mind is our PR code check... :D
>
> The "check warning" from Codecov is everywhere which makes our PR review
> inconvenient. I'm not sure if the ASF board will randomly check our PRs and
> find it not ideal.
>
> If there is no ticket tracking this, I could help to create one and do
> some investigation there.
>
> Thanks,
> Chenya
>
> On Mon, Jan 10, 2022 at 12:49 PM Sunil Govindan <su...@apache.org> wrote:
>
>> I created YUNIKORN-1007
>> <https://issues.apache.org/jira/browse/YUNIKORN-1007>
>>
>> We have to look at LC20 more closely given the public artifacts that we
>> have.
>>
>> + @Wilfred Spiegelenburg <wi...@apache.org>
>>
>> Thanks
>> Sunil
>>
>> On Mon, Jan 10, 2022 at 11:59 AM Chenya Zhang <
>> chenyazhangchenya@gmail.com>
>> wrote:
>>
>> > Thanks Weiwei for creating the tickets! I will help to work on
>> > https://issues.apache.org/jira/browse/YUNIKORN-1006 to address QU 30,
>> 40,
>> > 50.
>> >
>> > On Mon, Jan 10, 2022 at 10:21 AM Weiwei Yang <ww...@apache.org> wrote:
>> >
>> >> I think we can add some documents to clearly address QU 30, 40, 50.
>> >> I have created a task under YUNIKORN-1005
>> >> <https://issues.apache.org/jira/browse/YUNIKORN-1005> to address them.
>> >> Thank you Chenya, Holden for your feedback, please comment more if
>> there
>> >> is
>> >> anything else outstanding.
>> >>
>> >> On Mon, Jan 10, 2022 at 9:45 AM Holden Karau <ho...@pigscanfly.ca>
>> >> wrote:
>> >>
>> >> > For "The project provides a well-documented, secure and private
>> channel
>> >> to
>> >> > report security issues, along with a documented way of responding to
>> >> them.'
>> >> > the standard that I've seen used is to tell people to e-mail private@
>> >> > when they think they might have a security related issue. I think
>> that
>> >> > would probably work well for Yunikorn too.
>> >> >
>> >> >
>> >> > On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
>> >> chenyazhangchenya@gmail.com>
>> >> > wrote:
>> >> >
>> >> >> Hi Weiwei,
>> >> >>
>> >> >> Thanks for driving this! The evaluation is quite comprehensive
>> >> overall. I
>> >> >> checked our Apache project maturity guidelines and noticed the below
>> >> three
>> >> >> items. Not sure if we already have them but they are not blockers to
>> >> our
>> >> >> graduation. We could think more about them along the way.
>> >> >>
>> >> >> QU30
>> >> >>
>> >> >> The project provides a well-documented, secure and private channel
>> to
>> >> >> report security issues, along with a documented way of responding to
>> >> them.
>> >> >>
>> >> >> QU40
>> >> >>
>> >> >> The project puts a high priority on backwards compatibility and
>> aims to
>> >> >> document any incompatible changes and provide tools and
>> documentation
>> >> to
>> >> >> help users transition to new features.
>> >> >>
>> >> >> CO50
>> >> >>
>> >> >> The project documents how contributors can earn more rights such as
>> >> >> commit access or decision power, and applies these principles
>> >> consistently.
>> >> >>
>> >> >>
>> >> >> Thanks,
>> >> >>
>> >> >> Chenya
>> >> >>
>> >> >>
>> >> >>
>> >> >> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org>
>> wrote:
>> >> >>
>> >> >>> Hi YuniKorn community and mentors
>> >> >>>
>> >> >>> Based on the discussion thread [1], after 2 years time of
>> incubating,
>> >> it
>> >> >>> is
>> >> >>> considered that now is a good time to graduate YuniKorn from the
>> ASF
>> >> >>> incubator and become a top-level Apache project. We have reviewed
>> the
>> >> ASF
>> >> >>> project maturity model [2] and provided some assessment of the
>> >> project's
>> >> >>> maturity based on the guidelines. Details are included as the
>> >> following.
>> >> >>> Please read this and share your thoughts by replying to this email,
>> >> your
>> >> >>> feedback will be much appreciated!!!
>> >> >>>
>> >> >>> *Code, License, and Copyright*
>> >> >>>
>> >> >>> All code is maintained on github, under Apache 2.0 license. We have
>> >> >>> reviewed all the dependencies and ensured they do not bring any
>> >> license
>> >> >>> issues. All the status files, license headers, and copyright are
>> up to
>> >> >>> date.
>> >> >>>
>> >> >>> *Release*
>> >> >>>
>> >> >>> The community has released 5 releases in the past 2 years, i.e
>> v0.8,
>> >> >>> v0.9,
>> >> >>> v0.10, v0,11, and v0.12. These releases were done by 5 different
>> >> release
>> >> >>> managers [3] and indicate the community can create releases
>> >> >>> independently.
>> >> >>> We have also a well-documented release process, automated tools to
>> >> help
>> >> >>> new
>> >> >>> release managers with the process.
>> >> >>>
>> >> >>> *Quality*
>> >> >>>
>> >> >>> The community has developed a comprehensive CI/CD pipeline as a
>> guard
>> >> of
>> >> >>> the code quality. The pipeline runs per-commit license check,
>> >> code-format
>> >> >>> check, code-coverage check, UT, and end-to-end tests. All these are
>> >> built
>> >> >>> as automated github actions, new contributors can easily trigger
>> and
>> >> view
>> >> >>> results when submitting patches.
>> >> >>>
>> >> >>> *Community*
>> >> >>>
>> >> >>> The community has developed an easy-to-read homepage for the
>> project
>> >> [4],
>> >> >>> the website hosts all the materials related to the project
>> including
>> >> >>> versioned documentation, user docs, developer docs, design docs,
>> >> >>> performance docs. It provides the top-level navigation to the
>> software
>> >> >>> download page, where links to all our previous releases. It also
>> has
>> >> the
>> >> >>> pages for the new contributors on-boarding with the project, such
>> as
>> >> how
>> >> >>> to
>> >> >>> join community meetings, events links, etc.
>> >> >>>
>> >> >>> The community shows appreciation to all contributors and welcomes
>> all
>> >> >>> kinds
>> >> >>> of contributions (not just for code). We have built an open,
>> diverse
>> >> >>> community and gathered many people to work together. With that, we
>> >> have
>> >> >>> 41
>> >> >>> unique code contributors and some non-code contributors as well.
>> Many
>> >> of
>> >> >>> them have becoming to be committers and PPMC members while working
>> >> with
>> >> >>> the
>> >> >>> community. There were 2 new mentors, 8 new committers, 2 new PPMC
>> >> from 6
>> >> >>> different organizations [5] added in the incubating phase. And in
>> >> total,
>> >> >>> the project has 6 mentors, 21 PPMC, and 27 committers from at
>> least 14
>> >> >>> different organizations. Community collaboration was done in a
>> >> >>> wide-public,
>> >> >>> open manner, we leverage regular bi-weekly/weekly community
>> meetings
>> >> for
>> >> >>> 2
>> >> >>> different timezones [6] and dev/user slack channels, mailing lists
>> for
>> >> >>> offline discussions.
>> >> >>>
>> >> >>> *Independence*
>> >> >>>
>> >> >>> The project was initially donated by Cloudera, but with a diverse
>> open
>> >> >>> source community, it has been operated as an independent project
>> >> since it
>> >> >>> entered into ASF incubator. The committers and PPMC members are a
>> >> group
>> >> >>> of
>> >> >>> passionate people from at least 14 different organizations, such as
>> >> >>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft,
>> Snowflake,
>> >> >>> etc.
>> >> >>> The project's success is not depending on any single entity.
>> >> >>>
>> >> >>> I have enough reasons to believe the project has done sustainable
>> >> >>> development successfully in the Apache way. Again, please share
>> your
>> >> >>> thoughts, all YuniKorn contributors, committers, PPMC, and mentors.
>> >> Thank
>> >> >>> you!
>> >> >>>
>> >> >>> [1]
>> https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
>> >> >>> [2]
>> >> >>>
>> >> >>>
>> >>
>> https://community.apache.org/apache-way/apache-project-maturity-model.html
>> >> >>>
>> >> >>> [3] https://yunikorn.apache.org/community/download
>> >> >>> [4] https://yunikorn.apache.org/
>> >> >>> [5] https://incubator.apache.org/projects/yunikorn.html
>> >> >>>
>> >> >>> [6]
>> >> >>>
>> >> >>>
>> >>
>> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
>> >> >>>
>> >> >>
>> >> >
>> >> > --
>> >> > Twitter: https://twitter.com/holdenkarau
>> >> > Books (Learning Spark, High Performance Spark, etc.):
>> >> > https://amzn.to/2MaRAG9  <https://amzn.to/2MaRAG9>
>> >> > YouTube Live Streams: https://www.youtube.com/user/holdenkarau
>> >> >
>> >>
>> >
>>
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Chenya Zhang <ch...@gmail.com>]

👍

Another thing in my mind is our PR code check... :D

The "check warning" from Codecov is everywhere which makes our PR review
inconvenient. I'm not sure if the ASF board will randomly check our PRs and
find it not ideal.

If there is no ticket tracking this, I could help to create one and do some
investigation there.

Thanks,
Chenya

On Mon, Jan 10, 2022 at 12:49 PM Sunil Govindan <su...@apache.org> wrote:

> I created YUNIKORN-1007
> <https://issues.apache.org/jira/browse/YUNIKORN-1007>
>
> We have to look at LC20 more closely given the public artifacts that we
> have.
>
> + @Wilfred Spiegelenburg <wi...@apache.org>
>
> Thanks
> Sunil
>
> On Mon, Jan 10, 2022 at 11:59 AM Chenya Zhang <chenyazhangchenya@gmail.com
> >
> wrote:
>
> > Thanks Weiwei for creating the tickets! I will help to work on
> > https://issues.apache.org/jira/browse/YUNIKORN-1006 to address QU 30,
> 40,
> > 50.
> >
> > On Mon, Jan 10, 2022 at 10:21 AM Weiwei Yang <ww...@apache.org> wrote:
> >
> >> I think we can add some documents to clearly address QU 30, 40, 50.
> >> I have created a task under YUNIKORN-1005
> >> <https://issues.apache.org/jira/browse/YUNIKORN-1005> to address them.
> >> Thank you Chenya, Holden for your feedback, please comment more if there
> >> is
> >> anything else outstanding.
> >>
> >> On Mon, Jan 10, 2022 at 9:45 AM Holden Karau <ho...@pigscanfly.ca>
> >> wrote:
> >>
> >> > For "The project provides a well-documented, secure and private
> channel
> >> to
> >> > report security issues, along with a documented way of responding to
> >> them.'
> >> > the standard that I've seen used is to tell people to e-mail private@
> >> > when they think they might have a security related issue. I think that
> >> > would probably work well for Yunikorn too.
> >> >
> >> >
> >> > On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
> >> chenyazhangchenya@gmail.com>
> >> > wrote:
> >> >
> >> >> Hi Weiwei,
> >> >>
> >> >> Thanks for driving this! The evaluation is quite comprehensive
> >> overall. I
> >> >> checked our Apache project maturity guidelines and noticed the below
> >> three
> >> >> items. Not sure if we already have them but they are not blockers to
> >> our
> >> >> graduation. We could think more about them along the way.
> >> >>
> >> >> QU30
> >> >>
> >> >> The project provides a well-documented, secure and private channel to
> >> >> report security issues, along with a documented way of responding to
> >> them.
> >> >>
> >> >> QU40
> >> >>
> >> >> The project puts a high priority on backwards compatibility and aims
> to
> >> >> document any incompatible changes and provide tools and documentation
> >> to
> >> >> help users transition to new features.
> >> >>
> >> >> CO50
> >> >>
> >> >> The project documents how contributors can earn more rights such as
> >> >> commit access or decision power, and applies these principles
> >> consistently.
> >> >>
> >> >>
> >> >> Thanks,
> >> >>
> >> >> Chenya
> >> >>
> >> >>
> >> >>
> >> >> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org>
> wrote:
> >> >>
> >> >>> Hi YuniKorn community and mentors
> >> >>>
> >> >>> Based on the discussion thread [1], after 2 years time of
> incubating,
> >> it
> >> >>> is
> >> >>> considered that now is a good time to graduate YuniKorn from the ASF
> >> >>> incubator and become a top-level Apache project. We have reviewed
> the
> >> ASF
> >> >>> project maturity model [2] and provided some assessment of the
> >> project's
> >> >>> maturity based on the guidelines. Details are included as the
> >> following.
> >> >>> Please read this and share your thoughts by replying to this email,
> >> your
> >> >>> feedback will be much appreciated!!!
> >> >>>
> >> >>> *Code, License, and Copyright*
> >> >>>
> >> >>> All code is maintained on github, under Apache 2.0 license. We have
> >> >>> reviewed all the dependencies and ensured they do not bring any
> >> license
> >> >>> issues. All the status files, license headers, and copyright are up
> to
> >> >>> date.
> >> >>>
> >> >>> *Release*
> >> >>>
> >> >>> The community has released 5 releases in the past 2 years, i.e v0.8,
> >> >>> v0.9,
> >> >>> v0.10, v0,11, and v0.12. These releases were done by 5 different
> >> release
> >> >>> managers [3] and indicate the community can create releases
> >> >>> independently.
> >> >>> We have also a well-documented release process, automated tools to
> >> help
> >> >>> new
> >> >>> release managers with the process.
> >> >>>
> >> >>> *Quality*
> >> >>>
> >> >>> The community has developed a comprehensive CI/CD pipeline as a
> guard
> >> of
> >> >>> the code quality. The pipeline runs per-commit license check,
> >> code-format
> >> >>> check, code-coverage check, UT, and end-to-end tests. All these are
> >> built
> >> >>> as automated github actions, new contributors can easily trigger and
> >> view
> >> >>> results when submitting patches.
> >> >>>
> >> >>> *Community*
> >> >>>
> >> >>> The community has developed an easy-to-read homepage for the project
> >> [4],
> >> >>> the website hosts all the materials related to the project including
> >> >>> versioned documentation, user docs, developer docs, design docs,
> >> >>> performance docs. It provides the top-level navigation to the
> software
> >> >>> download page, where links to all our previous releases. It also has
> >> the
> >> >>> pages for the new contributors on-boarding with the project, such as
> >> how
> >> >>> to
> >> >>> join community meetings, events links, etc.
> >> >>>
> >> >>> The community shows appreciation to all contributors and welcomes
> all
> >> >>> kinds
> >> >>> of contributions (not just for code). We have built an open, diverse
> >> >>> community and gathered many people to work together. With that, we
> >> have
> >> >>> 41
> >> >>> unique code contributors and some non-code contributors as well.
> Many
> >> of
> >> >>> them have becoming to be committers and PPMC members while working
> >> with
> >> >>> the
> >> >>> community. There were 2 new mentors, 8 new committers, 2 new PPMC
> >> from 6
> >> >>> different organizations [5] added in the incubating phase. And in
> >> total,
> >> >>> the project has 6 mentors, 21 PPMC, and 27 committers from at least
> 14
> >> >>> different organizations. Community collaboration was done in a
> >> >>> wide-public,
> >> >>> open manner, we leverage regular bi-weekly/weekly community meetings
> >> for
> >> >>> 2
> >> >>> different timezones [6] and dev/user slack channels, mailing lists
> for
> >> >>> offline discussions.
> >> >>>
> >> >>> *Independence*
> >> >>>
> >> >>> The project was initially donated by Cloudera, but with a diverse
> open
> >> >>> source community, it has been operated as an independent project
> >> since it
> >> >>> entered into ASF incubator. The committers and PPMC members are a
> >> group
> >> >>> of
> >> >>> passionate people from at least 14 different organizations, such as
> >> >>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft,
> Snowflake,
> >> >>> etc.
> >> >>> The project's success is not depending on any single entity.
> >> >>>
> >> >>> I have enough reasons to believe the project has done sustainable
> >> >>> development successfully in the Apache way. Again, please share your
> >> >>> thoughts, all YuniKorn contributors, committers, PPMC, and mentors.
> >> Thank
> >> >>> you!
> >> >>>
> >> >>> [1]
> https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
> >> >>> [2]
> >> >>>
> >> >>>
> >>
> https://community.apache.org/apache-way/apache-project-maturity-model.html
> >> >>>
> >> >>> [3] https://yunikorn.apache.org/community/download
> >> >>> [4] https://yunikorn.apache.org/
> >> >>> [5] https://incubator.apache.org/projects/yunikorn.html
> >> >>>
> >> >>> [6]
> >> >>>
> >> >>>
> >>
> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
> >> >>>
> >> >>
> >> >
> >> > --
> >> > Twitter: https://twitter.com/holdenkarau
> >> > Books (Learning Spark, High Performance Spark, etc.):
> >> > https://amzn.to/2MaRAG9  <https://amzn.to/2MaRAG9>
> >> > YouTube Live Streams: https://www.youtube.com/user/holdenkarau
> >> >
> >>
> >
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Sunil Govindan <su...@apache.org>]

I created YUNIKORN-1007
<https://issues.apache.org/jira/browse/YUNIKORN-1007>

We have to look at LC20 more closely given the public artifacts that we
have.

+ @Wilfred Spiegelenburg <wi...@apache.org>

Thanks
Sunil

On Mon, Jan 10, 2022 at 11:59 AM Chenya Zhang <ch...@gmail.com>
wrote:

> Thanks Weiwei for creating the tickets! I will help to work on
> https://issues.apache.org/jira/browse/YUNIKORN-1006 to address QU 30, 40,
> 50.
>
> On Mon, Jan 10, 2022 at 10:21 AM Weiwei Yang <ww...@apache.org> wrote:
>
>> I think we can add some documents to clearly address QU 30, 40, 50.
>> I have created a task under YUNIKORN-1005
>> <https://issues.apache.org/jira/browse/YUNIKORN-1005> to address them.
>> Thank you Chenya, Holden for your feedback, please comment more if there
>> is
>> anything else outstanding.
>>
>> On Mon, Jan 10, 2022 at 9:45 AM Holden Karau <ho...@pigscanfly.ca>
>> wrote:
>>
>> > For "The project provides a well-documented, secure and private channel
>> to
>> > report security issues, along with a documented way of responding to
>> them.'
>> > the standard that I've seen used is to tell people to e-mail private@
>> > when they think they might have a security related issue. I think that
>> > would probably work well for Yunikorn too.
>> >
>> >
>> > On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
>> chenyazhangchenya@gmail.com>
>> > wrote:
>> >
>> >> Hi Weiwei,
>> >>
>> >> Thanks for driving this! The evaluation is quite comprehensive
>> overall. I
>> >> checked our Apache project maturity guidelines and noticed the below
>> three
>> >> items. Not sure if we already have them but they are not blockers to
>> our
>> >> graduation. We could think more about them along the way.
>> >>
>> >> QU30
>> >>
>> >> The project provides a well-documented, secure and private channel to
>> >> report security issues, along with a documented way of responding to
>> them.
>> >>
>> >> QU40
>> >>
>> >> The project puts a high priority on backwards compatibility and aims to
>> >> document any incompatible changes and provide tools and documentation
>> to
>> >> help users transition to new features.
>> >>
>> >> CO50
>> >>
>> >> The project documents how contributors can earn more rights such as
>> >> commit access or decision power, and applies these principles
>> consistently.
>> >>
>> >>
>> >> Thanks,
>> >>
>> >> Chenya
>> >>
>> >>
>> >>
>> >> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org> wrote:
>> >>
>> >>> Hi YuniKorn community and mentors
>> >>>
>> >>> Based on the discussion thread [1], after 2 years time of incubating,
>> it
>> >>> is
>> >>> considered that now is a good time to graduate YuniKorn from the ASF
>> >>> incubator and become a top-level Apache project. We have reviewed the
>> ASF
>> >>> project maturity model [2] and provided some assessment of the
>> project's
>> >>> maturity based on the guidelines. Details are included as the
>> following.
>> >>> Please read this and share your thoughts by replying to this email,
>> your
>> >>> feedback will be much appreciated!!!
>> >>>
>> >>> *Code, License, and Copyright*
>> >>>
>> >>> All code is maintained on github, under Apache 2.0 license. We have
>> >>> reviewed all the dependencies and ensured they do not bring any
>> license
>> >>> issues. All the status files, license headers, and copyright are up to
>> >>> date.
>> >>>
>> >>> *Release*
>> >>>
>> >>> The community has released 5 releases in the past 2 years, i.e v0.8,
>> >>> v0.9,
>> >>> v0.10, v0,11, and v0.12. These releases were done by 5 different
>> release
>> >>> managers [3] and indicate the community can create releases
>> >>> independently.
>> >>> We have also a well-documented release process, automated tools to
>> help
>> >>> new
>> >>> release managers with the process.
>> >>>
>> >>> *Quality*
>> >>>
>> >>> The community has developed a comprehensive CI/CD pipeline as a guard
>> of
>> >>> the code quality. The pipeline runs per-commit license check,
>> code-format
>> >>> check, code-coverage check, UT, and end-to-end tests. All these are
>> built
>> >>> as automated github actions, new contributors can easily trigger and
>> view
>> >>> results when submitting patches.
>> >>>
>> >>> *Community*
>> >>>
>> >>> The community has developed an easy-to-read homepage for the project
>> [4],
>> >>> the website hosts all the materials related to the project including
>> >>> versioned documentation, user docs, developer docs, design docs,
>> >>> performance docs. It provides the top-level navigation to the software
>> >>> download page, where links to all our previous releases. It also has
>> the
>> >>> pages for the new contributors on-boarding with the project, such as
>> how
>> >>> to
>> >>> join community meetings, events links, etc.
>> >>>
>> >>> The community shows appreciation to all contributors and welcomes all
>> >>> kinds
>> >>> of contributions (not just for code). We have built an open, diverse
>> >>> community and gathered many people to work together. With that, we
>> have
>> >>> 41
>> >>> unique code contributors and some non-code contributors as well. Many
>> of
>> >>> them have becoming to be committers and PPMC members while working
>> with
>> >>> the
>> >>> community. There were 2 new mentors, 8 new committers, 2 new PPMC
>> from 6
>> >>> different organizations [5] added in the incubating phase. And in
>> total,
>> >>> the project has 6 mentors, 21 PPMC, and 27 committers from at least 14
>> >>> different organizations. Community collaboration was done in a
>> >>> wide-public,
>> >>> open manner, we leverage regular bi-weekly/weekly community meetings
>> for
>> >>> 2
>> >>> different timezones [6] and dev/user slack channels, mailing lists for
>> >>> offline discussions.
>> >>>
>> >>> *Independence*
>> >>>
>> >>> The project was initially donated by Cloudera, but with a diverse open
>> >>> source community, it has been operated as an independent project
>> since it
>> >>> entered into ASF incubator. The committers and PPMC members are a
>> group
>> >>> of
>> >>> passionate people from at least 14 different organizations, such as
>> >>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft, Snowflake,
>> >>> etc.
>> >>> The project's success is not depending on any single entity.
>> >>>
>> >>> I have enough reasons to believe the project has done sustainable
>> >>> development successfully in the Apache way. Again, please share your
>> >>> thoughts, all YuniKorn contributors, committers, PPMC, and mentors.
>> Thank
>> >>> you!
>> >>>
>> >>> [1] https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
>> >>> [2]
>> >>>
>> >>>
>> https://community.apache.org/apache-way/apache-project-maturity-model.html
>> >>>
>> >>> [3] https://yunikorn.apache.org/community/download
>> >>> [4] https://yunikorn.apache.org/
>> >>> [5] https://incubator.apache.org/projects/yunikorn.html
>> >>>
>> >>> [6]
>> >>>
>> >>>
>> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
>> >>>
>> >>
>> >
>> > --
>> > Twitter: https://twitter.com/holdenkarau
>> > Books (Learning Spark, High Performance Spark, etc.):
>> > https://amzn.to/2MaRAG9  <https://amzn.to/2MaRAG9>
>> > YouTube Live Streams: https://www.youtube.com/user/holdenkarau
>> >
>>
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Chenya Zhang <ch...@gmail.com>]

Thanks Weiwei for creating the tickets! I will help to work on
https://issues.apache.org/jira/browse/YUNIKORN-1006 to address QU 30, 40,
50.

On Mon, Jan 10, 2022 at 10:21 AM Weiwei Yang <ww...@apache.org> wrote:

> I think we can add some documents to clearly address QU 30, 40, 50.
> I have created a task under YUNIKORN-1005
> <https://issues.apache.org/jira/browse/YUNIKORN-1005> to address them.
> Thank you Chenya, Holden for your feedback, please comment more if there is
> anything else outstanding.
>
> On Mon, Jan 10, 2022 at 9:45 AM Holden Karau <ho...@pigscanfly.ca> wrote:
>
> > For "The project provides a well-documented, secure and private channel
> to
> > report security issues, along with a documented way of responding to
> them.'
> > the standard that I've seen used is to tell people to e-mail private@
> > when they think they might have a security related issue. I think that
> > would probably work well for Yunikorn too.
> >
> >
> > On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
> chenyazhangchenya@gmail.com>
> > wrote:
> >
> >> Hi Weiwei,
> >>
> >> Thanks for driving this! The evaluation is quite comprehensive overall.
> I
> >> checked our Apache project maturity guidelines and noticed the below
> three
> >> items. Not sure if we already have them but they are not blockers to our
> >> graduation. We could think more about them along the way.
> >>
> >> QU30
> >>
> >> The project provides a well-documented, secure and private channel to
> >> report security issues, along with a documented way of responding to
> them.
> >>
> >> QU40
> >>
> >> The project puts a high priority on backwards compatibility and aims to
> >> document any incompatible changes and provide tools and documentation to
> >> help users transition to new features.
> >>
> >> CO50
> >>
> >> The project documents how contributors can earn more rights such as
> >> commit access or decision power, and applies these principles
> consistently.
> >>
> >>
> >> Thanks,
> >>
> >> Chenya
> >>
> >>
> >>
> >> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org> wrote:
> >>
> >>> Hi YuniKorn community and mentors
> >>>
> >>> Based on the discussion thread [1], after 2 years time of incubating,
> it
> >>> is
> >>> considered that now is a good time to graduate YuniKorn from the ASF
> >>> incubator and become a top-level Apache project. We have reviewed the
> ASF
> >>> project maturity model [2] and provided some assessment of the
> project's
> >>> maturity based on the guidelines. Details are included as the
> following.
> >>> Please read this and share your thoughts by replying to this email,
> your
> >>> feedback will be much appreciated!!!
> >>>
> >>> *Code, License, and Copyright*
> >>>
> >>> All code is maintained on github, under Apache 2.0 license. We have
> >>> reviewed all the dependencies and ensured they do not bring any license
> >>> issues. All the status files, license headers, and copyright are up to
> >>> date.
> >>>
> >>> *Release*
> >>>
> >>> The community has released 5 releases in the past 2 years, i.e v0.8,
> >>> v0.9,
> >>> v0.10, v0,11, and v0.12. These releases were done by 5 different
> release
> >>> managers [3] and indicate the community can create releases
> >>> independently.
> >>> We have also a well-documented release process, automated tools to help
> >>> new
> >>> release managers with the process.
> >>>
> >>> *Quality*
> >>>
> >>> The community has developed a comprehensive CI/CD pipeline as a guard
> of
> >>> the code quality. The pipeline runs per-commit license check,
> code-format
> >>> check, code-coverage check, UT, and end-to-end tests. All these are
> built
> >>> as automated github actions, new contributors can easily trigger and
> view
> >>> results when submitting patches.
> >>>
> >>> *Community*
> >>>
> >>> The community has developed an easy-to-read homepage for the project
> [4],
> >>> the website hosts all the materials related to the project including
> >>> versioned documentation, user docs, developer docs, design docs,
> >>> performance docs. It provides the top-level navigation to the software
> >>> download page, where links to all our previous releases. It also has
> the
> >>> pages for the new contributors on-boarding with the project, such as
> how
> >>> to
> >>> join community meetings, events links, etc.
> >>>
> >>> The community shows appreciation to all contributors and welcomes all
> >>> kinds
> >>> of contributions (not just for code). We have built an open, diverse
> >>> community and gathered many people to work together. With that, we have
> >>> 41
> >>> unique code contributors and some non-code contributors as well. Many
> of
> >>> them have becoming to be committers and PPMC members while working with
> >>> the
> >>> community. There were 2 new mentors, 8 new committers, 2 new PPMC from
> 6
> >>> different organizations [5] added in the incubating phase. And in
> total,
> >>> the project has 6 mentors, 21 PPMC, and 27 committers from at least 14
> >>> different organizations. Community collaboration was done in a
> >>> wide-public,
> >>> open manner, we leverage regular bi-weekly/weekly community meetings
> for
> >>> 2
> >>> different timezones [6] and dev/user slack channels, mailing lists for
> >>> offline discussions.
> >>>
> >>> *Independence*
> >>>
> >>> The project was initially donated by Cloudera, but with a diverse open
> >>> source community, it has been operated as an independent project since
> it
> >>> entered into ASF incubator. The committers and PPMC members are a group
> >>> of
> >>> passionate people from at least 14 different organizations, such as
> >>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft, Snowflake,
> >>> etc.
> >>> The project's success is not depending on any single entity.
> >>>
> >>> I have enough reasons to believe the project has done sustainable
> >>> development successfully in the Apache way. Again, please share your
> >>> thoughts, all YuniKorn contributors, committers, PPMC, and mentors.
> Thank
> >>> you!
> >>>
> >>> [1] https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
> >>> [2]
> >>>
> >>>
> https://community.apache.org/apache-way/apache-project-maturity-model.html
> >>>
> >>> [3] https://yunikorn.apache.org/community/download
> >>> [4] https://yunikorn.apache.org/
> >>> [5] https://incubator.apache.org/projects/yunikorn.html
> >>>
> >>> [6]
> >>>
> >>>
> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
> >>>
> >>
> >
> > --
> > Twitter: https://twitter.com/holdenkarau
> > Books (Learning Spark, High Performance Spark, etc.):
> > https://amzn.to/2MaRAG9  <https://amzn.to/2MaRAG9>
> > YouTube Live Streams: https://www.youtube.com/user/holdenkarau
> >
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Weiwei Yang <ww...@apache.org>]

I think we can add some documents to clearly address QU 30, 40, 50.
I have created a task under YUNIKORN-1005
<https://issues.apache.org/jira/browse/YUNIKORN-1005> to address them.
Thank you Chenya, Holden for your feedback, please comment more if there is
anything else outstanding.

On Mon, Jan 10, 2022 at 9:45 AM Holden Karau <ho...@pigscanfly.ca> wrote:

> For "The project provides a well-documented, secure and private channel to
> report security issues, along with a documented way of responding to them.'
> the standard that I've seen used is to tell people to e-mail private@
> when they think they might have a security related issue. I think that
> would probably work well for Yunikorn too.
>
>
> On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <ch...@gmail.com>
> wrote:
>
>> Hi Weiwei,
>>
>> Thanks for driving this! The evaluation is quite comprehensive overall. I
>> checked our Apache project maturity guidelines and noticed the below three
>> items. Not sure if we already have them but they are not blockers to our
>> graduation. We could think more about them along the way.
>>
>> QU30
>>
>> The project provides a well-documented, secure and private channel to
>> report security issues, along with a documented way of responding to them.
>>
>> QU40
>>
>> The project puts a high priority on backwards compatibility and aims to
>> document any incompatible changes and provide tools and documentation to
>> help users transition to new features.
>>
>> CO50
>>
>> The project documents how contributors can earn more rights such as
>> commit access or decision power, and applies these principles consistently.
>>
>>
>> Thanks,
>>
>> Chenya
>>
>>
>>
>> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org> wrote:
>>
>>> Hi YuniKorn community and mentors
>>>
>>> Based on the discussion thread [1], after 2 years time of incubating, it
>>> is
>>> considered that now is a good time to graduate YuniKorn from the ASF
>>> incubator and become a top-level Apache project. We have reviewed the ASF
>>> project maturity model [2] and provided some assessment of the project's
>>> maturity based on the guidelines. Details are included as the following.
>>> Please read this and share your thoughts by replying to this email, your
>>> feedback will be much appreciated!!!
>>>
>>> *Code, License, and Copyright*
>>>
>>> All code is maintained on github, under Apache 2.0 license. We have
>>> reviewed all the dependencies and ensured they do not bring any license
>>> issues. All the status files, license headers, and copyright are up to
>>> date.
>>>
>>> *Release*
>>>
>>> The community has released 5 releases in the past 2 years, i.e v0.8,
>>> v0.9,
>>> v0.10, v0,11, and v0.12. These releases were done by 5 different release
>>> managers [3] and indicate the community can create releases
>>> independently.
>>> We have also a well-documented release process, automated tools to help
>>> new
>>> release managers with the process.
>>>
>>> *Quality*
>>>
>>> The community has developed a comprehensive CI/CD pipeline as a guard of
>>> the code quality. The pipeline runs per-commit license check, code-format
>>> check, code-coverage check, UT, and end-to-end tests. All these are built
>>> as automated github actions, new contributors can easily trigger and view
>>> results when submitting patches.
>>>
>>> *Community*
>>>
>>> The community has developed an easy-to-read homepage for the project [4],
>>> the website hosts all the materials related to the project including
>>> versioned documentation, user docs, developer docs, design docs,
>>> performance docs. It provides the top-level navigation to the software
>>> download page, where links to all our previous releases. It also has the
>>> pages for the new contributors on-boarding with the project, such as how
>>> to
>>> join community meetings, events links, etc.
>>>
>>> The community shows appreciation to all contributors and welcomes all
>>> kinds
>>> of contributions (not just for code). We have built an open, diverse
>>> community and gathered many people to work together. With that, we have
>>> 41
>>> unique code contributors and some non-code contributors as well. Many of
>>> them have becoming to be committers and PPMC members while working with
>>> the
>>> community. There were 2 new mentors, 8 new committers, 2 new PPMC from 6
>>> different organizations [5] added in the incubating phase. And in total,
>>> the project has 6 mentors, 21 PPMC, and 27 committers from at least 14
>>> different organizations. Community collaboration was done in a
>>> wide-public,
>>> open manner, we leverage regular bi-weekly/weekly community meetings for
>>> 2
>>> different timezones [6] and dev/user slack channels, mailing lists for
>>> offline discussions.
>>>
>>> *Independence*
>>>
>>> The project was initially donated by Cloudera, but with a diverse open
>>> source community, it has been operated as an independent project since it
>>> entered into ASF incubator. The committers and PPMC members are a group
>>> of
>>> passionate people from at least 14 different organizations, such as
>>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft, Snowflake,
>>> etc.
>>> The project's success is not depending on any single entity.
>>>
>>> I have enough reasons to believe the project has done sustainable
>>> development successfully in the Apache way. Again, please share your
>>> thoughts, all YuniKorn contributors, committers, PPMC, and mentors. Thank
>>> you!
>>>
>>> [1] https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
>>> [2]
>>>
>>> https://community.apache.org/apache-way/apache-project-maturity-model.html
>>>
>>> [3] https://yunikorn.apache.org/community/download
>>> [4] https://yunikorn.apache.org/
>>> [5] https://incubator.apache.org/projects/yunikorn.html
>>>
>>> [6]
>>>
>>> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
>>>
>>
>
> --
> Twitter: https://twitter.com/holdenkarau
> Books (Learning Spark, High Performance Spark, etc.):
> https://amzn.to/2MaRAG9  <https://amzn.to/2MaRAG9>
> YouTube Live Streams: https://www.youtube.com/user/holdenkarau
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Weiwei Yang <ww...@apache.org>]

All sub-tasks under https://issues.apache.org/jira/browse/YUNIKORN-1005 are
now solved, and the name search is completed as well.
I will start a new thread for the vote.

On Tue, Jan 25, 2022 at 10:53 AM Chenya Zhang <ch...@gmail.com>
wrote:

> thanks Sunil! btw. I followed
> https://infra.apache.org/committer-email.html to configure my gmail
> settings to send from the apache email address. I originally used my gmail
> to subscribe to the private list and didn't receive a confirmation/error
> email. Hope others won't encounter the same problem.
>
> Best,
> Chenya
>
> On Tue, Jan 25, 2022 at 10:03 AM Sunil Govindan <su...@apache.org> wrote:
>
>> Yes. I reached out to a couple of them and added them to the list.
>> We still have a gap. Will try again.
>>
>> Thanks
>>  Sunil
>>
>> On Mon, Jan 24, 2022 at 10:45 PM Chenya Zhang <
>> chenyazhangchenya@gmail.com>
>> wrote:
>>
>> > Subscribed to the private list! 3 -> 2 ? :)
>> >
>> > On Mon, Jan 24, 2022 at 6:02 PM Wilfred Spiegelenburg <
>> wilfreds@apache.org
>> > >
>> > wrote:
>> >
>> > > When you check the status page [1] you will see that a wiki is no
>> > > longer required.
>> > > We can skip adding it.
>> > >
>> > > BTW: I added Chenya to the roster that increases the PPMC members not
>> > > subscribed to 3 again after it was down to 2.
>> > >
>> > > Wilfred
>> > >
>> > > [1] https://incubator.apache.org/projects/yunikorn.html
>> > >
>> > >
>> > > On Mon, 24 Jan 2022 at 13:12, Weiwei Yang <ab...@gmail.com>
>> wrote:
>> > > >
>> > > > Hi Sunil
>> > > >
>> > > > I don’t think we ever have a wiki, do we still need to add that? I
>> see
>> > > some projects leave that empty as well.
>> > > >
>> > > > Sent from my iPhone
>> > > >
>> > > > > On Jan 23, 2022, at 2:07 PM, Sunil Govindan <su...@apache.org>
>> > wrote:
>> > > > >
>> > > > > @Weiwei Yang <ww...@apache.org>
>> > > > > Could you please add WIKI as well to this?
>> > > > >
>> > > > > Thanks
>> > > > > Sunil
>> > > > >
>> > > > >> On Sun, Jan 23, 2022 at 1:33 PM Weiwei Yang <ww...@apache.org>
>> > wrote:
>> > > > >>
>> > > > >> Thank you Felix.
>> > > > >> I have added the initial podling status file:
>> > > > >>
>> > > > >>
>> > >
>> >
>> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/yunikorn.yml
>> > > > >> .
>> > > > >> Please let me know if that looks good or not.
>> > > > >>
>> > > > >>> On Sat, Jan 22, 2022 at 10:18 PM Sunil Govindan <
>> sunilg@apache.org
>> > >
>> > > wrote:
>> > > > >>>
>> > > > >>> I will reach out to them.
>> > > > >>>
>> > > > >>> Thanks
>> > > > >>> Sunil
>> > > > >>>
>> > > > >>> On Sat, Jan 22, 2022 at 9:00 PM Felix Cheung <
>> > > felixcheung_m@hotmail.com>
>> > > > >>> wrote:
>> > > > >>>
>> > > > >>>> Pls add the podling status file
>> > > > >>>>
>> > > > >>>
>> > > > >>
>> > >
>> >
>> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
>> > > > >>>>
>> > > > >>>> 3 ppmc members have not subscribed to private@
>> > > > >>>>
>> > > > >>>> These can be found on
>> > > > >>>> https://whimsy.apache.org/roster/ppmc/yunikorn
>> > > > >>>>
>> > > > >>>> <
>> > > > >>>
>> > > > >>
>> > >
>> >
>> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
>> > > > >>>>>
>> > > > >>>> ________________________________
>> > > > >>>> From: Weiwei Yang <ww...@apache.org>
>> > > > >>>> Sent: Thursday, January 20, 2022 10:05:55 PM
>> > > > >>>> To: dev@yunikorn.apache.org <de...@yunikorn.apache.org>
>> > > > >>>> Cc: private@yunikorn.apache.org <pr...@yunikorn.apache.org>
>> > > > >>>> Subject: Re: Apache YuniKorn (Incubating) - Community
>> Graduation
>> > > Vote
>> > > > >>>>
>> > > > >>>> hi all
>> > > > >>>>
>> > > > >>>> Most issues under the graduation preparation JIRA YUNIKORN-1005
>> > > > >>>> <https://issues.apache.org/jira/browse/YUNIKORN-1005> are
>> fixed.
>> > > > >>>> The remaining one is the who-are-we web page, I am currently
>> > > collecting
>> > > > >>>> info for that, should be done by next week.
>> > > > >>>> Shall we start to vote now? I can start a new thread for the
>> > > community
>> > > > >>>> voting if nobody has objections.
>> > > > >>>>
>> > > > >>>> On Tue, Jan 11, 2022 at 11:02 AM Wilfred Spiegelenburg <
>> > > > >>>> wilfreds@apache.org>
>> > > > >>>> wrote:
>> > > > >>>>
>> > > > >>>>> None of the security lists mentioned in the security page [1]
>> are
>> > > > >>>>> moderated. They are private lists, i.e. not openly available
>> for
>> > > > >>>>> browsing in an archive, but not moderated. Using the private@
>> > for
>> > > > >>>>> YuniKorn does not seem to line up with what other projects do
>> > > either.
>> > > > >>>>> None of the recently graduated projects mention anything like
>> > using
>> > > > >>>>> the private@ mailing list on their sites. They all have just
>> > used
>> > > > >> the
>> > > > >>>>> general security link mentioned on their site unless they
>> have a
>> > > > >>>>> specific security@ list. YuniKorn would be the one standing
>> out
>> > > from
>> > > > >>>>> what seems to be the norm.
>> > > > >>>>> Examples from the last 2 years of graduated projects using a
>> > simple
>> > > > >>>>> link or a text pointing to [1]: Pinot, Dolphinscheduler,
>> Ratis,
>> > > > >>>>> Echarts, Gobblin, TVM, Superset and Datasketches. There are
>> more
>> > > but
>> > > > >> I
>> > > > >>>>> think this provides an overview of what is expected on
>> > graduation.
>> > > > >>>>>
>> > > > >>>>> Wilfred
>> > > > >>>>>
>> > > > >>>>> [1] https://www.apache.org/security/
>> > > > >>>>>
>> > > > >>>>> On Tue, 11 Jan 2022 at 18:21, Weiwei Yang <ww...@apache.org>
>> > wrote:
>> > > > >>>>>>
>> > > > >>>>>> Hi Wilfred
>> > > > >>>>>>
>> > > > >>>>>> Adding a security@ mailing list sounds like a good idea,
>> but I
>> > do
>> > > > >>> not
>> > > > >>>>> think that is required in the current stage.
>> > > > >>>>>> We can do that post-graduate. For now, the Apache security
>> doc
>> > > said
>> > > > >>>>>>
>> > > > >>>>>>> We strongly encourage you to report potential security
>> > > > >>>> vulnerabilities
>> > > > >>>>> to one of our private security mailing lists first, before
>> > > disclosing
>> > > > >>>> them
>> > > > >>>>> in a public forum.
>> > > > >>>>>>
>> > > > >>>>>> I do not see any issue if we use our private@ mailing list
>> for
>> > > > >> this
>> > > > >>>>> purpose.
>> > > > >>>>>>
>> > > > >>>>>> On Mon, Jan 10, 2022 at 11:01 PM Wilfred Spiegelenburg <
>> > > > >>>>> wilfreds@apache.org> wrote:
>> > > > >>>>>>>
>> > > > >>>>>>> The private@ is a moderated list. This has two issues: a
>> > > > >> moderator
>> > > > >>>>>>> needs to approve any message not sent by a PMC member. This
>> > will
>> > > > >>> slow
>> > > > >>>>>>> down the process of interaction with the reporter. It would
>> > also
>> > > > >> not
>> > > > >>>>>>> reach the YuniKorn committers group as not all committers
>> are
>> > > part
>> > > > >>> of
>> > > > >>>>>>> the PMC. Security issues should be handled and worked on by
>> all
>> > > > >>>>>>> committers not just by the PMC members.
>> > > > >>>>>>>
>> > > > >>>>>>> The security notification update made to the website I think
>> > does
>> > > > >>> not
>> > > > >>>>>>> line up with the security guidelines referenced in the link
>> > > > >> provided
>> > > > >>>>>>> in the dropdown menu of the YuniKorn site [1]. In that link
>> > there
>> > > > >>> is a
>> > > > >>>>>>> well defined way to report security issues. If we need to
>> > enhance
>> > > > >>> and
>> > > > >>>>>>> extend what we do we either establish a security@ mailing
>> list
>> > > > >> and
>> > > > >>>>>>> provide a static page with security related information on
>> our
>> > > > >> site
>> > > > >>> or
>> > > > >>>>>>> we leave it as is. My preference would be to establish a
>> > > security@
>> > > > >>>>>>> list and make all committers a member of that list.
>> > > > >>>>>>>
>> > > > >>>>>>> I think we need to roll back the website changes part of
>> > > > >>> YUNIKORN-1006
>> > > > >>>>>>> [2] in PR [3] for the website.
>> > > > >>>>>>>
>> > > > >>>>>>> Wilfred
>> > > > >>>>>>>
>> > > > >>>>>>> [1] https://www.apache.org/security/
>> > > > >>>>>>> [2] https://issues.apache.org/jira/browse/YUNIKORN-1006
>> > > > >>>>>>> [3]
>> https://github.com/apache/incubator-yunikorn-site/pull/105
>> > > > >>>>>>>
>> > > > >>>>>>> On Tue, 11 Jan 2022 at 04:45, Holden Karau <
>> > holden@pigscanfly.ca
>> > > >
>> > > > >>>>> wrote:
>> > > > >>>>>>>>
>> > > > >>>>>>>> For "The project provides a well-documented, secure and
>> > private
>> > > > >>>>> channel to report security issues, along with a documented
>> way of
>> > > > >>>>> responding to them.' the standard that I've seen used is to
>> tell
>> > > > >> people
>> > > > >>>> to
>> > > > >>>>> e-mail private@ when they think they might have a security
>> > related
>> > > > >>>> issue.
>> > > > >>>>> I think that would probably work well for Yunikorn too.
>> > > > >>>>>>>>
>> > > > >>>>>>>>
>> > > > >>>>>>>> On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
>> > > > >>>>> chenyazhangchenya@gmail.com> wrote:
>> > > > >>>>>>>>>
>> > > > >>>>>>>>> Hi Weiwei,
>> > > > >>>>>>>>>
>> > > > >>>>>>>>> Thanks for driving this! The evaluation is quite
>> > comprehensive
>> > > > >>>>> overall. I checked our Apache project maturity guidelines and
>> > > noticed
>> > > > >>> the
>> > > > >>>>> below three items. Not sure if we already have them but they
>> are
>> > > not
>> > > > >>>>> blockers to our graduation. We could think more about them
>> along
>> > > the
>> > > > >>> way.
>> > > > >>>>>>>>>
>> > > > >>>>>>>>> QU30
>> > > > >>>>>>>>>
>> > > > >>>>>>>>> The project provides a well-documented, secure and private
>> > > > >>> channel
>> > > > >>>>> to report security issues, along with a documented way of
>> > > responding
>> > > > >> to
>> > > > >>>>> them.
>> > > > >>>>>>>>>
>> > > > >>>>>>>>> QU40
>> > > > >>>>>>>>>
>> > > > >>>>>>>>> The project puts a high priority on backwards
>> compatibility
>> > and
>> > > > >>>> aims
>> > > > >>>>> to document any incompatible changes and provide tools and
>> > > > >>> documentation
>> > > > >>>> to
>> > > > >>>>> help users transition to new features.
>> > > > >>>>>>>>>
>> > > > >>>>>>>>> CO50
>> > > > >>>>>>>>>
>> > > > >>>>>>>>> The project documents how contributors can earn more
>> rights
>> > > > >> such
>> > > > >>> as
>> > > > >>>>> commit access or decision power, and applies these principles
>> > > > >>>> consistently.
>> > > > >>>>>>>>>
>> > > > >>>>>>>>>
>> > > > >>>>>>>>> Thanks,
>> > > > >>>>>>>>>
>> > > > >>>>>>>>> Chenya
>> > > > >>>>>>>>>
>> > > > >>>>>>>>>
>> > > > >>>>>>>>>
>> > > > >>>>>>>>> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <
>> > wwei@apache.org>
>> > > > >>>>> wrote:
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> Hi YuniKorn community and mentors
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> Based on the discussion thread [1], after 2 years time of
>> > > > >>>>> incubating, it is
>> > > > >>>>>>>>>> considered that now is a good time to graduate YuniKorn
>> from
>> > > > >> the
>> > > > >>>> ASF
>> > > > >>>>>>>>>> incubator and become a top-level Apache project. We have
>> > > > >>> reviewed
>> > > > >>>>> the ASF
>> > > > >>>>>>>>>> project maturity model [2] and provided some assessment
>> of
>> > the
>> > > > >>>>> project's
>> > > > >>>>>>>>>> maturity based on the guidelines. Details are included as
>> > the
>> > > > >>>>> following.
>> > > > >>>>>>>>>> Please read this and share your thoughts by replying to
>> this
>> > > > >>>> email,
>> > > > >>>>> your
>> > > > >>>>>>>>>> feedback will be much appreciated!!!
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> *Code, License, and Copyright*
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> All code is maintained on github, under Apache 2.0
>> license.
>> > We
>> > > > >>>> have
>> > > > >>>>>>>>>> reviewed all the dependencies and ensured they do not
>> bring
>> > > > >> any
>> > > > >>>>> license
>> > > > >>>>>>>>>> issues. All the status files, license headers, and
>> copyright
>> > > > >> are
>> > > > >>>> up
>> > > > >>>>> to date.
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> *Release*
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> The community has released 5 releases in the past 2
>> years,
>> > i.e
>> > > > >>>>> v0.8, v0.9,
>> > > > >>>>>>>>>> v0.10, v0,11, and v0.12. These releases were done by 5
>> > > > >> different
>> > > > >>>>> release
>> > > > >>>>>>>>>> managers [3] and indicate the community can create
>> releases
>> > > > >>>>> independently.
>> > > > >>>>>>>>>> We have also a well-documented release process, automated
>> > > > >> tools
>> > > > >>> to
>> > > > >>>>> help new
>> > > > >>>>>>>>>> release managers with the process.
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> *Quality*
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> The community has developed a comprehensive CI/CD
>> pipeline
>> > as
>> > > > >> a
>> > > > >>>>> guard of
>> > > > >>>>>>>>>> the code quality. The pipeline runs per-commit license
>> > check,
>> > > > >>>>> code-format
>> > > > >>>>>>>>>> check, code-coverage check, UT, and end-to-end tests. All
>> > > > >> these
>> > > > >>>> are
>> > > > >>>>> built
>> > > > >>>>>>>>>> as automated github actions, new contributors can easily
>> > > > >> trigger
>> > > > >>>>> and view
>> > > > >>>>>>>>>> results when submitting patches.
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> *Community*
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> The community has developed an easy-to-read homepage for
>> the
>> > > > >>>>> project [4],
>> > > > >>>>>>>>>> the website hosts all the materials related to the
>> project
>> > > > >>>> including
>> > > > >>>>>>>>>> versioned documentation, user docs, developer docs,
>> design
>> > > > >> docs,
>> > > > >>>>>>>>>> performance docs. It provides the top-level navigation to
>> > the
>> > > > >>>>> software
>> > > > >>>>>>>>>> download page, where links to all our previous releases.
>> It
>> > > > >> also
>> > > > >>>>> has the
>> > > > >>>>>>>>>> pages for the new contributors on-boarding with the
>> project,
>> > > > >>> such
>> > > > >>>>> as how to
>> > > > >>>>>>>>>> join community meetings, events links, etc.
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> The community shows appreciation to all contributors and
>> > > > >>> welcomes
>> > > > >>>>> all kinds
>> > > > >>>>>>>>>> of contributions (not just for code). We have built an
>> open,
>> > > > >>>> diverse
>> > > > >>>>>>>>>> community and gathered many people to work together. With
>> > > > >> that,
>> > > > >>> we
>> > > > >>>>> have 41
>> > > > >>>>>>>>>> unique code contributors and some non-code contributors
>> as
>> > > > >> well.
>> > > > >>>>> Many of
>> > > > >>>>>>>>>> them have becoming to be committers and PPMC members
>> while
>> > > > >>> working
>> > > > >>>>> with the
>> > > > >>>>>>>>>> community. There were 2 new mentors, 8 new committers, 2
>> new
>> > > > >>> PPMC
>> > > > >>>>> from 6
>> > > > >>>>>>>>>> different organizations [5] added in the incubating
>> phase.
>> > And
>> > > > >>> in
>> > > > >>>>> total,
>> > > > >>>>>>>>>> the project has 6 mentors, 21 PPMC, and 27 committers
>> from
>> > at
>> > > > >>>> least
>> > > > >>>>> 14
>> > > > >>>>>>>>>> different organizations. Community collaboration was done
>> > in a
>> > > > >>>>> wide-public,
>> > > > >>>>>>>>>> open manner, we leverage regular bi-weekly/weekly
>> community
>> > > > >>>>> meetings for 2
>> > > > >>>>>>>>>> different timezones [6] and dev/user slack channels,
>> mailing
>> > > > >>> lists
>> > > > >>>>> for
>> > > > >>>>>>>>>> offline discussions.
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> *Independence*
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> The project was initially donated by Cloudera, but with a
>> > > > >>> diverse
>> > > > >>>>> open
>> > > > >>>>>>>>>> source community, it has been operated as an independent
>> > > > >> project
>> > > > >>>>> since it
>> > > > >>>>>>>>>> entered into ASF incubator. The committers and PPMC
>> members
>> > > > >> are
>> > > > >>> a
>> > > > >>>>> group of
>> > > > >>>>>>>>>> passionate people from at least 14 different
>> organizations,
>> > > > >> such
>> > > > >>>> as
>> > > > >>>>>>>>>> Alibaba, Apple, Cloudera, Databricks, LinkedIn,
>> Microsoft,
>> > > > >>>>> Snowflake, etc.
>> > > > >>>>>>>>>> The project's success is not depending on any single
>> entity.
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> I have enough reasons to believe the project has done
>> > > > >>> sustainable
>> > > > >>>>>>>>>> development successfully in the Apache way. Again, please
>> > > > >> share
>> > > > >>>> your
>> > > > >>>>>>>>>> thoughts, all YuniKorn contributors, committers, PPMC,
>> and
>> > > > >>>> mentors.
>> > > > >>>>> Thank
>> > > > >>>>>>>>>> you!
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> [1]
>> > > > >>>>>
>> https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
>> > > > >>>>>>>>>> [2]
>> > > > >>>>>>>>>>
>> > > > >>>>>
>> > > > >>>>
>> > > > >>>
>> > > > >>
>> > >
>> >
>> https://community.apache.org/apache-way/apache-project-maturity-model.html
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> [3] https://yunikorn.apache.org/community/download
>> > > > >>>>>>>>>> [4] https://yunikorn.apache.org/
>> > > > >>>>>>>>>> [5] https://incubator.apache.org/projects/yunikorn.html
>> > > > >>>>>>>>>>
>> > > > >>>>>>>>>> [6]
>> > > > >>>>>>>>>>
>> > > > >>>>>
>> > > > >>>>
>> > > > >>>
>> > > > >>
>> > >
>> >
>> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
>> > > > >>>>>>>>
>> > > > >>>>>>>>
>> > > > >>>>>>>>
>> > > > >>>>>>>> --
>> > > > >>>>>>>> Twitter: https://twitter.com/holdenkarau
>> > > > >>>>>>>> Books (Learning Spark, High Performance Spark, etc.):
>> > > > >>>>> https://amzn.to/2MaRAG9
>> > > > >>>>>>>> YouTube Live Streams:
>> > https://www.youtube.com/user/holdenkarau
>> > > > >>>>>
>> > > > >>>>>
>> > > ---------------------------------------------------------------------
>> > > > >>>>> To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
>> > > > >>>>> For additional commands, e-mail: dev-help@yunikorn.apache.org
>> > > > >>>>>
>> > > > >>>>>
>> > > > >>>>
>> > > > >>>
>> > > > >>
>> > > >
>> > > >
>> ---------------------------------------------------------------------
>> > > > To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
>> > > > For additional commands, e-mail: dev-help@yunikorn.apache.org
>> > > >
>> > >
>> > > ---------------------------------------------------------------------
>> > > To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
>> > > For additional commands, e-mail: dev-help@yunikorn.apache.org
>> > >
>> > >
>> >
>>
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Chenya Zhang <ch...@gmail.com>]

thanks Sunil! btw. I followed https://infra.apache.org/committer-email.html
to configure my gmail settings to send from the apache email address. I
originally used my gmail to subscribe to the private list and didn't
receive a confirmation/error email. Hope others won't encounter the same
problem.

Best,
Chenya

On Tue, Jan 25, 2022 at 10:03 AM Sunil Govindan <su...@apache.org> wrote:

> Yes. I reached out to a couple of them and added them to the list.
> We still have a gap. Will try again.
>
> Thanks
>  Sunil
>
> On Mon, Jan 24, 2022 at 10:45 PM Chenya Zhang <chenyazhangchenya@gmail.com
> >
> wrote:
>
> > Subscribed to the private list! 3 -> 2 ? :)
> >
> > On Mon, Jan 24, 2022 at 6:02 PM Wilfred Spiegelenburg <
> wilfreds@apache.org
> > >
> > wrote:
> >
> > > When you check the status page [1] you will see that a wiki is no
> > > longer required.
> > > We can skip adding it.
> > >
> > > BTW: I added Chenya to the roster that increases the PPMC members not
> > > subscribed to 3 again after it was down to 2.
> > >
> > > Wilfred
> > >
> > > [1] https://incubator.apache.org/projects/yunikorn.html
> > >
> > >
> > > On Mon, 24 Jan 2022 at 13:12, Weiwei Yang <ab...@gmail.com> wrote:
> > > >
> > > > Hi Sunil
> > > >
> > > > I don’t think we ever have a wiki, do we still need to add that? I
> see
> > > some projects leave that empty as well.
> > > >
> > > > Sent from my iPhone
> > > >
> > > > > On Jan 23, 2022, at 2:07 PM, Sunil Govindan <su...@apache.org>
> > wrote:
> > > > >
> > > > > @Weiwei Yang <ww...@apache.org>
> > > > > Could you please add WIKI as well to this?
> > > > >
> > > > > Thanks
> > > > > Sunil
> > > > >
> > > > >> On Sun, Jan 23, 2022 at 1:33 PM Weiwei Yang <ww...@apache.org>
> > wrote:
> > > > >>
> > > > >> Thank you Felix.
> > > > >> I have added the initial podling status file:
> > > > >>
> > > > >>
> > >
> >
> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/yunikorn.yml
> > > > >> .
> > > > >> Please let me know if that looks good or not.
> > > > >>
> > > > >>> On Sat, Jan 22, 2022 at 10:18 PM Sunil Govindan <
> sunilg@apache.org
> > >
> > > wrote:
> > > > >>>
> > > > >>> I will reach out to them.
> > > > >>>
> > > > >>> Thanks
> > > > >>> Sunil
> > > > >>>
> > > > >>> On Sat, Jan 22, 2022 at 9:00 PM Felix Cheung <
> > > felixcheung_m@hotmail.com>
> > > > >>> wrote:
> > > > >>>
> > > > >>>> Pls add the podling status file
> > > > >>>>
> > > > >>>
> > > > >>
> > >
> >
> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
> > > > >>>>
> > > > >>>> 3 ppmc members have not subscribed to private@
> > > > >>>>
> > > > >>>> These can be found on
> > > > >>>> https://whimsy.apache.org/roster/ppmc/yunikorn
> > > > >>>>
> > > > >>>> <
> > > > >>>
> > > > >>
> > >
> >
> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
> > > > >>>>>
> > > > >>>> ________________________________
> > > > >>>> From: Weiwei Yang <ww...@apache.org>
> > > > >>>> Sent: Thursday, January 20, 2022 10:05:55 PM
> > > > >>>> To: dev@yunikorn.apache.org <de...@yunikorn.apache.org>
> > > > >>>> Cc: private@yunikorn.apache.org <pr...@yunikorn.apache.org>
> > > > >>>> Subject: Re: Apache YuniKorn (Incubating) - Community Graduation
> > > Vote
> > > > >>>>
> > > > >>>> hi all
> > > > >>>>
> > > > >>>> Most issues under the graduation preparation JIRA YUNIKORN-1005
> > > > >>>> <https://issues.apache.org/jira/browse/YUNIKORN-1005> are
> fixed.
> > > > >>>> The remaining one is the who-are-we web page, I am currently
> > > collecting
> > > > >>>> info for that, should be done by next week.
> > > > >>>> Shall we start to vote now? I can start a new thread for the
> > > community
> > > > >>>> voting if nobody has objections.
> > > > >>>>
> > > > >>>> On Tue, Jan 11, 2022 at 11:02 AM Wilfred Spiegelenburg <
> > > > >>>> wilfreds@apache.org>
> > > > >>>> wrote:
> > > > >>>>
> > > > >>>>> None of the security lists mentioned in the security page [1]
> are
> > > > >>>>> moderated. They are private lists, i.e. not openly available
> for
> > > > >>>>> browsing in an archive, but not moderated. Using the private@
> > for
> > > > >>>>> YuniKorn does not seem to line up with what other projects do
> > > either.
> > > > >>>>> None of the recently graduated projects mention anything like
> > using
> > > > >>>>> the private@ mailing list on their sites. They all have just
> > used
> > > > >> the
> > > > >>>>> general security link mentioned on their site unless they have
> a
> > > > >>>>> specific security@ list. YuniKorn would be the one standing
> out
> > > from
> > > > >>>>> what seems to be the norm.
> > > > >>>>> Examples from the last 2 years of graduated projects using a
> > simple
> > > > >>>>> link or a text pointing to [1]: Pinot, Dolphinscheduler, Ratis,
> > > > >>>>> Echarts, Gobblin, TVM, Superset and Datasketches. There are
> more
> > > but
> > > > >> I
> > > > >>>>> think this provides an overview of what is expected on
> > graduation.
> > > > >>>>>
> > > > >>>>> Wilfred
> > > > >>>>>
> > > > >>>>> [1] https://www.apache.org/security/
> > > > >>>>>
> > > > >>>>> On Tue, 11 Jan 2022 at 18:21, Weiwei Yang <ww...@apache.org>
> > wrote:
> > > > >>>>>>
> > > > >>>>>> Hi Wilfred
> > > > >>>>>>
> > > > >>>>>> Adding a security@ mailing list sounds like a good idea, but
> I
> > do
> > > > >>> not
> > > > >>>>> think that is required in the current stage.
> > > > >>>>>> We can do that post-graduate. For now, the Apache security doc
> > > said
> > > > >>>>>>
> > > > >>>>>>> We strongly encourage you to report potential security
> > > > >>>> vulnerabilities
> > > > >>>>> to one of our private security mailing lists first, before
> > > disclosing
> > > > >>>> them
> > > > >>>>> in a public forum.
> > > > >>>>>>
> > > > >>>>>> I do not see any issue if we use our private@ mailing list
> for
> > > > >> this
> > > > >>>>> purpose.
> > > > >>>>>>
> > > > >>>>>> On Mon, Jan 10, 2022 at 11:01 PM Wilfred Spiegelenburg <
> > > > >>>>> wilfreds@apache.org> wrote:
> > > > >>>>>>>
> > > > >>>>>>> The private@ is a moderated list. This has two issues: a
> > > > >> moderator
> > > > >>>>>>> needs to approve any message not sent by a PMC member. This
> > will
> > > > >>> slow
> > > > >>>>>>> down the process of interaction with the reporter. It would
> > also
> > > > >> not
> > > > >>>>>>> reach the YuniKorn committers group as not all committers are
> > > part
> > > > >>> of
> > > > >>>>>>> the PMC. Security issues should be handled and worked on by
> all
> > > > >>>>>>> committers not just by the PMC members.
> > > > >>>>>>>
> > > > >>>>>>> The security notification update made to the website I think
> > does
> > > > >>> not
> > > > >>>>>>> line up with the security guidelines referenced in the link
> > > > >> provided
> > > > >>>>>>> in the dropdown menu of the YuniKorn site [1]. In that link
> > there
> > > > >>> is a
> > > > >>>>>>> well defined way to report security issues. If we need to
> > enhance
> > > > >>> and
> > > > >>>>>>> extend what we do we either establish a security@ mailing
> list
> > > > >> and
> > > > >>>>>>> provide a static page with security related information on
> our
> > > > >> site
> > > > >>> or
> > > > >>>>>>> we leave it as is. My preference would be to establish a
> > > security@
> > > > >>>>>>> list and make all committers a member of that list.
> > > > >>>>>>>
> > > > >>>>>>> I think we need to roll back the website changes part of
> > > > >>> YUNIKORN-1006
> > > > >>>>>>> [2] in PR [3] for the website.
> > > > >>>>>>>
> > > > >>>>>>> Wilfred
> > > > >>>>>>>
> > > > >>>>>>> [1] https://www.apache.org/security/
> > > > >>>>>>> [2] https://issues.apache.org/jira/browse/YUNIKORN-1006
> > > > >>>>>>> [3]
> https://github.com/apache/incubator-yunikorn-site/pull/105
> > > > >>>>>>>
> > > > >>>>>>> On Tue, 11 Jan 2022 at 04:45, Holden Karau <
> > holden@pigscanfly.ca
> > > >
> > > > >>>>> wrote:
> > > > >>>>>>>>
> > > > >>>>>>>> For "The project provides a well-documented, secure and
> > private
> > > > >>>>> channel to report security issues, along with a documented way
> of
> > > > >>>>> responding to them.' the standard that I've seen used is to
> tell
> > > > >> people
> > > > >>>> to
> > > > >>>>> e-mail private@ when they think they might have a security
> > related
> > > > >>>> issue.
> > > > >>>>> I think that would probably work well for Yunikorn too.
> > > > >>>>>>>>
> > > > >>>>>>>>
> > > > >>>>>>>> On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
> > > > >>>>> chenyazhangchenya@gmail.com> wrote:
> > > > >>>>>>>>>
> > > > >>>>>>>>> Hi Weiwei,
> > > > >>>>>>>>>
> > > > >>>>>>>>> Thanks for driving this! The evaluation is quite
> > comprehensive
> > > > >>>>> overall. I checked our Apache project maturity guidelines and
> > > noticed
> > > > >>> the
> > > > >>>>> below three items. Not sure if we already have them but they
> are
> > > not
> > > > >>>>> blockers to our graduation. We could think more about them
> along
> > > the
> > > > >>> way.
> > > > >>>>>>>>>
> > > > >>>>>>>>> QU30
> > > > >>>>>>>>>
> > > > >>>>>>>>> The project provides a well-documented, secure and private
> > > > >>> channel
> > > > >>>>> to report security issues, along with a documented way of
> > > responding
> > > > >> to
> > > > >>>>> them.
> > > > >>>>>>>>>
> > > > >>>>>>>>> QU40
> > > > >>>>>>>>>
> > > > >>>>>>>>> The project puts a high priority on backwards compatibility
> > and
> > > > >>>> aims
> > > > >>>>> to document any incompatible changes and provide tools and
> > > > >>> documentation
> > > > >>>> to
> > > > >>>>> help users transition to new features.
> > > > >>>>>>>>>
> > > > >>>>>>>>> CO50
> > > > >>>>>>>>>
> > > > >>>>>>>>> The project documents how contributors can earn more rights
> > > > >> such
> > > > >>> as
> > > > >>>>> commit access or decision power, and applies these principles
> > > > >>>> consistently.
> > > > >>>>>>>>>
> > > > >>>>>>>>>
> > > > >>>>>>>>> Thanks,
> > > > >>>>>>>>>
> > > > >>>>>>>>> Chenya
> > > > >>>>>>>>>
> > > > >>>>>>>>>
> > > > >>>>>>>>>
> > > > >>>>>>>>> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <
> > wwei@apache.org>
> > > > >>>>> wrote:
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> Hi YuniKorn community and mentors
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> Based on the discussion thread [1], after 2 years time of
> > > > >>>>> incubating, it is
> > > > >>>>>>>>>> considered that now is a good time to graduate YuniKorn
> from
> > > > >> the
> > > > >>>> ASF
> > > > >>>>>>>>>> incubator and become a top-level Apache project. We have
> > > > >>> reviewed
> > > > >>>>> the ASF
> > > > >>>>>>>>>> project maturity model [2] and provided some assessment of
> > the
> > > > >>>>> project's
> > > > >>>>>>>>>> maturity based on the guidelines. Details are included as
> > the
> > > > >>>>> following.
> > > > >>>>>>>>>> Please read this and share your thoughts by replying to
> this
> > > > >>>> email,
> > > > >>>>> your
> > > > >>>>>>>>>> feedback will be much appreciated!!!
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> *Code, License, and Copyright*
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> All code is maintained on github, under Apache 2.0
> license.
> > We
> > > > >>>> have
> > > > >>>>>>>>>> reviewed all the dependencies and ensured they do not
> bring
> > > > >> any
> > > > >>>>> license
> > > > >>>>>>>>>> issues. All the status files, license headers, and
> copyright
> > > > >> are
> > > > >>>> up
> > > > >>>>> to date.
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> *Release*
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> The community has released 5 releases in the past 2 years,
> > i.e
> > > > >>>>> v0.8, v0.9,
> > > > >>>>>>>>>> v0.10, v0,11, and v0.12. These releases were done by 5
> > > > >> different
> > > > >>>>> release
> > > > >>>>>>>>>> managers [3] and indicate the community can create
> releases
> > > > >>>>> independently.
> > > > >>>>>>>>>> We have also a well-documented release process, automated
> > > > >> tools
> > > > >>> to
> > > > >>>>> help new
> > > > >>>>>>>>>> release managers with the process.
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> *Quality*
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> The community has developed a comprehensive CI/CD pipeline
> > as
> > > > >> a
> > > > >>>>> guard of
> > > > >>>>>>>>>> the code quality. The pipeline runs per-commit license
> > check,
> > > > >>>>> code-format
> > > > >>>>>>>>>> check, code-coverage check, UT, and end-to-end tests. All
> > > > >> these
> > > > >>>> are
> > > > >>>>> built
> > > > >>>>>>>>>> as automated github actions, new contributors can easily
> > > > >> trigger
> > > > >>>>> and view
> > > > >>>>>>>>>> results when submitting patches.
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> *Community*
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> The community has developed an easy-to-read homepage for
> the
> > > > >>>>> project [4],
> > > > >>>>>>>>>> the website hosts all the materials related to the project
> > > > >>>> including
> > > > >>>>>>>>>> versioned documentation, user docs, developer docs, design
> > > > >> docs,
> > > > >>>>>>>>>> performance docs. It provides the top-level navigation to
> > the
> > > > >>>>> software
> > > > >>>>>>>>>> download page, where links to all our previous releases.
> It
> > > > >> also
> > > > >>>>> has the
> > > > >>>>>>>>>> pages for the new contributors on-boarding with the
> project,
> > > > >>> such
> > > > >>>>> as how to
> > > > >>>>>>>>>> join community meetings, events links, etc.
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> The community shows appreciation to all contributors and
> > > > >>> welcomes
> > > > >>>>> all kinds
> > > > >>>>>>>>>> of contributions (not just for code). We have built an
> open,
> > > > >>>> diverse
> > > > >>>>>>>>>> community and gathered many people to work together. With
> > > > >> that,
> > > > >>> we
> > > > >>>>> have 41
> > > > >>>>>>>>>> unique code contributors and some non-code contributors as
> > > > >> well.
> > > > >>>>> Many of
> > > > >>>>>>>>>> them have becoming to be committers and PPMC members while
> > > > >>> working
> > > > >>>>> with the
> > > > >>>>>>>>>> community. There were 2 new mentors, 8 new committers, 2
> new
> > > > >>> PPMC
> > > > >>>>> from 6
> > > > >>>>>>>>>> different organizations [5] added in the incubating phase.
> > And
> > > > >>> in
> > > > >>>>> total,
> > > > >>>>>>>>>> the project has 6 mentors, 21 PPMC, and 27 committers from
> > at
> > > > >>>> least
> > > > >>>>> 14
> > > > >>>>>>>>>> different organizations. Community collaboration was done
> > in a
> > > > >>>>> wide-public,
> > > > >>>>>>>>>> open manner, we leverage regular bi-weekly/weekly
> community
> > > > >>>>> meetings for 2
> > > > >>>>>>>>>> different timezones [6] and dev/user slack channels,
> mailing
> > > > >>> lists
> > > > >>>>> for
> > > > >>>>>>>>>> offline discussions.
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> *Independence*
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> The project was initially donated by Cloudera, but with a
> > > > >>> diverse
> > > > >>>>> open
> > > > >>>>>>>>>> source community, it has been operated as an independent
> > > > >> project
> > > > >>>>> since it
> > > > >>>>>>>>>> entered into ASF incubator. The committers and PPMC
> members
> > > > >> are
> > > > >>> a
> > > > >>>>> group of
> > > > >>>>>>>>>> passionate people from at least 14 different
> organizations,
> > > > >> such
> > > > >>>> as
> > > > >>>>>>>>>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft,
> > > > >>>>> Snowflake, etc.
> > > > >>>>>>>>>> The project's success is not depending on any single
> entity.
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> I have enough reasons to believe the project has done
> > > > >>> sustainable
> > > > >>>>>>>>>> development successfully in the Apache way. Again, please
> > > > >> share
> > > > >>>> your
> > > > >>>>>>>>>> thoughts, all YuniKorn contributors, committers, PPMC, and
> > > > >>>> mentors.
> > > > >>>>> Thank
> > > > >>>>>>>>>> you!
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> [1]
> > > > >>>>>
> https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
> > > > >>>>>>>>>> [2]
> > > > >>>>>>>>>>
> > > > >>>>>
> > > > >>>>
> > > > >>>
> > > > >>
> > >
> >
> https://community.apache.org/apache-way/apache-project-maturity-model.html
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> [3] https://yunikorn.apache.org/community/download
> > > > >>>>>>>>>> [4] https://yunikorn.apache.org/
> > > > >>>>>>>>>> [5] https://incubator.apache.org/projects/yunikorn.html
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> [6]
> > > > >>>>>>>>>>
> > > > >>>>>
> > > > >>>>
> > > > >>>
> > > > >>
> > >
> >
> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
> > > > >>>>>>>>
> > > > >>>>>>>>
> > > > >>>>>>>>
> > > > >>>>>>>> --
> > > > >>>>>>>> Twitter: https://twitter.com/holdenkarau
> > > > >>>>>>>> Books (Learning Spark, High Performance Spark, etc.):
> > > > >>>>> https://amzn.to/2MaRAG9
> > > > >>>>>>>> YouTube Live Streams:
> > https://www.youtube.com/user/holdenkarau
> > > > >>>>>
> > > > >>>>>
> > > ---------------------------------------------------------------------
> > > > >>>>> To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> > > > >>>>> For additional commands, e-mail: dev-help@yunikorn.apache.org
> > > > >>>>>
> > > > >>>>>
> > > > >>>>
> > > > >>>
> > > > >>
> > > >
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> > > > For additional commands, e-mail: dev-help@yunikorn.apache.org
> > > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> > > For additional commands, e-mail: dev-help@yunikorn.apache.org
> > >
> > >
> >
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Sunil Govindan <su...@apache.org>]

Yes. I reached out to a couple of them and added them to the list.
We still have a gap. Will try again.

Thanks
 Sunil

On Mon, Jan 24, 2022 at 10:45 PM Chenya Zhang <ch...@gmail.com>
wrote:

> Subscribed to the private list! 3 -> 2 ? :)
>
> On Mon, Jan 24, 2022 at 6:02 PM Wilfred Spiegelenburg <wilfreds@apache.org
> >
> wrote:
>
> > When you check the status page [1] you will see that a wiki is no
> > longer required.
> > We can skip adding it.
> >
> > BTW: I added Chenya to the roster that increases the PPMC members not
> > subscribed to 3 again after it was down to 2.
> >
> > Wilfred
> >
> > [1] https://incubator.apache.org/projects/yunikorn.html
> >
> >
> > On Mon, 24 Jan 2022 at 13:12, Weiwei Yang <ab...@gmail.com> wrote:
> > >
> > > Hi Sunil
> > >
> > > I don’t think we ever have a wiki, do we still need to add that? I see
> > some projects leave that empty as well.
> > >
> > > Sent from my iPhone
> > >
> > > > On Jan 23, 2022, at 2:07 PM, Sunil Govindan <su...@apache.org>
> wrote:
> > > >
> > > > @Weiwei Yang <ww...@apache.org>
> > > > Could you please add WIKI as well to this?
> > > >
> > > > Thanks
> > > > Sunil
> > > >
> > > >> On Sun, Jan 23, 2022 at 1:33 PM Weiwei Yang <ww...@apache.org>
> wrote:
> > > >>
> > > >> Thank you Felix.
> > > >> I have added the initial podling status file:
> > > >>
> > > >>
> >
> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/yunikorn.yml
> > > >> .
> > > >> Please let me know if that looks good or not.
> > > >>
> > > >>> On Sat, Jan 22, 2022 at 10:18 PM Sunil Govindan <sunilg@apache.org
> >
> > wrote:
> > > >>>
> > > >>> I will reach out to them.
> > > >>>
> > > >>> Thanks
> > > >>> Sunil
> > > >>>
> > > >>> On Sat, Jan 22, 2022 at 9:00 PM Felix Cheung <
> > felixcheung_m@hotmail.com>
> > > >>> wrote:
> > > >>>
> > > >>>> Pls add the podling status file
> > > >>>>
> > > >>>
> > > >>
> >
> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
> > > >>>>
> > > >>>> 3 ppmc members have not subscribed to private@
> > > >>>>
> > > >>>> These can be found on
> > > >>>> https://whimsy.apache.org/roster/ppmc/yunikorn
> > > >>>>
> > > >>>> <
> > > >>>
> > > >>
> >
> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
> > > >>>>>
> > > >>>> ________________________________
> > > >>>> From: Weiwei Yang <ww...@apache.org>
> > > >>>> Sent: Thursday, January 20, 2022 10:05:55 PM
> > > >>>> To: dev@yunikorn.apache.org <de...@yunikorn.apache.org>
> > > >>>> Cc: private@yunikorn.apache.org <pr...@yunikorn.apache.org>
> > > >>>> Subject: Re: Apache YuniKorn (Incubating) - Community Graduation
> > Vote
> > > >>>>
> > > >>>> hi all
> > > >>>>
> > > >>>> Most issues under the graduation preparation JIRA YUNIKORN-1005
> > > >>>> <https://issues.apache.org/jira/browse/YUNIKORN-1005> are fixed.
> > > >>>> The remaining one is the who-are-we web page, I am currently
> > collecting
> > > >>>> info for that, should be done by next week.
> > > >>>> Shall we start to vote now? I can start a new thread for the
> > community
> > > >>>> voting if nobody has objections.
> > > >>>>
> > > >>>> On Tue, Jan 11, 2022 at 11:02 AM Wilfred Spiegelenburg <
> > > >>>> wilfreds@apache.org>
> > > >>>> wrote:
> > > >>>>
> > > >>>>> None of the security lists mentioned in the security page [1] are
> > > >>>>> moderated. They are private lists, i.e. not openly available for
> > > >>>>> browsing in an archive, but not moderated. Using the private@
> for
> > > >>>>> YuniKorn does not seem to line up with what other projects do
> > either.
> > > >>>>> None of the recently graduated projects mention anything like
> using
> > > >>>>> the private@ mailing list on their sites. They all have just
> used
> > > >> the
> > > >>>>> general security link mentioned on their site unless they have a
> > > >>>>> specific security@ list. YuniKorn would be the one standing out
> > from
> > > >>>>> what seems to be the norm.
> > > >>>>> Examples from the last 2 years of graduated projects using a
> simple
> > > >>>>> link or a text pointing to [1]: Pinot, Dolphinscheduler, Ratis,
> > > >>>>> Echarts, Gobblin, TVM, Superset and Datasketches. There are more
> > but
> > > >> I
> > > >>>>> think this provides an overview of what is expected on
> graduation.
> > > >>>>>
> > > >>>>> Wilfred
> > > >>>>>
> > > >>>>> [1] https://www.apache.org/security/
> > > >>>>>
> > > >>>>> On Tue, 11 Jan 2022 at 18:21, Weiwei Yang <ww...@apache.org>
> wrote:
> > > >>>>>>
> > > >>>>>> Hi Wilfred
> > > >>>>>>
> > > >>>>>> Adding a security@ mailing list sounds like a good idea, but I
> do
> > > >>> not
> > > >>>>> think that is required in the current stage.
> > > >>>>>> We can do that post-graduate. For now, the Apache security doc
> > said
> > > >>>>>>
> > > >>>>>>> We strongly encourage you to report potential security
> > > >>>> vulnerabilities
> > > >>>>> to one of our private security mailing lists first, before
> > disclosing
> > > >>>> them
> > > >>>>> in a public forum.
> > > >>>>>>
> > > >>>>>> I do not see any issue if we use our private@ mailing list for
> > > >> this
> > > >>>>> purpose.
> > > >>>>>>
> > > >>>>>> On Mon, Jan 10, 2022 at 11:01 PM Wilfred Spiegelenburg <
> > > >>>>> wilfreds@apache.org> wrote:
> > > >>>>>>>
> > > >>>>>>> The private@ is a moderated list. This has two issues: a
> > > >> moderator
> > > >>>>>>> needs to approve any message not sent by a PMC member. This
> will
> > > >>> slow
> > > >>>>>>> down the process of interaction with the reporter. It would
> also
> > > >> not
> > > >>>>>>> reach the YuniKorn committers group as not all committers are
> > part
> > > >>> of
> > > >>>>>>> the PMC. Security issues should be handled and worked on by all
> > > >>>>>>> committers not just by the PMC members.
> > > >>>>>>>
> > > >>>>>>> The security notification update made to the website I think
> does
> > > >>> not
> > > >>>>>>> line up with the security guidelines referenced in the link
> > > >> provided
> > > >>>>>>> in the dropdown menu of the YuniKorn site [1]. In that link
> there
> > > >>> is a
> > > >>>>>>> well defined way to report security issues. If we need to
> enhance
> > > >>> and
> > > >>>>>>> extend what we do we either establish a security@ mailing list
> > > >> and
> > > >>>>>>> provide a static page with security related information on our
> > > >> site
> > > >>> or
> > > >>>>>>> we leave it as is. My preference would be to establish a
> > security@
> > > >>>>>>> list and make all committers a member of that list.
> > > >>>>>>>
> > > >>>>>>> I think we need to roll back the website changes part of
> > > >>> YUNIKORN-1006
> > > >>>>>>> [2] in PR [3] for the website.
> > > >>>>>>>
> > > >>>>>>> Wilfred
> > > >>>>>>>
> > > >>>>>>> [1] https://www.apache.org/security/
> > > >>>>>>> [2] https://issues.apache.org/jira/browse/YUNIKORN-1006
> > > >>>>>>> [3] https://github.com/apache/incubator-yunikorn-site/pull/105
> > > >>>>>>>
> > > >>>>>>> On Tue, 11 Jan 2022 at 04:45, Holden Karau <
> holden@pigscanfly.ca
> > >
> > > >>>>> wrote:
> > > >>>>>>>>
> > > >>>>>>>> For "The project provides a well-documented, secure and
> private
> > > >>>>> channel to report security issues, along with a documented way of
> > > >>>>> responding to them.' the standard that I've seen used is to tell
> > > >> people
> > > >>>> to
> > > >>>>> e-mail private@ when they think they might have a security
> related
> > > >>>> issue.
> > > >>>>> I think that would probably work well for Yunikorn too.
> > > >>>>>>>>
> > > >>>>>>>>
> > > >>>>>>>> On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
> > > >>>>> chenyazhangchenya@gmail.com> wrote:
> > > >>>>>>>>>
> > > >>>>>>>>> Hi Weiwei,
> > > >>>>>>>>>
> > > >>>>>>>>> Thanks for driving this! The evaluation is quite
> comprehensive
> > > >>>>> overall. I checked our Apache project maturity guidelines and
> > noticed
> > > >>> the
> > > >>>>> below three items. Not sure if we already have them but they are
> > not
> > > >>>>> blockers to our graduation. We could think more about them along
> > the
> > > >>> way.
> > > >>>>>>>>>
> > > >>>>>>>>> QU30
> > > >>>>>>>>>
> > > >>>>>>>>> The project provides a well-documented, secure and private
> > > >>> channel
> > > >>>>> to report security issues, along with a documented way of
> > responding
> > > >> to
> > > >>>>> them.
> > > >>>>>>>>>
> > > >>>>>>>>> QU40
> > > >>>>>>>>>
> > > >>>>>>>>> The project puts a high priority on backwards compatibility
> and
> > > >>>> aims
> > > >>>>> to document any incompatible changes and provide tools and
> > > >>> documentation
> > > >>>> to
> > > >>>>> help users transition to new features.
> > > >>>>>>>>>
> > > >>>>>>>>> CO50
> > > >>>>>>>>>
> > > >>>>>>>>> The project documents how contributors can earn more rights
> > > >> such
> > > >>> as
> > > >>>>> commit access or decision power, and applies these principles
> > > >>>> consistently.
> > > >>>>>>>>>
> > > >>>>>>>>>
> > > >>>>>>>>> Thanks,
> > > >>>>>>>>>
> > > >>>>>>>>> Chenya
> > > >>>>>>>>>
> > > >>>>>>>>>
> > > >>>>>>>>>
> > > >>>>>>>>> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <
> wwei@apache.org>
> > > >>>>> wrote:
> > > >>>>>>>>>>
> > > >>>>>>>>>> Hi YuniKorn community and mentors
> > > >>>>>>>>>>
> > > >>>>>>>>>> Based on the discussion thread [1], after 2 years time of
> > > >>>>> incubating, it is
> > > >>>>>>>>>> considered that now is a good time to graduate YuniKorn from
> > > >> the
> > > >>>> ASF
> > > >>>>>>>>>> incubator and become a top-level Apache project. We have
> > > >>> reviewed
> > > >>>>> the ASF
> > > >>>>>>>>>> project maturity model [2] and provided some assessment of
> the
> > > >>>>> project's
> > > >>>>>>>>>> maturity based on the guidelines. Details are included as
> the
> > > >>>>> following.
> > > >>>>>>>>>> Please read this and share your thoughts by replying to this
> > > >>>> email,
> > > >>>>> your
> > > >>>>>>>>>> feedback will be much appreciated!!!
> > > >>>>>>>>>>
> > > >>>>>>>>>> *Code, License, and Copyright*
> > > >>>>>>>>>>
> > > >>>>>>>>>> All code is maintained on github, under Apache 2.0 license.
> We
> > > >>>> have
> > > >>>>>>>>>> reviewed all the dependencies and ensured they do not bring
> > > >> any
> > > >>>>> license
> > > >>>>>>>>>> issues. All the status files, license headers, and copyright
> > > >> are
> > > >>>> up
> > > >>>>> to date.
> > > >>>>>>>>>>
> > > >>>>>>>>>> *Release*
> > > >>>>>>>>>>
> > > >>>>>>>>>> The community has released 5 releases in the past 2 years,
> i.e
> > > >>>>> v0.8, v0.9,
> > > >>>>>>>>>> v0.10, v0,11, and v0.12. These releases were done by 5
> > > >> different
> > > >>>>> release
> > > >>>>>>>>>> managers [3] and indicate the community can create releases
> > > >>>>> independently.
> > > >>>>>>>>>> We have also a well-documented release process, automated
> > > >> tools
> > > >>> to
> > > >>>>> help new
> > > >>>>>>>>>> release managers with the process.
> > > >>>>>>>>>>
> > > >>>>>>>>>> *Quality*
> > > >>>>>>>>>>
> > > >>>>>>>>>> The community has developed a comprehensive CI/CD pipeline
> as
> > > >> a
> > > >>>>> guard of
> > > >>>>>>>>>> the code quality. The pipeline runs per-commit license
> check,
> > > >>>>> code-format
> > > >>>>>>>>>> check, code-coverage check, UT, and end-to-end tests. All
> > > >> these
> > > >>>> are
> > > >>>>> built
> > > >>>>>>>>>> as automated github actions, new contributors can easily
> > > >> trigger
> > > >>>>> and view
> > > >>>>>>>>>> results when submitting patches.
> > > >>>>>>>>>>
> > > >>>>>>>>>> *Community*
> > > >>>>>>>>>>
> > > >>>>>>>>>> The community has developed an easy-to-read homepage for the
> > > >>>>> project [4],
> > > >>>>>>>>>> the website hosts all the materials related to the project
> > > >>>> including
> > > >>>>>>>>>> versioned documentation, user docs, developer docs, design
> > > >> docs,
> > > >>>>>>>>>> performance docs. It provides the top-level navigation to
> the
> > > >>>>> software
> > > >>>>>>>>>> download page, where links to all our previous releases. It
> > > >> also
> > > >>>>> has the
> > > >>>>>>>>>> pages for the new contributors on-boarding with the project,
> > > >>> such
> > > >>>>> as how to
> > > >>>>>>>>>> join community meetings, events links, etc.
> > > >>>>>>>>>>
> > > >>>>>>>>>> The community shows appreciation to all contributors and
> > > >>> welcomes
> > > >>>>> all kinds
> > > >>>>>>>>>> of contributions (not just for code). We have built an open,
> > > >>>> diverse
> > > >>>>>>>>>> community and gathered many people to work together. With
> > > >> that,
> > > >>> we
> > > >>>>> have 41
> > > >>>>>>>>>> unique code contributors and some non-code contributors as
> > > >> well.
> > > >>>>> Many of
> > > >>>>>>>>>> them have becoming to be committers and PPMC members while
> > > >>> working
> > > >>>>> with the
> > > >>>>>>>>>> community. There were 2 new mentors, 8 new committers, 2 new
> > > >>> PPMC
> > > >>>>> from 6
> > > >>>>>>>>>> different organizations [5] added in the incubating phase.
> And
> > > >>> in
> > > >>>>> total,
> > > >>>>>>>>>> the project has 6 mentors, 21 PPMC, and 27 committers from
> at
> > > >>>> least
> > > >>>>> 14
> > > >>>>>>>>>> different organizations. Community collaboration was done
> in a
> > > >>>>> wide-public,
> > > >>>>>>>>>> open manner, we leverage regular bi-weekly/weekly community
> > > >>>>> meetings for 2
> > > >>>>>>>>>> different timezones [6] and dev/user slack channels, mailing
> > > >>> lists
> > > >>>>> for
> > > >>>>>>>>>> offline discussions.
> > > >>>>>>>>>>
> > > >>>>>>>>>> *Independence*
> > > >>>>>>>>>>
> > > >>>>>>>>>> The project was initially donated by Cloudera, but with a
> > > >>> diverse
> > > >>>>> open
> > > >>>>>>>>>> source community, it has been operated as an independent
> > > >> project
> > > >>>>> since it
> > > >>>>>>>>>> entered into ASF incubator. The committers and PPMC members
> > > >> are
> > > >>> a
> > > >>>>> group of
> > > >>>>>>>>>> passionate people from at least 14 different organizations,
> > > >> such
> > > >>>> as
> > > >>>>>>>>>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft,
> > > >>>>> Snowflake, etc.
> > > >>>>>>>>>> The project's success is not depending on any single entity.
> > > >>>>>>>>>>
> > > >>>>>>>>>> I have enough reasons to believe the project has done
> > > >>> sustainable
> > > >>>>>>>>>> development successfully in the Apache way. Again, please
> > > >> share
> > > >>>> your
> > > >>>>>>>>>> thoughts, all YuniKorn contributors, committers, PPMC, and
> > > >>>> mentors.
> > > >>>>> Thank
> > > >>>>>>>>>> you!
> > > >>>>>>>>>>
> > > >>>>>>>>>> [1]
> > > >>>>> https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
> > > >>>>>>>>>> [2]
> > > >>>>>>>>>>
> > > >>>>>
> > > >>>>
> > > >>>
> > > >>
> >
> https://community.apache.org/apache-way/apache-project-maturity-model.html
> > > >>>>>>>>>>
> > > >>>>>>>>>> [3] https://yunikorn.apache.org/community/download
> > > >>>>>>>>>> [4] https://yunikorn.apache.org/
> > > >>>>>>>>>> [5] https://incubator.apache.org/projects/yunikorn.html
> > > >>>>>>>>>>
> > > >>>>>>>>>> [6]
> > > >>>>>>>>>>
> > > >>>>>
> > > >>>>
> > > >>>
> > > >>
> >
> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
> > > >>>>>>>>
> > > >>>>>>>>
> > > >>>>>>>>
> > > >>>>>>>> --
> > > >>>>>>>> Twitter: https://twitter.com/holdenkarau
> > > >>>>>>>> Books (Learning Spark, High Performance Spark, etc.):
> > > >>>>> https://amzn.to/2MaRAG9
> > > >>>>>>>> YouTube Live Streams:
> https://www.youtube.com/user/holdenkarau
> > > >>>>>
> > > >>>>>
> > ---------------------------------------------------------------------
> > > >>>>> To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> > > >>>>> For additional commands, e-mail: dev-help@yunikorn.apache.org
> > > >>>>>
> > > >>>>>
> > > >>>>
> > > >>>
> > > >>
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> > > For additional commands, e-mail: dev-help@yunikorn.apache.org
> > >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> > For additional commands, e-mail: dev-help@yunikorn.apache.org
> >
> >
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Chenya Zhang <ch...@gmail.com>]

Subscribed to the private list! 3 -> 2 ? :)

On Mon, Jan 24, 2022 at 6:02 PM Wilfred Spiegelenburg <wi...@apache.org>
wrote:

> When you check the status page [1] you will see that a wiki is no
> longer required.
> We can skip adding it.
>
> BTW: I added Chenya to the roster that increases the PPMC members not
> subscribed to 3 again after it was down to 2.
>
> Wilfred
>
> [1] https://incubator.apache.org/projects/yunikorn.html
>
>
> On Mon, 24 Jan 2022 at 13:12, Weiwei Yang <ab...@gmail.com> wrote:
> >
> > Hi Sunil
> >
> > I don’t think we ever have a wiki, do we still need to add that? I see
> some projects leave that empty as well.
> >
> > Sent from my iPhone
> >
> > > On Jan 23, 2022, at 2:07 PM, Sunil Govindan <su...@apache.org> wrote:
> > >
> > > @Weiwei Yang <ww...@apache.org>
> > > Could you please add WIKI as well to this?
> > >
> > > Thanks
> > > Sunil
> > >
> > >> On Sun, Jan 23, 2022 at 1:33 PM Weiwei Yang <ww...@apache.org> wrote:
> > >>
> > >> Thank you Felix.
> > >> I have added the initial podling status file:
> > >>
> > >>
> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/yunikorn.yml
> > >> .
> > >> Please let me know if that looks good or not.
> > >>
> > >>> On Sat, Jan 22, 2022 at 10:18 PM Sunil Govindan <su...@apache.org>
> wrote:
> > >>>
> > >>> I will reach out to them.
> > >>>
> > >>> Thanks
> > >>> Sunil
> > >>>
> > >>> On Sat, Jan 22, 2022 at 9:00 PM Felix Cheung <
> felixcheung_m@hotmail.com>
> > >>> wrote:
> > >>>
> > >>>> Pls add the podling status file
> > >>>>
> > >>>
> > >>
> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
> > >>>>
> > >>>> 3 ppmc members have not subscribed to private@
> > >>>>
> > >>>> These can be found on
> > >>>> https://whimsy.apache.org/roster/ppmc/yunikorn
> > >>>>
> > >>>> <
> > >>>
> > >>
> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
> > >>>>>
> > >>>> ________________________________
> > >>>> From: Weiwei Yang <ww...@apache.org>
> > >>>> Sent: Thursday, January 20, 2022 10:05:55 PM
> > >>>> To: dev@yunikorn.apache.org <de...@yunikorn.apache.org>
> > >>>> Cc: private@yunikorn.apache.org <pr...@yunikorn.apache.org>
> > >>>> Subject: Re: Apache YuniKorn (Incubating) - Community Graduation
> Vote
> > >>>>
> > >>>> hi all
> > >>>>
> > >>>> Most issues under the graduation preparation JIRA YUNIKORN-1005
> > >>>> <https://issues.apache.org/jira/browse/YUNIKORN-1005> are fixed.
> > >>>> The remaining one is the who-are-we web page, I am currently
> collecting
> > >>>> info for that, should be done by next week.
> > >>>> Shall we start to vote now? I can start a new thread for the
> community
> > >>>> voting if nobody has objections.
> > >>>>
> > >>>> On Tue, Jan 11, 2022 at 11:02 AM Wilfred Spiegelenburg <
> > >>>> wilfreds@apache.org>
> > >>>> wrote:
> > >>>>
> > >>>>> None of the security lists mentioned in the security page [1] are
> > >>>>> moderated. They are private lists, i.e. not openly available for
> > >>>>> browsing in an archive, but not moderated. Using the private@ for
> > >>>>> YuniKorn does not seem to line up with what other projects do
> either.
> > >>>>> None of the recently graduated projects mention anything like using
> > >>>>> the private@ mailing list on their sites. They all have just used
> > >> the
> > >>>>> general security link mentioned on their site unless they have a
> > >>>>> specific security@ list. YuniKorn would be the one standing out
> from
> > >>>>> what seems to be the norm.
> > >>>>> Examples from the last 2 years of graduated projects using a simple
> > >>>>> link or a text pointing to [1]: Pinot, Dolphinscheduler, Ratis,
> > >>>>> Echarts, Gobblin, TVM, Superset and Datasketches. There are more
> but
> > >> I
> > >>>>> think this provides an overview of what is expected on graduation.
> > >>>>>
> > >>>>> Wilfred
> > >>>>>
> > >>>>> [1] https://www.apache.org/security/
> > >>>>>
> > >>>>> On Tue, 11 Jan 2022 at 18:21, Weiwei Yang <ww...@apache.org> wrote:
> > >>>>>>
> > >>>>>> Hi Wilfred
> > >>>>>>
> > >>>>>> Adding a security@ mailing list sounds like a good idea, but I do
> > >>> not
> > >>>>> think that is required in the current stage.
> > >>>>>> We can do that post-graduate. For now, the Apache security doc
> said
> > >>>>>>
> > >>>>>>> We strongly encourage you to report potential security
> > >>>> vulnerabilities
> > >>>>> to one of our private security mailing lists first, before
> disclosing
> > >>>> them
> > >>>>> in a public forum.
> > >>>>>>
> > >>>>>> I do not see any issue if we use our private@ mailing list for
> > >> this
> > >>>>> purpose.
> > >>>>>>
> > >>>>>> On Mon, Jan 10, 2022 at 11:01 PM Wilfred Spiegelenburg <
> > >>>>> wilfreds@apache.org> wrote:
> > >>>>>>>
> > >>>>>>> The private@ is a moderated list. This has two issues: a
> > >> moderator
> > >>>>>>> needs to approve any message not sent by a PMC member. This will
> > >>> slow
> > >>>>>>> down the process of interaction with the reporter. It would also
> > >> not
> > >>>>>>> reach the YuniKorn committers group as not all committers are
> part
> > >>> of
> > >>>>>>> the PMC. Security issues should be handled and worked on by all
> > >>>>>>> committers not just by the PMC members.
> > >>>>>>>
> > >>>>>>> The security notification update made to the website I think does
> > >>> not
> > >>>>>>> line up with the security guidelines referenced in the link
> > >> provided
> > >>>>>>> in the dropdown menu of the YuniKorn site [1]. In that link there
> > >>> is a
> > >>>>>>> well defined way to report security issues. If we need to enhance
> > >>> and
> > >>>>>>> extend what we do we either establish a security@ mailing list
> > >> and
> > >>>>>>> provide a static page with security related information on our
> > >> site
> > >>> or
> > >>>>>>> we leave it as is. My preference would be to establish a
> security@
> > >>>>>>> list and make all committers a member of that list.
> > >>>>>>>
> > >>>>>>> I think we need to roll back the website changes part of
> > >>> YUNIKORN-1006
> > >>>>>>> [2] in PR [3] for the website.
> > >>>>>>>
> > >>>>>>> Wilfred
> > >>>>>>>
> > >>>>>>> [1] https://www.apache.org/security/
> > >>>>>>> [2] https://issues.apache.org/jira/browse/YUNIKORN-1006
> > >>>>>>> [3] https://github.com/apache/incubator-yunikorn-site/pull/105
> > >>>>>>>
> > >>>>>>> On Tue, 11 Jan 2022 at 04:45, Holden Karau <holden@pigscanfly.ca
> >
> > >>>>> wrote:
> > >>>>>>>>
> > >>>>>>>> For "The project provides a well-documented, secure and private
> > >>>>> channel to report security issues, along with a documented way of
> > >>>>> responding to them.' the standard that I've seen used is to tell
> > >> people
> > >>>> to
> > >>>>> e-mail private@ when they think they might have a security related
> > >>>> issue.
> > >>>>> I think that would probably work well for Yunikorn too.
> > >>>>>>>>
> > >>>>>>>>
> > >>>>>>>> On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
> > >>>>> chenyazhangchenya@gmail.com> wrote:
> > >>>>>>>>>
> > >>>>>>>>> Hi Weiwei,
> > >>>>>>>>>
> > >>>>>>>>> Thanks for driving this! The evaluation is quite comprehensive
> > >>>>> overall. I checked our Apache project maturity guidelines and
> noticed
> > >>> the
> > >>>>> below three items. Not sure if we already have them but they are
> not
> > >>>>> blockers to our graduation. We could think more about them along
> the
> > >>> way.
> > >>>>>>>>>
> > >>>>>>>>> QU30
> > >>>>>>>>>
> > >>>>>>>>> The project provides a well-documented, secure and private
> > >>> channel
> > >>>>> to report security issues, along with a documented way of
> responding
> > >> to
> > >>>>> them.
> > >>>>>>>>>
> > >>>>>>>>> QU40
> > >>>>>>>>>
> > >>>>>>>>> The project puts a high priority on backwards compatibility and
> > >>>> aims
> > >>>>> to document any incompatible changes and provide tools and
> > >>> documentation
> > >>>> to
> > >>>>> help users transition to new features.
> > >>>>>>>>>
> > >>>>>>>>> CO50
> > >>>>>>>>>
> > >>>>>>>>> The project documents how contributors can earn more rights
> > >> such
> > >>> as
> > >>>>> commit access or decision power, and applies these principles
> > >>>> consistently.
> > >>>>>>>>>
> > >>>>>>>>>
> > >>>>>>>>> Thanks,
> > >>>>>>>>>
> > >>>>>>>>> Chenya
> > >>>>>>>>>
> > >>>>>>>>>
> > >>>>>>>>>
> > >>>>>>>>> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org>
> > >>>>> wrote:
> > >>>>>>>>>>
> > >>>>>>>>>> Hi YuniKorn community and mentors
> > >>>>>>>>>>
> > >>>>>>>>>> Based on the discussion thread [1], after 2 years time of
> > >>>>> incubating, it is
> > >>>>>>>>>> considered that now is a good time to graduate YuniKorn from
> > >> the
> > >>>> ASF
> > >>>>>>>>>> incubator and become a top-level Apache project. We have
> > >>> reviewed
> > >>>>> the ASF
> > >>>>>>>>>> project maturity model [2] and provided some assessment of the
> > >>>>> project's
> > >>>>>>>>>> maturity based on the guidelines. Details are included as the
> > >>>>> following.
> > >>>>>>>>>> Please read this and share your thoughts by replying to this
> > >>>> email,
> > >>>>> your
> > >>>>>>>>>> feedback will be much appreciated!!!
> > >>>>>>>>>>
> > >>>>>>>>>> *Code, License, and Copyright*
> > >>>>>>>>>>
> > >>>>>>>>>> All code is maintained on github, under Apache 2.0 license. We
> > >>>> have
> > >>>>>>>>>> reviewed all the dependencies and ensured they do not bring
> > >> any
> > >>>>> license
> > >>>>>>>>>> issues. All the status files, license headers, and copyright
> > >> are
> > >>>> up
> > >>>>> to date.
> > >>>>>>>>>>
> > >>>>>>>>>> *Release*
> > >>>>>>>>>>
> > >>>>>>>>>> The community has released 5 releases in the past 2 years, i.e
> > >>>>> v0.8, v0.9,
> > >>>>>>>>>> v0.10, v0,11, and v0.12. These releases were done by 5
> > >> different
> > >>>>> release
> > >>>>>>>>>> managers [3] and indicate the community can create releases
> > >>>>> independently.
> > >>>>>>>>>> We have also a well-documented release process, automated
> > >> tools
> > >>> to
> > >>>>> help new
> > >>>>>>>>>> release managers with the process.
> > >>>>>>>>>>
> > >>>>>>>>>> *Quality*
> > >>>>>>>>>>
> > >>>>>>>>>> The community has developed a comprehensive CI/CD pipeline as
> > >> a
> > >>>>> guard of
> > >>>>>>>>>> the code quality. The pipeline runs per-commit license check,
> > >>>>> code-format
> > >>>>>>>>>> check, code-coverage check, UT, and end-to-end tests. All
> > >> these
> > >>>> are
> > >>>>> built
> > >>>>>>>>>> as automated github actions, new contributors can easily
> > >> trigger
> > >>>>> and view
> > >>>>>>>>>> results when submitting patches.
> > >>>>>>>>>>
> > >>>>>>>>>> *Community*
> > >>>>>>>>>>
> > >>>>>>>>>> The community has developed an easy-to-read homepage for the
> > >>>>> project [4],
> > >>>>>>>>>> the website hosts all the materials related to the project
> > >>>> including
> > >>>>>>>>>> versioned documentation, user docs, developer docs, design
> > >> docs,
> > >>>>>>>>>> performance docs. It provides the top-level navigation to the
> > >>>>> software
> > >>>>>>>>>> download page, where links to all our previous releases. It
> > >> also
> > >>>>> has the
> > >>>>>>>>>> pages for the new contributors on-boarding with the project,
> > >>> such
> > >>>>> as how to
> > >>>>>>>>>> join community meetings, events links, etc.
> > >>>>>>>>>>
> > >>>>>>>>>> The community shows appreciation to all contributors and
> > >>> welcomes
> > >>>>> all kinds
> > >>>>>>>>>> of contributions (not just for code). We have built an open,
> > >>>> diverse
> > >>>>>>>>>> community and gathered many people to work together. With
> > >> that,
> > >>> we
> > >>>>> have 41
> > >>>>>>>>>> unique code contributors and some non-code contributors as
> > >> well.
> > >>>>> Many of
> > >>>>>>>>>> them have becoming to be committers and PPMC members while
> > >>> working
> > >>>>> with the
> > >>>>>>>>>> community. There were 2 new mentors, 8 new committers, 2 new
> > >>> PPMC
> > >>>>> from 6
> > >>>>>>>>>> different organizations [5] added in the incubating phase. And
> > >>> in
> > >>>>> total,
> > >>>>>>>>>> the project has 6 mentors, 21 PPMC, and 27 committers from at
> > >>>> least
> > >>>>> 14
> > >>>>>>>>>> different organizations. Community collaboration was done in a
> > >>>>> wide-public,
> > >>>>>>>>>> open manner, we leverage regular bi-weekly/weekly community
> > >>>>> meetings for 2
> > >>>>>>>>>> different timezones [6] and dev/user slack channels, mailing
> > >>> lists
> > >>>>> for
> > >>>>>>>>>> offline discussions.
> > >>>>>>>>>>
> > >>>>>>>>>> *Independence*
> > >>>>>>>>>>
> > >>>>>>>>>> The project was initially donated by Cloudera, but with a
> > >>> diverse
> > >>>>> open
> > >>>>>>>>>> source community, it has been operated as an independent
> > >> project
> > >>>>> since it
> > >>>>>>>>>> entered into ASF incubator. The committers and PPMC members
> > >> are
> > >>> a
> > >>>>> group of
> > >>>>>>>>>> passionate people from at least 14 different organizations,
> > >> such
> > >>>> as
> > >>>>>>>>>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft,
> > >>>>> Snowflake, etc.
> > >>>>>>>>>> The project's success is not depending on any single entity.
> > >>>>>>>>>>
> > >>>>>>>>>> I have enough reasons to believe the project has done
> > >>> sustainable
> > >>>>>>>>>> development successfully in the Apache way. Again, please
> > >> share
> > >>>> your
> > >>>>>>>>>> thoughts, all YuniKorn contributors, committers, PPMC, and
> > >>>> mentors.
> > >>>>> Thank
> > >>>>>>>>>> you!
> > >>>>>>>>>>
> > >>>>>>>>>> [1]
> > >>>>> https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
> > >>>>>>>>>> [2]
> > >>>>>>>>>>
> > >>>>>
> > >>>>
> > >>>
> > >>
> https://community.apache.org/apache-way/apache-project-maturity-model.html
> > >>>>>>>>>>
> > >>>>>>>>>> [3] https://yunikorn.apache.org/community/download
> > >>>>>>>>>> [4] https://yunikorn.apache.org/
> > >>>>>>>>>> [5] https://incubator.apache.org/projects/yunikorn.html
> > >>>>>>>>>>
> > >>>>>>>>>> [6]
> > >>>>>>>>>>
> > >>>>>
> > >>>>
> > >>>
> > >>
> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
> > >>>>>>>>
> > >>>>>>>>
> > >>>>>>>>
> > >>>>>>>> --
> > >>>>>>>> Twitter: https://twitter.com/holdenkarau
> > >>>>>>>> Books (Learning Spark, High Performance Spark, etc.):
> > >>>>> https://amzn.to/2MaRAG9
> > >>>>>>>> YouTube Live Streams: https://www.youtube.com/user/holdenkarau
> > >>>>>
> > >>>>>
> ---------------------------------------------------------------------
> > >>>>> To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> > >>>>> For additional commands, e-mail: dev-help@yunikorn.apache.org
> > >>>>>
> > >>>>>
> > >>>>
> > >>>
> > >>
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> > For additional commands, e-mail: dev-help@yunikorn.apache.org
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> For additional commands, e-mail: dev-help@yunikorn.apache.org
>
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Wilfred Spiegelenburg <wi...@apache.org>]

When you check the status page [1] you will see that a wiki is no
longer required.
We can skip adding it.

BTW: I added Chenya to the roster that increases the PPMC members not
subscribed to 3 again after it was down to 2.

Wilfred

[1] https://incubator.apache.org/projects/yunikorn.html


On Mon, 24 Jan 2022 at 13:12, Weiwei Yang <ab...@gmail.com> wrote:
>
> Hi Sunil
>
> I don’t think we ever have a wiki, do we still need to add that? I see some projects leave that empty as well.
>
> Sent from my iPhone
>
> > On Jan 23, 2022, at 2:07 PM, Sunil Govindan <su...@apache.org> wrote:
> >
> > @Weiwei Yang <ww...@apache.org>
> > Could you please add WIKI as well to this?
> >
> > Thanks
> > Sunil
> >
> >> On Sun, Jan 23, 2022 at 1:33 PM Weiwei Yang <ww...@apache.org> wrote:
> >>
> >> Thank you Felix.
> >> I have added the initial podling status file:
> >>
> >> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/yunikorn.yml
> >> .
> >> Please let me know if that looks good or not.
> >>
> >>> On Sat, Jan 22, 2022 at 10:18 PM Sunil Govindan <su...@apache.org> wrote:
> >>>
> >>> I will reach out to them.
> >>>
> >>> Thanks
> >>> Sunil
> >>>
> >>> On Sat, Jan 22, 2022 at 9:00 PM Felix Cheung <fe...@hotmail.com>
> >>> wrote:
> >>>
> >>>> Pls add the podling status file
> >>>>
> >>>
> >> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
> >>>>
> >>>> 3 ppmc members have not subscribed to private@
> >>>>
> >>>> These can be found on
> >>>> https://whimsy.apache.org/roster/ppmc/yunikorn
> >>>>
> >>>> <
> >>>
> >> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
> >>>>>
> >>>> ________________________________
> >>>> From: Weiwei Yang <ww...@apache.org>
> >>>> Sent: Thursday, January 20, 2022 10:05:55 PM
> >>>> To: dev@yunikorn.apache.org <de...@yunikorn.apache.org>
> >>>> Cc: private@yunikorn.apache.org <pr...@yunikorn.apache.org>
> >>>> Subject: Re: Apache YuniKorn (Incubating) - Community Graduation Vote
> >>>>
> >>>> hi all
> >>>>
> >>>> Most issues under the graduation preparation JIRA YUNIKORN-1005
> >>>> <https://issues.apache.org/jira/browse/YUNIKORN-1005> are fixed.
> >>>> The remaining one is the who-are-we web page, I am currently collecting
> >>>> info for that, should be done by next week.
> >>>> Shall we start to vote now? I can start a new thread for the community
> >>>> voting if nobody has objections.
> >>>>
> >>>> On Tue, Jan 11, 2022 at 11:02 AM Wilfred Spiegelenburg <
> >>>> wilfreds@apache.org>
> >>>> wrote:
> >>>>
> >>>>> None of the security lists mentioned in the security page [1] are
> >>>>> moderated. They are private lists, i.e. not openly available for
> >>>>> browsing in an archive, but not moderated. Using the private@ for
> >>>>> YuniKorn does not seem to line up with what other projects do either.
> >>>>> None of the recently graduated projects mention anything like using
> >>>>> the private@ mailing list on their sites. They all have just used
> >> the
> >>>>> general security link mentioned on their site unless they have a
> >>>>> specific security@ list. YuniKorn would be the one standing out from
> >>>>> what seems to be the norm.
> >>>>> Examples from the last 2 years of graduated projects using a simple
> >>>>> link or a text pointing to [1]: Pinot, Dolphinscheduler, Ratis,
> >>>>> Echarts, Gobblin, TVM, Superset and Datasketches. There are more but
> >> I
> >>>>> think this provides an overview of what is expected on graduation.
> >>>>>
> >>>>> Wilfred
> >>>>>
> >>>>> [1] https://www.apache.org/security/
> >>>>>
> >>>>> On Tue, 11 Jan 2022 at 18:21, Weiwei Yang <ww...@apache.org> wrote:
> >>>>>>
> >>>>>> Hi Wilfred
> >>>>>>
> >>>>>> Adding a security@ mailing list sounds like a good idea, but I do
> >>> not
> >>>>> think that is required in the current stage.
> >>>>>> We can do that post-graduate. For now, the Apache security doc said
> >>>>>>
> >>>>>>> We strongly encourage you to report potential security
> >>>> vulnerabilities
> >>>>> to one of our private security mailing lists first, before disclosing
> >>>> them
> >>>>> in a public forum.
> >>>>>>
> >>>>>> I do not see any issue if we use our private@ mailing list for
> >> this
> >>>>> purpose.
> >>>>>>
> >>>>>> On Mon, Jan 10, 2022 at 11:01 PM Wilfred Spiegelenburg <
> >>>>> wilfreds@apache.org> wrote:
> >>>>>>>
> >>>>>>> The private@ is a moderated list. This has two issues: a
> >> moderator
> >>>>>>> needs to approve any message not sent by a PMC member. This will
> >>> slow
> >>>>>>> down the process of interaction with the reporter. It would also
> >> not
> >>>>>>> reach the YuniKorn committers group as not all committers are part
> >>> of
> >>>>>>> the PMC. Security issues should be handled and worked on by all
> >>>>>>> committers not just by the PMC members.
> >>>>>>>
> >>>>>>> The security notification update made to the website I think does
> >>> not
> >>>>>>> line up with the security guidelines referenced in the link
> >> provided
> >>>>>>> in the dropdown menu of the YuniKorn site [1]. In that link there
> >>> is a
> >>>>>>> well defined way to report security issues. If we need to enhance
> >>> and
> >>>>>>> extend what we do we either establish a security@ mailing list
> >> and
> >>>>>>> provide a static page with security related information on our
> >> site
> >>> or
> >>>>>>> we leave it as is. My preference would be to establish a security@
> >>>>>>> list and make all committers a member of that list.
> >>>>>>>
> >>>>>>> I think we need to roll back the website changes part of
> >>> YUNIKORN-1006
> >>>>>>> [2] in PR [3] for the website.
> >>>>>>>
> >>>>>>> Wilfred
> >>>>>>>
> >>>>>>> [1] https://www.apache.org/security/
> >>>>>>> [2] https://issues.apache.org/jira/browse/YUNIKORN-1006
> >>>>>>> [3] https://github.com/apache/incubator-yunikorn-site/pull/105
> >>>>>>>
> >>>>>>> On Tue, 11 Jan 2022 at 04:45, Holden Karau <ho...@pigscanfly.ca>
> >>>>> wrote:
> >>>>>>>>
> >>>>>>>> For "The project provides a well-documented, secure and private
> >>>>> channel to report security issues, along with a documented way of
> >>>>> responding to them.' the standard that I've seen used is to tell
> >> people
> >>>> to
> >>>>> e-mail private@ when they think they might have a security related
> >>>> issue.
> >>>>> I think that would probably work well for Yunikorn too.
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
> >>>>> chenyazhangchenya@gmail.com> wrote:
> >>>>>>>>>
> >>>>>>>>> Hi Weiwei,
> >>>>>>>>>
> >>>>>>>>> Thanks for driving this! The evaluation is quite comprehensive
> >>>>> overall. I checked our Apache project maturity guidelines and noticed
> >>> the
> >>>>> below three items. Not sure if we already have them but they are not
> >>>>> blockers to our graduation. We could think more about them along the
> >>> way.
> >>>>>>>>>
> >>>>>>>>> QU30
> >>>>>>>>>
> >>>>>>>>> The project provides a well-documented, secure and private
> >>> channel
> >>>>> to report security issues, along with a documented way of responding
> >> to
> >>>>> them.
> >>>>>>>>>
> >>>>>>>>> QU40
> >>>>>>>>>
> >>>>>>>>> The project puts a high priority on backwards compatibility and
> >>>> aims
> >>>>> to document any incompatible changes and provide tools and
> >>> documentation
> >>>> to
> >>>>> help users transition to new features.
> >>>>>>>>>
> >>>>>>>>> CO50
> >>>>>>>>>
> >>>>>>>>> The project documents how contributors can earn more rights
> >> such
> >>> as
> >>>>> commit access or decision power, and applies these principles
> >>>> consistently.
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> Thanks,
> >>>>>>>>>
> >>>>>>>>> Chenya
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org>
> >>>>> wrote:
> >>>>>>>>>>
> >>>>>>>>>> Hi YuniKorn community and mentors
> >>>>>>>>>>
> >>>>>>>>>> Based on the discussion thread [1], after 2 years time of
> >>>>> incubating, it is
> >>>>>>>>>> considered that now is a good time to graduate YuniKorn from
> >> the
> >>>> ASF
> >>>>>>>>>> incubator and become a top-level Apache project. We have
> >>> reviewed
> >>>>> the ASF
> >>>>>>>>>> project maturity model [2] and provided some assessment of the
> >>>>> project's
> >>>>>>>>>> maturity based on the guidelines. Details are included as the
> >>>>> following.
> >>>>>>>>>> Please read this and share your thoughts by replying to this
> >>>> email,
> >>>>> your
> >>>>>>>>>> feedback will be much appreciated!!!
> >>>>>>>>>>
> >>>>>>>>>> *Code, License, and Copyright*
> >>>>>>>>>>
> >>>>>>>>>> All code is maintained on github, under Apache 2.0 license. We
> >>>> have
> >>>>>>>>>> reviewed all the dependencies and ensured they do not bring
> >> any
> >>>>> license
> >>>>>>>>>> issues. All the status files, license headers, and copyright
> >> are
> >>>> up
> >>>>> to date.
> >>>>>>>>>>
> >>>>>>>>>> *Release*
> >>>>>>>>>>
> >>>>>>>>>> The community has released 5 releases in the past 2 years, i.e
> >>>>> v0.8, v0.9,
> >>>>>>>>>> v0.10, v0,11, and v0.12. These releases were done by 5
> >> different
> >>>>> release
> >>>>>>>>>> managers [3] and indicate the community can create releases
> >>>>> independently.
> >>>>>>>>>> We have also a well-documented release process, automated
> >> tools
> >>> to
> >>>>> help new
> >>>>>>>>>> release managers with the process.
> >>>>>>>>>>
> >>>>>>>>>> *Quality*
> >>>>>>>>>>
> >>>>>>>>>> The community has developed a comprehensive CI/CD pipeline as
> >> a
> >>>>> guard of
> >>>>>>>>>> the code quality. The pipeline runs per-commit license check,
> >>>>> code-format
> >>>>>>>>>> check, code-coverage check, UT, and end-to-end tests. All
> >> these
> >>>> are
> >>>>> built
> >>>>>>>>>> as automated github actions, new contributors can easily
> >> trigger
> >>>>> and view
> >>>>>>>>>> results when submitting patches.
> >>>>>>>>>>
> >>>>>>>>>> *Community*
> >>>>>>>>>>
> >>>>>>>>>> The community has developed an easy-to-read homepage for the
> >>>>> project [4],
> >>>>>>>>>> the website hosts all the materials related to the project
> >>>> including
> >>>>>>>>>> versioned documentation, user docs, developer docs, design
> >> docs,
> >>>>>>>>>> performance docs. It provides the top-level navigation to the
> >>>>> software
> >>>>>>>>>> download page, where links to all our previous releases. It
> >> also
> >>>>> has the
> >>>>>>>>>> pages for the new contributors on-boarding with the project,
> >>> such
> >>>>> as how to
> >>>>>>>>>> join community meetings, events links, etc.
> >>>>>>>>>>
> >>>>>>>>>> The community shows appreciation to all contributors and
> >>> welcomes
> >>>>> all kinds
> >>>>>>>>>> of contributions (not just for code). We have built an open,
> >>>> diverse
> >>>>>>>>>> community and gathered many people to work together. With
> >> that,
> >>> we
> >>>>> have 41
> >>>>>>>>>> unique code contributors and some non-code contributors as
> >> well.
> >>>>> Many of
> >>>>>>>>>> them have becoming to be committers and PPMC members while
> >>> working
> >>>>> with the
> >>>>>>>>>> community. There were 2 new mentors, 8 new committers, 2 new
> >>> PPMC
> >>>>> from 6
> >>>>>>>>>> different organizations [5] added in the incubating phase. And
> >>> in
> >>>>> total,
> >>>>>>>>>> the project has 6 mentors, 21 PPMC, and 27 committers from at
> >>>> least
> >>>>> 14
> >>>>>>>>>> different organizations. Community collaboration was done in a
> >>>>> wide-public,
> >>>>>>>>>> open manner, we leverage regular bi-weekly/weekly community
> >>>>> meetings for 2
> >>>>>>>>>> different timezones [6] and dev/user slack channels, mailing
> >>> lists
> >>>>> for
> >>>>>>>>>> offline discussions.
> >>>>>>>>>>
> >>>>>>>>>> *Independence*
> >>>>>>>>>>
> >>>>>>>>>> The project was initially donated by Cloudera, but with a
> >>> diverse
> >>>>> open
> >>>>>>>>>> source community, it has been operated as an independent
> >> project
> >>>>> since it
> >>>>>>>>>> entered into ASF incubator. The committers and PPMC members
> >> are
> >>> a
> >>>>> group of
> >>>>>>>>>> passionate people from at least 14 different organizations,
> >> such
> >>>> as
> >>>>>>>>>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft,
> >>>>> Snowflake, etc.
> >>>>>>>>>> The project's success is not depending on any single entity.
> >>>>>>>>>>
> >>>>>>>>>> I have enough reasons to believe the project has done
> >>> sustainable
> >>>>>>>>>> development successfully in the Apache way. Again, please
> >> share
> >>>> your
> >>>>>>>>>> thoughts, all YuniKorn contributors, committers, PPMC, and
> >>>> mentors.
> >>>>> Thank
> >>>>>>>>>> you!
> >>>>>>>>>>
> >>>>>>>>>> [1]
> >>>>> https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
> >>>>>>>>>> [2]
> >>>>>>>>>>
> >>>>>
> >>>>
> >>>
> >> https://community.apache.org/apache-way/apache-project-maturity-model.html
> >>>>>>>>>>
> >>>>>>>>>> [3] https://yunikorn.apache.org/community/download
> >>>>>>>>>> [4] https://yunikorn.apache.org/
> >>>>>>>>>> [5] https://incubator.apache.org/projects/yunikorn.html
> >>>>>>>>>>
> >>>>>>>>>> [6]
> >>>>>>>>>>
> >>>>>
> >>>>
> >>>
> >> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> --
> >>>>>>>> Twitter: https://twitter.com/holdenkarau
> >>>>>>>> Books (Learning Spark, High Performance Spark, etc.):
> >>>>> https://amzn.to/2MaRAG9
> >>>>>>>> YouTube Live Streams: https://www.youtube.com/user/holdenkarau
> >>>>>
> >>>>> ---------------------------------------------------------------------
> >>>>> To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> >>>>> For additional commands, e-mail: dev-help@yunikorn.apache.org
> >>>>>
> >>>>>
> >>>>
> >>>
> >>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> For additional commands, e-mail: dev-help@yunikorn.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
For additional commands, e-mail: dev-help@yunikorn.apache.org

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Weiwei Yang <ab...@gmail.com>]

Hi Sunil

I don’t think we ever have a wiki, do we still need to add that? I see some projects leave that empty as well.

Sent from my iPhone

> On Jan 23, 2022, at 2:07 PM, Sunil Govindan <su...@apache.org> wrote:
> 
> @Weiwei Yang <ww...@apache.org>
> Could you please add WIKI as well to this?
> 
> Thanks
> Sunil
> 
>> On Sun, Jan 23, 2022 at 1:33 PM Weiwei Yang <ww...@apache.org> wrote:
>> 
>> Thank you Felix.
>> I have added the initial podling status file:
>> 
>> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/yunikorn.yml
>> .
>> Please let me know if that looks good or not.
>> 
>>> On Sat, Jan 22, 2022 at 10:18 PM Sunil Govindan <su...@apache.org> wrote:
>>> 
>>> I will reach out to them.
>>> 
>>> Thanks
>>> Sunil
>>> 
>>> On Sat, Jan 22, 2022 at 9:00 PM Felix Cheung <fe...@hotmail.com>
>>> wrote:
>>> 
>>>> Pls add the podling status file
>>>> 
>>> 
>> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
>>>> 
>>>> 3 ppmc members have not subscribed to private@
>>>> 
>>>> These can be found on
>>>> https://whimsy.apache.org/roster/ppmc/yunikorn
>>>> 
>>>> <
>>> 
>> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
>>>>> 
>>>> ________________________________
>>>> From: Weiwei Yang <ww...@apache.org>
>>>> Sent: Thursday, January 20, 2022 10:05:55 PM
>>>> To: dev@yunikorn.apache.org <de...@yunikorn.apache.org>
>>>> Cc: private@yunikorn.apache.org <pr...@yunikorn.apache.org>
>>>> Subject: Re: Apache YuniKorn (Incubating) - Community Graduation Vote
>>>> 
>>>> hi all
>>>> 
>>>> Most issues under the graduation preparation JIRA YUNIKORN-1005
>>>> <https://issues.apache.org/jira/browse/YUNIKORN-1005> are fixed.
>>>> The remaining one is the who-are-we web page, I am currently collecting
>>>> info for that, should be done by next week.
>>>> Shall we start to vote now? I can start a new thread for the community
>>>> voting if nobody has objections.
>>>> 
>>>> On Tue, Jan 11, 2022 at 11:02 AM Wilfred Spiegelenburg <
>>>> wilfreds@apache.org>
>>>> wrote:
>>>> 
>>>>> None of the security lists mentioned in the security page [1] are
>>>>> moderated. They are private lists, i.e. not openly available for
>>>>> browsing in an archive, but not moderated. Using the private@ for
>>>>> YuniKorn does not seem to line up with what other projects do either.
>>>>> None of the recently graduated projects mention anything like using
>>>>> the private@ mailing list on their sites. They all have just used
>> the
>>>>> general security link mentioned on their site unless they have a
>>>>> specific security@ list. YuniKorn would be the one standing out from
>>>>> what seems to be the norm.
>>>>> Examples from the last 2 years of graduated projects using a simple
>>>>> link or a text pointing to [1]: Pinot, Dolphinscheduler, Ratis,
>>>>> Echarts, Gobblin, TVM, Superset and Datasketches. There are more but
>> I
>>>>> think this provides an overview of what is expected on graduation.
>>>>> 
>>>>> Wilfred
>>>>> 
>>>>> [1] https://www.apache.org/security/
>>>>> 
>>>>> On Tue, 11 Jan 2022 at 18:21, Weiwei Yang <ww...@apache.org> wrote:
>>>>>> 
>>>>>> Hi Wilfred
>>>>>> 
>>>>>> Adding a security@ mailing list sounds like a good idea, but I do
>>> not
>>>>> think that is required in the current stage.
>>>>>> We can do that post-graduate. For now, the Apache security doc said
>>>>>> 
>>>>>>> We strongly encourage you to report potential security
>>>> vulnerabilities
>>>>> to one of our private security mailing lists first, before disclosing
>>>> them
>>>>> in a public forum.
>>>>>> 
>>>>>> I do not see any issue if we use our private@ mailing list for
>> this
>>>>> purpose.
>>>>>> 
>>>>>> On Mon, Jan 10, 2022 at 11:01 PM Wilfred Spiegelenburg <
>>>>> wilfreds@apache.org> wrote:
>>>>>>> 
>>>>>>> The private@ is a moderated list. This has two issues: a
>> moderator
>>>>>>> needs to approve any message not sent by a PMC member. This will
>>> slow
>>>>>>> down the process of interaction with the reporter. It would also
>> not
>>>>>>> reach the YuniKorn committers group as not all committers are part
>>> of
>>>>>>> the PMC. Security issues should be handled and worked on by all
>>>>>>> committers not just by the PMC members.
>>>>>>> 
>>>>>>> The security notification update made to the website I think does
>>> not
>>>>>>> line up with the security guidelines referenced in the link
>> provided
>>>>>>> in the dropdown menu of the YuniKorn site [1]. In that link there
>>> is a
>>>>>>> well defined way to report security issues. If we need to enhance
>>> and
>>>>>>> extend what we do we either establish a security@ mailing list
>> and
>>>>>>> provide a static page with security related information on our
>> site
>>> or
>>>>>>> we leave it as is. My preference would be to establish a security@
>>>>>>> list and make all committers a member of that list.
>>>>>>> 
>>>>>>> I think we need to roll back the website changes part of
>>> YUNIKORN-1006
>>>>>>> [2] in PR [3] for the website.
>>>>>>> 
>>>>>>> Wilfred
>>>>>>> 
>>>>>>> [1] https://www.apache.org/security/
>>>>>>> [2] https://issues.apache.org/jira/browse/YUNIKORN-1006
>>>>>>> [3] https://github.com/apache/incubator-yunikorn-site/pull/105
>>>>>>> 
>>>>>>> On Tue, 11 Jan 2022 at 04:45, Holden Karau <ho...@pigscanfly.ca>
>>>>> wrote:
>>>>>>>> 
>>>>>>>> For "The project provides a well-documented, secure and private
>>>>> channel to report security issues, along with a documented way of
>>>>> responding to them.' the standard that I've seen used is to tell
>> people
>>>> to
>>>>> e-mail private@ when they think they might have a security related
>>>> issue.
>>>>> I think that would probably work well for Yunikorn too.
>>>>>>>> 
>>>>>>>> 
>>>>>>>> On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
>>>>> chenyazhangchenya@gmail.com> wrote:
>>>>>>>>> 
>>>>>>>>> Hi Weiwei,
>>>>>>>>> 
>>>>>>>>> Thanks for driving this! The evaluation is quite comprehensive
>>>>> overall. I checked our Apache project maturity guidelines and noticed
>>> the
>>>>> below three items. Not sure if we already have them but they are not
>>>>> blockers to our graduation. We could think more about them along the
>>> way.
>>>>>>>>> 
>>>>>>>>> QU30
>>>>>>>>> 
>>>>>>>>> The project provides a well-documented, secure and private
>>> channel
>>>>> to report security issues, along with a documented way of responding
>> to
>>>>> them.
>>>>>>>>> 
>>>>>>>>> QU40
>>>>>>>>> 
>>>>>>>>> The project puts a high priority on backwards compatibility and
>>>> aims
>>>>> to document any incompatible changes and provide tools and
>>> documentation
>>>> to
>>>>> help users transition to new features.
>>>>>>>>> 
>>>>>>>>> CO50
>>>>>>>>> 
>>>>>>>>> The project documents how contributors can earn more rights
>> such
>>> as
>>>>> commit access or decision power, and applies these principles
>>>> consistently.
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> Thanks,
>>>>>>>>> 
>>>>>>>>> Chenya
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org>
>>>>> wrote:
>>>>>>>>>> 
>>>>>>>>>> Hi YuniKorn community and mentors
>>>>>>>>>> 
>>>>>>>>>> Based on the discussion thread [1], after 2 years time of
>>>>> incubating, it is
>>>>>>>>>> considered that now is a good time to graduate YuniKorn from
>> the
>>>> ASF
>>>>>>>>>> incubator and become a top-level Apache project. We have
>>> reviewed
>>>>> the ASF
>>>>>>>>>> project maturity model [2] and provided some assessment of the
>>>>> project's
>>>>>>>>>> maturity based on the guidelines. Details are included as the
>>>>> following.
>>>>>>>>>> Please read this and share your thoughts by replying to this
>>>> email,
>>>>> your
>>>>>>>>>> feedback will be much appreciated!!!
>>>>>>>>>> 
>>>>>>>>>> *Code, License, and Copyright*
>>>>>>>>>> 
>>>>>>>>>> All code is maintained on github, under Apache 2.0 license. We
>>>> have
>>>>>>>>>> reviewed all the dependencies and ensured they do not bring
>> any
>>>>> license
>>>>>>>>>> issues. All the status files, license headers, and copyright
>> are
>>>> up
>>>>> to date.
>>>>>>>>>> 
>>>>>>>>>> *Release*
>>>>>>>>>> 
>>>>>>>>>> The community has released 5 releases in the past 2 years, i.e
>>>>> v0.8, v0.9,
>>>>>>>>>> v0.10, v0,11, and v0.12. These releases were done by 5
>> different
>>>>> release
>>>>>>>>>> managers [3] and indicate the community can create releases
>>>>> independently.
>>>>>>>>>> We have also a well-documented release process, automated
>> tools
>>> to
>>>>> help new
>>>>>>>>>> release managers with the process.
>>>>>>>>>> 
>>>>>>>>>> *Quality*
>>>>>>>>>> 
>>>>>>>>>> The community has developed a comprehensive CI/CD pipeline as
>> a
>>>>> guard of
>>>>>>>>>> the code quality. The pipeline runs per-commit license check,
>>>>> code-format
>>>>>>>>>> check, code-coverage check, UT, and end-to-end tests. All
>> these
>>>> are
>>>>> built
>>>>>>>>>> as automated github actions, new contributors can easily
>> trigger
>>>>> and view
>>>>>>>>>> results when submitting patches.
>>>>>>>>>> 
>>>>>>>>>> *Community*
>>>>>>>>>> 
>>>>>>>>>> The community has developed an easy-to-read homepage for the
>>>>> project [4],
>>>>>>>>>> the website hosts all the materials related to the project
>>>> including
>>>>>>>>>> versioned documentation, user docs, developer docs, design
>> docs,
>>>>>>>>>> performance docs. It provides the top-level navigation to the
>>>>> software
>>>>>>>>>> download page, where links to all our previous releases. It
>> also
>>>>> has the
>>>>>>>>>> pages for the new contributors on-boarding with the project,
>>> such
>>>>> as how to
>>>>>>>>>> join community meetings, events links, etc.
>>>>>>>>>> 
>>>>>>>>>> The community shows appreciation to all contributors and
>>> welcomes
>>>>> all kinds
>>>>>>>>>> of contributions (not just for code). We have built an open,
>>>> diverse
>>>>>>>>>> community and gathered many people to work together. With
>> that,
>>> we
>>>>> have 41
>>>>>>>>>> unique code contributors and some non-code contributors as
>> well.
>>>>> Many of
>>>>>>>>>> them have becoming to be committers and PPMC members while
>>> working
>>>>> with the
>>>>>>>>>> community. There were 2 new mentors, 8 new committers, 2 new
>>> PPMC
>>>>> from 6
>>>>>>>>>> different organizations [5] added in the incubating phase. And
>>> in
>>>>> total,
>>>>>>>>>> the project has 6 mentors, 21 PPMC, and 27 committers from at
>>>> least
>>>>> 14
>>>>>>>>>> different organizations. Community collaboration was done in a
>>>>> wide-public,
>>>>>>>>>> open manner, we leverage regular bi-weekly/weekly community
>>>>> meetings for 2
>>>>>>>>>> different timezones [6] and dev/user slack channels, mailing
>>> lists
>>>>> for
>>>>>>>>>> offline discussions.
>>>>>>>>>> 
>>>>>>>>>> *Independence*
>>>>>>>>>> 
>>>>>>>>>> The project was initially donated by Cloudera, but with a
>>> diverse
>>>>> open
>>>>>>>>>> source community, it has been operated as an independent
>> project
>>>>> since it
>>>>>>>>>> entered into ASF incubator. The committers and PPMC members
>> are
>>> a
>>>>> group of
>>>>>>>>>> passionate people from at least 14 different organizations,
>> such
>>>> as
>>>>>>>>>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft,
>>>>> Snowflake, etc.
>>>>>>>>>> The project's success is not depending on any single entity.
>>>>>>>>>> 
>>>>>>>>>> I have enough reasons to believe the project has done
>>> sustainable
>>>>>>>>>> development successfully in the Apache way. Again, please
>> share
>>>> your
>>>>>>>>>> thoughts, all YuniKorn contributors, committers, PPMC, and
>>>> mentors.
>>>>> Thank
>>>>>>>>>> you!
>>>>>>>>>> 
>>>>>>>>>> [1]
>>>>> https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
>>>>>>>>>> [2]
>>>>>>>>>> 
>>>>> 
>>>> 
>>> 
>> https://community.apache.org/apache-way/apache-project-maturity-model.html
>>>>>>>>>> 
>>>>>>>>>> [3] https://yunikorn.apache.org/community/download
>>>>>>>>>> [4] https://yunikorn.apache.org/
>>>>>>>>>> [5] https://incubator.apache.org/projects/yunikorn.html
>>>>>>>>>> 
>>>>>>>>>> [6]
>>>>>>>>>> 
>>>>> 
>>>> 
>>> 
>> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>>>>> --
>>>>>>>> Twitter: https://twitter.com/holdenkarau
>>>>>>>> Books (Learning Spark, High Performance Spark, etc.):
>>>>> https://amzn.to/2MaRAG9
>>>>>>>> YouTube Live Streams: https://www.youtube.com/user/holdenkarau
>>>>> 
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
>>>>> For additional commands, e-mail: dev-help@yunikorn.apache.org
>>>>> 
>>>>> 
>>>> 
>>> 
>> 

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
For additional commands, e-mail: dev-help@yunikorn.apache.org

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Sunil Govindan <su...@apache.org>]

@Weiwei Yang <ww...@apache.org>
Could you please add WIKI as well to this?

Thanks
Sunil

On Sun, Jan 23, 2022 at 1:33 PM Weiwei Yang <ww...@apache.org> wrote:

> Thank you Felix.
> I have added the initial podling status file:
>
> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/yunikorn.yml
> .
> Please let me know if that looks good or not.
>
> On Sat, Jan 22, 2022 at 10:18 PM Sunil Govindan <su...@apache.org> wrote:
>
> > I will reach out to them.
> >
> > Thanks
> > Sunil
> >
> > On Sat, Jan 22, 2022 at 9:00 PM Felix Cheung <fe...@hotmail.com>
> > wrote:
> >
> > > Pls add the podling status file
> > >
> >
> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
> > >
> > > 3 ppmc members have not subscribed to private@
> > >
> > > These can be found on
> > > https://whimsy.apache.org/roster/ppmc/yunikorn
> > >
> > > <
> >
> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
> > > >
> > > ________________________________
> > > From: Weiwei Yang <ww...@apache.org>
> > > Sent: Thursday, January 20, 2022 10:05:55 PM
> > > To: dev@yunikorn.apache.org <de...@yunikorn.apache.org>
> > > Cc: private@yunikorn.apache.org <pr...@yunikorn.apache.org>
> > > Subject: Re: Apache YuniKorn (Incubating) - Community Graduation Vote
> > >
> > > hi all
> > >
> > > Most issues under the graduation preparation JIRA YUNIKORN-1005
> > > <https://issues.apache.org/jira/browse/YUNIKORN-1005> are fixed.
> > > The remaining one is the who-are-we web page, I am currently collecting
> > > info for that, should be done by next week.
> > > Shall we start to vote now? I can start a new thread for the community
> > > voting if nobody has objections.
> > >
> > > On Tue, Jan 11, 2022 at 11:02 AM Wilfred Spiegelenburg <
> > > wilfreds@apache.org>
> > > wrote:
> > >
> > > > None of the security lists mentioned in the security page [1] are
> > > > moderated. They are private lists, i.e. not openly available for
> > > > browsing in an archive, but not moderated. Using the private@ for
> > > > YuniKorn does not seem to line up with what other projects do either.
> > > > None of the recently graduated projects mention anything like using
> > > > the private@ mailing list on their sites. They all have just used
> the
> > > > general security link mentioned on their site unless they have a
> > > > specific security@ list. YuniKorn would be the one standing out from
> > > > what seems to be the norm.
> > > > Examples from the last 2 years of graduated projects using a simple
> > > > link or a text pointing to [1]: Pinot, Dolphinscheduler, Ratis,
> > > > Echarts, Gobblin, TVM, Superset and Datasketches. There are more but
> I
> > > > think this provides an overview of what is expected on graduation.
> > > >
> > > > Wilfred
> > > >
> > > > [1] https://www.apache.org/security/
> > > >
> > > > On Tue, 11 Jan 2022 at 18:21, Weiwei Yang <ww...@apache.org> wrote:
> > > > >
> > > > > Hi Wilfred
> > > > >
> > > > > Adding a security@ mailing list sounds like a good idea, but I do
> > not
> > > > think that is required in the current stage.
> > > > > We can do that post-graduate. For now, the Apache security doc said
> > > > >
> > > > > > We strongly encourage you to report potential security
> > > vulnerabilities
> > > > to one of our private security mailing lists first, before disclosing
> > > them
> > > > in a public forum.
> > > > >
> > > > > I do not see any issue if we use our private@ mailing list for
> this
> > > > purpose.
> > > > >
> > > > > On Mon, Jan 10, 2022 at 11:01 PM Wilfred Spiegelenburg <
> > > > wilfreds@apache.org> wrote:
> > > > >>
> > > > >> The private@ is a moderated list. This has two issues: a
> moderator
> > > > >> needs to approve any message not sent by a PMC member. This will
> > slow
> > > > >> down the process of interaction with the reporter. It would also
> not
> > > > >> reach the YuniKorn committers group as not all committers are part
> > of
> > > > >> the PMC. Security issues should be handled and worked on by all
> > > > >> committers not just by the PMC members.
> > > > >>
> > > > >> The security notification update made to the website I think does
> > not
> > > > >> line up with the security guidelines referenced in the link
> provided
> > > > >> in the dropdown menu of the YuniKorn site [1]. In that link there
> > is a
> > > > >> well defined way to report security issues. If we need to enhance
> > and
> > > > >> extend what we do we either establish a security@ mailing list
> and
> > > > >> provide a static page with security related information on our
> site
> > or
> > > > >> we leave it as is. My preference would be to establish a security@
> > > > >> list and make all committers a member of that list.
> > > > >>
> > > > >> I think we need to roll back the website changes part of
> > YUNIKORN-1006
> > > > >> [2] in PR [3] for the website.
> > > > >>
> > > > >> Wilfred
> > > > >>
> > > > >> [1] https://www.apache.org/security/
> > > > >> [2] https://issues.apache.org/jira/browse/YUNIKORN-1006
> > > > >> [3] https://github.com/apache/incubator-yunikorn-site/pull/105
> > > > >>
> > > > >> On Tue, 11 Jan 2022 at 04:45, Holden Karau <ho...@pigscanfly.ca>
> > > > wrote:
> > > > >> >
> > > > >> > For "The project provides a well-documented, secure and private
> > > > channel to report security issues, along with a documented way of
> > > > responding to them.' the standard that I've seen used is to tell
> people
> > > to
> > > > e-mail private@ when they think they might have a security related
> > > issue.
> > > > I think that would probably work well for Yunikorn too.
> > > > >> >
> > > > >> >
> > > > >> > On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
> > > > chenyazhangchenya@gmail.com> wrote:
> > > > >> >>
> > > > >> >> Hi Weiwei,
> > > > >> >>
> > > > >> >> Thanks for driving this! The evaluation is quite comprehensive
> > > > overall. I checked our Apache project maturity guidelines and noticed
> > the
> > > > below three items. Not sure if we already have them but they are not
> > > > blockers to our graduation. We could think more about them along the
> > way.
> > > > >> >>
> > > > >> >> QU30
> > > > >> >>
> > > > >> >> The project provides a well-documented, secure and private
> > channel
> > > > to report security issues, along with a documented way of responding
> to
> > > > them.
> > > > >> >>
> > > > >> >> QU40
> > > > >> >>
> > > > >> >> The project puts a high priority on backwards compatibility and
> > > aims
> > > > to document any incompatible changes and provide tools and
> > documentation
> > > to
> > > > help users transition to new features.
> > > > >> >>
> > > > >> >> CO50
> > > > >> >>
> > > > >> >> The project documents how contributors can earn more rights
> such
> > as
> > > > commit access or decision power, and applies these principles
> > > consistently.
> > > > >> >>
> > > > >> >>
> > > > >> >> Thanks,
> > > > >> >>
> > > > >> >> Chenya
> > > > >> >>
> > > > >> >>
> > > > >> >>
> > > > >> >> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org>
> > > > wrote:
> > > > >> >>>
> > > > >> >>> Hi YuniKorn community and mentors
> > > > >> >>>
> > > > >> >>> Based on the discussion thread [1], after 2 years time of
> > > > incubating, it is
> > > > >> >>> considered that now is a good time to graduate YuniKorn from
> the
> > > ASF
> > > > >> >>> incubator and become a top-level Apache project. We have
> > reviewed
> > > > the ASF
> > > > >> >>> project maturity model [2] and provided some assessment of the
> > > > project's
> > > > >> >>> maturity based on the guidelines. Details are included as the
> > > > following.
> > > > >> >>> Please read this and share your thoughts by replying to this
> > > email,
> > > > your
> > > > >> >>> feedback will be much appreciated!!!
> > > > >> >>>
> > > > >> >>> *Code, License, and Copyright*
> > > > >> >>>
> > > > >> >>> All code is maintained on github, under Apache 2.0 license. We
> > > have
> > > > >> >>> reviewed all the dependencies and ensured they do not bring
> any
> > > > license
> > > > >> >>> issues. All the status files, license headers, and copyright
> are
> > > up
> > > > to date.
> > > > >> >>>
> > > > >> >>> *Release*
> > > > >> >>>
> > > > >> >>> The community has released 5 releases in the past 2 years, i.e
> > > > v0.8, v0.9,
> > > > >> >>> v0.10, v0,11, and v0.12. These releases were done by 5
> different
> > > > release
> > > > >> >>> managers [3] and indicate the community can create releases
> > > > independently.
> > > > >> >>> We have also a well-documented release process, automated
> tools
> > to
> > > > help new
> > > > >> >>> release managers with the process.
> > > > >> >>>
> > > > >> >>> *Quality*
> > > > >> >>>
> > > > >> >>> The community has developed a comprehensive CI/CD pipeline as
> a
> > > > guard of
> > > > >> >>> the code quality. The pipeline runs per-commit license check,
> > > > code-format
> > > > >> >>> check, code-coverage check, UT, and end-to-end tests. All
> these
> > > are
> > > > built
> > > > >> >>> as automated github actions, new contributors can easily
> trigger
> > > > and view
> > > > >> >>> results when submitting patches.
> > > > >> >>>
> > > > >> >>> *Community*
> > > > >> >>>
> > > > >> >>> The community has developed an easy-to-read homepage for the
> > > > project [4],
> > > > >> >>> the website hosts all the materials related to the project
> > > including
> > > > >> >>> versioned documentation, user docs, developer docs, design
> docs,
> > > > >> >>> performance docs. It provides the top-level navigation to the
> > > > software
> > > > >> >>> download page, where links to all our previous releases. It
> also
> > > > has the
> > > > >> >>> pages for the new contributors on-boarding with the project,
> > such
> > > > as how to
> > > > >> >>> join community meetings, events links, etc.
> > > > >> >>>
> > > > >> >>> The community shows appreciation to all contributors and
> > welcomes
> > > > all kinds
> > > > >> >>> of contributions (not just for code). We have built an open,
> > > diverse
> > > > >> >>> community and gathered many people to work together. With
> that,
> > we
> > > > have 41
> > > > >> >>> unique code contributors and some non-code contributors as
> well.
> > > > Many of
> > > > >> >>> them have becoming to be committers and PPMC members while
> > working
> > > > with the
> > > > >> >>> community. There were 2 new mentors, 8 new committers, 2 new
> > PPMC
> > > > from 6
> > > > >> >>> different organizations [5] added in the incubating phase. And
> > in
> > > > total,
> > > > >> >>> the project has 6 mentors, 21 PPMC, and 27 committers from at
> > > least
> > > > 14
> > > > >> >>> different organizations. Community collaboration was done in a
> > > > wide-public,
> > > > >> >>> open manner, we leverage regular bi-weekly/weekly community
> > > > meetings for 2
> > > > >> >>> different timezones [6] and dev/user slack channels, mailing
> > lists
> > > > for
> > > > >> >>> offline discussions.
> > > > >> >>>
> > > > >> >>> *Independence*
> > > > >> >>>
> > > > >> >>> The project was initially donated by Cloudera, but with a
> > diverse
> > > > open
> > > > >> >>> source community, it has been operated as an independent
> project
> > > > since it
> > > > >> >>> entered into ASF incubator. The committers and PPMC members
> are
> > a
> > > > group of
> > > > >> >>> passionate people from at least 14 different organizations,
> such
> > > as
> > > > >> >>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft,
> > > > Snowflake, etc.
> > > > >> >>> The project's success is not depending on any single entity.
> > > > >> >>>
> > > > >> >>> I have enough reasons to believe the project has done
> > sustainable
> > > > >> >>> development successfully in the Apache way. Again, please
> share
> > > your
> > > > >> >>> thoughts, all YuniKorn contributors, committers, PPMC, and
> > > mentors.
> > > > Thank
> > > > >> >>> you!
> > > > >> >>>
> > > > >> >>> [1]
> > > > https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
> > > > >> >>> [2]
> > > > >> >>>
> > > >
> > >
> >
> https://community.apache.org/apache-way/apache-project-maturity-model.html
> > > > >> >>>
> > > > >> >>> [3] https://yunikorn.apache.org/community/download
> > > > >> >>> [4] https://yunikorn.apache.org/
> > > > >> >>> [5] https://incubator.apache.org/projects/yunikorn.html
> > > > >> >>>
> > > > >> >>> [6]
> > > > >> >>>
> > > >
> > >
> >
> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
> > > > >> >
> > > > >> >
> > > > >> >
> > > > >> > --
> > > > >> > Twitter: https://twitter.com/holdenkarau
> > > > >> > Books (Learning Spark, High Performance Spark, etc.):
> > > > https://amzn.to/2MaRAG9
> > > > >> > YouTube Live Streams: https://www.youtube.com/user/holdenkarau
> > > >
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> > > > For additional commands, e-mail: dev-help@yunikorn.apache.org
> > > >
> > > >
> > >
> >
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Weiwei Yang <ww...@apache.org>]

Thank you Felix.
I have added the initial podling status file:
https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/yunikorn.yml
.
Please let me know if that looks good or not.

On Sat, Jan 22, 2022 at 10:18 PM Sunil Govindan <su...@apache.org> wrote:

> I will reach out to them.
>
> Thanks
> Sunil
>
> On Sat, Jan 22, 2022 at 9:00 PM Felix Cheung <fe...@hotmail.com>
> wrote:
>
> > Pls add the podling status file
> >
> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
> >
> > 3 ppmc members have not subscribed to private@
> >
> > These can be found on
> > https://whimsy.apache.org/roster/ppmc/yunikorn
> >
> > <
> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
> > >
> > ________________________________
> > From: Weiwei Yang <ww...@apache.org>
> > Sent: Thursday, January 20, 2022 10:05:55 PM
> > To: dev@yunikorn.apache.org <de...@yunikorn.apache.org>
> > Cc: private@yunikorn.apache.org <pr...@yunikorn.apache.org>
> > Subject: Re: Apache YuniKorn (Incubating) - Community Graduation Vote
> >
> > hi all
> >
> > Most issues under the graduation preparation JIRA YUNIKORN-1005
> > <https://issues.apache.org/jira/browse/YUNIKORN-1005> are fixed.
> > The remaining one is the who-are-we web page, I am currently collecting
> > info for that, should be done by next week.
> > Shall we start to vote now? I can start a new thread for the community
> > voting if nobody has objections.
> >
> > On Tue, Jan 11, 2022 at 11:02 AM Wilfred Spiegelenburg <
> > wilfreds@apache.org>
> > wrote:
> >
> > > None of the security lists mentioned in the security page [1] are
> > > moderated. They are private lists, i.e. not openly available for
> > > browsing in an archive, but not moderated. Using the private@ for
> > > YuniKorn does not seem to line up with what other projects do either.
> > > None of the recently graduated projects mention anything like using
> > > the private@ mailing list on their sites. They all have just used the
> > > general security link mentioned on their site unless they have a
> > > specific security@ list. YuniKorn would be the one standing out from
> > > what seems to be the norm.
> > > Examples from the last 2 years of graduated projects using a simple
> > > link or a text pointing to [1]: Pinot, Dolphinscheduler, Ratis,
> > > Echarts, Gobblin, TVM, Superset and Datasketches. There are more but I
> > > think this provides an overview of what is expected on graduation.
> > >
> > > Wilfred
> > >
> > > [1] https://www.apache.org/security/
> > >
> > > On Tue, 11 Jan 2022 at 18:21, Weiwei Yang <ww...@apache.org> wrote:
> > > >
> > > > Hi Wilfred
> > > >
> > > > Adding a security@ mailing list sounds like a good idea, but I do
> not
> > > think that is required in the current stage.
> > > > We can do that post-graduate. For now, the Apache security doc said
> > > >
> > > > > We strongly encourage you to report potential security
> > vulnerabilities
> > > to one of our private security mailing lists first, before disclosing
> > them
> > > in a public forum.
> > > >
> > > > I do not see any issue if we use our private@ mailing list for this
> > > purpose.
> > > >
> > > > On Mon, Jan 10, 2022 at 11:01 PM Wilfred Spiegelenburg <
> > > wilfreds@apache.org> wrote:
> > > >>
> > > >> The private@ is a moderated list. This has two issues: a moderator
> > > >> needs to approve any message not sent by a PMC member. This will
> slow
> > > >> down the process of interaction with the reporter. It would also not
> > > >> reach the YuniKorn committers group as not all committers are part
> of
> > > >> the PMC. Security issues should be handled and worked on by all
> > > >> committers not just by the PMC members.
> > > >>
> > > >> The security notification update made to the website I think does
> not
> > > >> line up with the security guidelines referenced in the link provided
> > > >> in the dropdown menu of the YuniKorn site [1]. In that link there
> is a
> > > >> well defined way to report security issues. If we need to enhance
> and
> > > >> extend what we do we either establish a security@ mailing list and
> > > >> provide a static page with security related information on our site
> or
> > > >> we leave it as is. My preference would be to establish a security@
> > > >> list and make all committers a member of that list.
> > > >>
> > > >> I think we need to roll back the website changes part of
> YUNIKORN-1006
> > > >> [2] in PR [3] for the website.
> > > >>
> > > >> Wilfred
> > > >>
> > > >> [1] https://www.apache.org/security/
> > > >> [2] https://issues.apache.org/jira/browse/YUNIKORN-1006
> > > >> [3] https://github.com/apache/incubator-yunikorn-site/pull/105
> > > >>
> > > >> On Tue, 11 Jan 2022 at 04:45, Holden Karau <ho...@pigscanfly.ca>
> > > wrote:
> > > >> >
> > > >> > For "The project provides a well-documented, secure and private
> > > channel to report security issues, along with a documented way of
> > > responding to them.' the standard that I've seen used is to tell people
> > to
> > > e-mail private@ when they think they might have a security related
> > issue.
> > > I think that would probably work well for Yunikorn too.
> > > >> >
> > > >> >
> > > >> > On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
> > > chenyazhangchenya@gmail.com> wrote:
> > > >> >>
> > > >> >> Hi Weiwei,
> > > >> >>
> > > >> >> Thanks for driving this! The evaluation is quite comprehensive
> > > overall. I checked our Apache project maturity guidelines and noticed
> the
> > > below three items. Not sure if we already have them but they are not
> > > blockers to our graduation. We could think more about them along the
> way.
> > > >> >>
> > > >> >> QU30
> > > >> >>
> > > >> >> The project provides a well-documented, secure and private
> channel
> > > to report security issues, along with a documented way of responding to
> > > them.
> > > >> >>
> > > >> >> QU40
> > > >> >>
> > > >> >> The project puts a high priority on backwards compatibility and
> > aims
> > > to document any incompatible changes and provide tools and
> documentation
> > to
> > > help users transition to new features.
> > > >> >>
> > > >> >> CO50
> > > >> >>
> > > >> >> The project documents how contributors can earn more rights such
> as
> > > commit access or decision power, and applies these principles
> > consistently.
> > > >> >>
> > > >> >>
> > > >> >> Thanks,
> > > >> >>
> > > >> >> Chenya
> > > >> >>
> > > >> >>
> > > >> >>
> > > >> >> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org>
> > > wrote:
> > > >> >>>
> > > >> >>> Hi YuniKorn community and mentors
> > > >> >>>
> > > >> >>> Based on the discussion thread [1], after 2 years time of
> > > incubating, it is
> > > >> >>> considered that now is a good time to graduate YuniKorn from the
> > ASF
> > > >> >>> incubator and become a top-level Apache project. We have
> reviewed
> > > the ASF
> > > >> >>> project maturity model [2] and provided some assessment of the
> > > project's
> > > >> >>> maturity based on the guidelines. Details are included as the
> > > following.
> > > >> >>> Please read this and share your thoughts by replying to this
> > email,
> > > your
> > > >> >>> feedback will be much appreciated!!!
> > > >> >>>
> > > >> >>> *Code, License, and Copyright*
> > > >> >>>
> > > >> >>> All code is maintained on github, under Apache 2.0 license. We
> > have
> > > >> >>> reviewed all the dependencies and ensured they do not bring any
> > > license
> > > >> >>> issues. All the status files, license headers, and copyright are
> > up
> > > to date.
> > > >> >>>
> > > >> >>> *Release*
> > > >> >>>
> > > >> >>> The community has released 5 releases in the past 2 years, i.e
> > > v0.8, v0.9,
> > > >> >>> v0.10, v0,11, and v0.12. These releases were done by 5 different
> > > release
> > > >> >>> managers [3] and indicate the community can create releases
> > > independently.
> > > >> >>> We have also a well-documented release process, automated tools
> to
> > > help new
> > > >> >>> release managers with the process.
> > > >> >>>
> > > >> >>> *Quality*
> > > >> >>>
> > > >> >>> The community has developed a comprehensive CI/CD pipeline as a
> > > guard of
> > > >> >>> the code quality. The pipeline runs per-commit license check,
> > > code-format
> > > >> >>> check, code-coverage check, UT, and end-to-end tests. All these
> > are
> > > built
> > > >> >>> as automated github actions, new contributors can easily trigger
> > > and view
> > > >> >>> results when submitting patches.
> > > >> >>>
> > > >> >>> *Community*
> > > >> >>>
> > > >> >>> The community has developed an easy-to-read homepage for the
> > > project [4],
> > > >> >>> the website hosts all the materials related to the project
> > including
> > > >> >>> versioned documentation, user docs, developer docs, design docs,
> > > >> >>> performance docs. It provides the top-level navigation to the
> > > software
> > > >> >>> download page, where links to all our previous releases. It also
> > > has the
> > > >> >>> pages for the new contributors on-boarding with the project,
> such
> > > as how to
> > > >> >>> join community meetings, events links, etc.
> > > >> >>>
> > > >> >>> The community shows appreciation to all contributors and
> welcomes
> > > all kinds
> > > >> >>> of contributions (not just for code). We have built an open,
> > diverse
> > > >> >>> community and gathered many people to work together. With that,
> we
> > > have 41
> > > >> >>> unique code contributors and some non-code contributors as well.
> > > Many of
> > > >> >>> them have becoming to be committers and PPMC members while
> working
> > > with the
> > > >> >>> community. There were 2 new mentors, 8 new committers, 2 new
> PPMC
> > > from 6
> > > >> >>> different organizations [5] added in the incubating phase. And
> in
> > > total,
> > > >> >>> the project has 6 mentors, 21 PPMC, and 27 committers from at
> > least
> > > 14
> > > >> >>> different organizations. Community collaboration was done in a
> > > wide-public,
> > > >> >>> open manner, we leverage regular bi-weekly/weekly community
> > > meetings for 2
> > > >> >>> different timezones [6] and dev/user slack channels, mailing
> lists
> > > for
> > > >> >>> offline discussions.
> > > >> >>>
> > > >> >>> *Independence*
> > > >> >>>
> > > >> >>> The project was initially donated by Cloudera, but with a
> diverse
> > > open
> > > >> >>> source community, it has been operated as an independent project
> > > since it
> > > >> >>> entered into ASF incubator. The committers and PPMC members are
> a
> > > group of
> > > >> >>> passionate people from at least 14 different organizations, such
> > as
> > > >> >>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft,
> > > Snowflake, etc.
> > > >> >>> The project's success is not depending on any single entity.
> > > >> >>>
> > > >> >>> I have enough reasons to believe the project has done
> sustainable
> > > >> >>> development successfully in the Apache way. Again, please share
> > your
> > > >> >>> thoughts, all YuniKorn contributors, committers, PPMC, and
> > mentors.
> > > Thank
> > > >> >>> you!
> > > >> >>>
> > > >> >>> [1]
> > > https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
> > > >> >>> [2]
> > > >> >>>
> > >
> >
> https://community.apache.org/apache-way/apache-project-maturity-model.html
> > > >> >>>
> > > >> >>> [3] https://yunikorn.apache.org/community/download
> > > >> >>> [4] https://yunikorn.apache.org/
> > > >> >>> [5] https://incubator.apache.org/projects/yunikorn.html
> > > >> >>>
> > > >> >>> [6]
> > > >> >>>
> > >
> >
> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
> > > >> >
> > > >> >
> > > >> >
> > > >> > --
> > > >> > Twitter: https://twitter.com/holdenkarau
> > > >> > Books (Learning Spark, High Performance Spark, etc.):
> > > https://amzn.to/2MaRAG9
> > > >> > YouTube Live Streams: https://www.youtube.com/user/holdenkarau
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> > > For additional commands, e-mail: dev-help@yunikorn.apache.org
> > >
> > >
> >
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Sunil Govindan <su...@apache.org>]

I will reach out to them.

Thanks
Sunil

On Sat, Jan 22, 2022 at 9:00 PM Felix Cheung <fe...@hotmail.com>
wrote:

> Pls add the podling status file
> https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
>
> 3 ppmc members have not subscribed to private@
>
> These can be found on
> https://whimsy.apache.org/roster/ppmc/yunikorn
>
> <https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/
> >
> ________________________________
> From: Weiwei Yang <ww...@apache.org>
> Sent: Thursday, January 20, 2022 10:05:55 PM
> To: dev@yunikorn.apache.org <de...@yunikorn.apache.org>
> Cc: private@yunikorn.apache.org <pr...@yunikorn.apache.org>
> Subject: Re: Apache YuniKorn (Incubating) - Community Graduation Vote
>
> hi all
>
> Most issues under the graduation preparation JIRA YUNIKORN-1005
> <https://issues.apache.org/jira/browse/YUNIKORN-1005> are fixed.
> The remaining one is the who-are-we web page, I am currently collecting
> info for that, should be done by next week.
> Shall we start to vote now? I can start a new thread for the community
> voting if nobody has objections.
>
> On Tue, Jan 11, 2022 at 11:02 AM Wilfred Spiegelenburg <
> wilfreds@apache.org>
> wrote:
>
> > None of the security lists mentioned in the security page [1] are
> > moderated. They are private lists, i.e. not openly available for
> > browsing in an archive, but not moderated. Using the private@ for
> > YuniKorn does not seem to line up with what other projects do either.
> > None of the recently graduated projects mention anything like using
> > the private@ mailing list on their sites. They all have just used the
> > general security link mentioned on their site unless they have a
> > specific security@ list. YuniKorn would be the one standing out from
> > what seems to be the norm.
> > Examples from the last 2 years of graduated projects using a simple
> > link or a text pointing to [1]: Pinot, Dolphinscheduler, Ratis,
> > Echarts, Gobblin, TVM, Superset and Datasketches. There are more but I
> > think this provides an overview of what is expected on graduation.
> >
> > Wilfred
> >
> > [1] https://www.apache.org/security/
> >
> > On Tue, 11 Jan 2022 at 18:21, Weiwei Yang <ww...@apache.org> wrote:
> > >
> > > Hi Wilfred
> > >
> > > Adding a security@ mailing list sounds like a good idea, but I do not
> > think that is required in the current stage.
> > > We can do that post-graduate. For now, the Apache security doc said
> > >
> > > > We strongly encourage you to report potential security
> vulnerabilities
> > to one of our private security mailing lists first, before disclosing
> them
> > in a public forum.
> > >
> > > I do not see any issue if we use our private@ mailing list for this
> > purpose.
> > >
> > > On Mon, Jan 10, 2022 at 11:01 PM Wilfred Spiegelenburg <
> > wilfreds@apache.org> wrote:
> > >>
> > >> The private@ is a moderated list. This has two issues: a moderator
> > >> needs to approve any message not sent by a PMC member. This will slow
> > >> down the process of interaction with the reporter. It would also not
> > >> reach the YuniKorn committers group as not all committers are part of
> > >> the PMC. Security issues should be handled and worked on by all
> > >> committers not just by the PMC members.
> > >>
> > >> The security notification update made to the website I think does not
> > >> line up with the security guidelines referenced in the link provided
> > >> in the dropdown menu of the YuniKorn site [1]. In that link there is a
> > >> well defined way to report security issues. If we need to enhance and
> > >> extend what we do we either establish a security@ mailing list and
> > >> provide a static page with security related information on our site or
> > >> we leave it as is. My preference would be to establish a security@
> > >> list and make all committers a member of that list.
> > >>
> > >> I think we need to roll back the website changes part of YUNIKORN-1006
> > >> [2] in PR [3] for the website.
> > >>
> > >> Wilfred
> > >>
> > >> [1] https://www.apache.org/security/
> > >> [2] https://issues.apache.org/jira/browse/YUNIKORN-1006
> > >> [3] https://github.com/apache/incubator-yunikorn-site/pull/105
> > >>
> > >> On Tue, 11 Jan 2022 at 04:45, Holden Karau <ho...@pigscanfly.ca>
> > wrote:
> > >> >
> > >> > For "The project provides a well-documented, secure and private
> > channel to report security issues, along with a documented way of
> > responding to them.' the standard that I've seen used is to tell people
> to
> > e-mail private@ when they think they might have a security related
> issue.
> > I think that would probably work well for Yunikorn too.
> > >> >
> > >> >
> > >> > On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
> > chenyazhangchenya@gmail.com> wrote:
> > >> >>
> > >> >> Hi Weiwei,
> > >> >>
> > >> >> Thanks for driving this! The evaluation is quite comprehensive
> > overall. I checked our Apache project maturity guidelines and noticed the
> > below three items. Not sure if we already have them but they are not
> > blockers to our graduation. We could think more about them along the way.
> > >> >>
> > >> >> QU30
> > >> >>
> > >> >> The project provides a well-documented, secure and private channel
> > to report security issues, along with a documented way of responding to
> > them.
> > >> >>
> > >> >> QU40
> > >> >>
> > >> >> The project puts a high priority on backwards compatibility and
> aims
> > to document any incompatible changes and provide tools and documentation
> to
> > help users transition to new features.
> > >> >>
> > >> >> CO50
> > >> >>
> > >> >> The project documents how contributors can earn more rights such as
> > commit access or decision power, and applies these principles
> consistently.
> > >> >>
> > >> >>
> > >> >> Thanks,
> > >> >>
> > >> >> Chenya
> > >> >>
> > >> >>
> > >> >>
> > >> >> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org>
> > wrote:
> > >> >>>
> > >> >>> Hi YuniKorn community and mentors
> > >> >>>
> > >> >>> Based on the discussion thread [1], after 2 years time of
> > incubating, it is
> > >> >>> considered that now is a good time to graduate YuniKorn from the
> ASF
> > >> >>> incubator and become a top-level Apache project. We have reviewed
> > the ASF
> > >> >>> project maturity model [2] and provided some assessment of the
> > project's
> > >> >>> maturity based on the guidelines. Details are included as the
> > following.
> > >> >>> Please read this and share your thoughts by replying to this
> email,
> > your
> > >> >>> feedback will be much appreciated!!!
> > >> >>>
> > >> >>> *Code, License, and Copyright*
> > >> >>>
> > >> >>> All code is maintained on github, under Apache 2.0 license. We
> have
> > >> >>> reviewed all the dependencies and ensured they do not bring any
> > license
> > >> >>> issues. All the status files, license headers, and copyright are
> up
> > to date.
> > >> >>>
> > >> >>> *Release*
> > >> >>>
> > >> >>> The community has released 5 releases in the past 2 years, i.e
> > v0.8, v0.9,
> > >> >>> v0.10, v0,11, and v0.12. These releases were done by 5 different
> > release
> > >> >>> managers [3] and indicate the community can create releases
> > independently.
> > >> >>> We have also a well-documented release process, automated tools to
> > help new
> > >> >>> release managers with the process.
> > >> >>>
> > >> >>> *Quality*
> > >> >>>
> > >> >>> The community has developed a comprehensive CI/CD pipeline as a
> > guard of
> > >> >>> the code quality. The pipeline runs per-commit license check,
> > code-format
> > >> >>> check, code-coverage check, UT, and end-to-end tests. All these
> are
> > built
> > >> >>> as automated github actions, new contributors can easily trigger
> > and view
> > >> >>> results when submitting patches.
> > >> >>>
> > >> >>> *Community*
> > >> >>>
> > >> >>> The community has developed an easy-to-read homepage for the
> > project [4],
> > >> >>> the website hosts all the materials related to the project
> including
> > >> >>> versioned documentation, user docs, developer docs, design docs,
> > >> >>> performance docs. It provides the top-level navigation to the
> > software
> > >> >>> download page, where links to all our previous releases. It also
> > has the
> > >> >>> pages for the new contributors on-boarding with the project, such
> > as how to
> > >> >>> join community meetings, events links, etc.
> > >> >>>
> > >> >>> The community shows appreciation to all contributors and welcomes
> > all kinds
> > >> >>> of contributions (not just for code). We have built an open,
> diverse
> > >> >>> community and gathered many people to work together. With that, we
> > have 41
> > >> >>> unique code contributors and some non-code contributors as well.
> > Many of
> > >> >>> them have becoming to be committers and PPMC members while working
> > with the
> > >> >>> community. There were 2 new mentors, 8 new committers, 2 new PPMC
> > from 6
> > >> >>> different organizations [5] added in the incubating phase. And in
> > total,
> > >> >>> the project has 6 mentors, 21 PPMC, and 27 committers from at
> least
> > 14
> > >> >>> different organizations. Community collaboration was done in a
> > wide-public,
> > >> >>> open manner, we leverage regular bi-weekly/weekly community
> > meetings for 2
> > >> >>> different timezones [6] and dev/user slack channels, mailing lists
> > for
> > >> >>> offline discussions.
> > >> >>>
> > >> >>> *Independence*
> > >> >>>
> > >> >>> The project was initially donated by Cloudera, but with a diverse
> > open
> > >> >>> source community, it has been operated as an independent project
> > since it
> > >> >>> entered into ASF incubator. The committers and PPMC members are a
> > group of
> > >> >>> passionate people from at least 14 different organizations, such
> as
> > >> >>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft,
> > Snowflake, etc.
> > >> >>> The project's success is not depending on any single entity.
> > >> >>>
> > >> >>> I have enough reasons to believe the project has done sustainable
> > >> >>> development successfully in the Apache way. Again, please share
> your
> > >> >>> thoughts, all YuniKorn contributors, committers, PPMC, and
> mentors.
> > Thank
> > >> >>> you!
> > >> >>>
> > >> >>> [1]
> > https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
> > >> >>> [2]
> > >> >>>
> >
> https://community.apache.org/apache-way/apache-project-maturity-model.html
> > >> >>>
> > >> >>> [3] https://yunikorn.apache.org/community/download
> > >> >>> [4] https://yunikorn.apache.org/
> > >> >>> [5] https://incubator.apache.org/projects/yunikorn.html
> > >> >>>
> > >> >>> [6]
> > >> >>>
> >
> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
> > >> >
> > >> >
> > >> >
> > >> > --
> > >> > Twitter: https://twitter.com/holdenkarau
> > >> > Books (Learning Spark, High Performance Spark, etc.):
> > https://amzn.to/2MaRAG9
> > >> > YouTube Live Streams: https://www.youtube.com/user/holdenkarau
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> > For additional commands, e-mail: dev-help@yunikorn.apache.org
> >
> >
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Felix Cheung <fe...@hotmail.com>]

Pls add the podling status file
https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/

3 ppmc members have not subscribed to private@

These can be found on
https://whimsy.apache.org/roster/ppmc/yunikorn

<https://svn.apache.org/repos/asf/incubator/public/trunk/content/podlings/>
________________________________
From: Weiwei Yang <ww...@apache.org>
Sent: Thursday, January 20, 2022 10:05:55 PM
To: dev@yunikorn.apache.org <de...@yunikorn.apache.org>
Cc: private@yunikorn.apache.org <pr...@yunikorn.apache.org>
Subject: Re: Apache YuniKorn (Incubating) - Community Graduation Vote

hi all

Most issues under the graduation preparation JIRA YUNIKORN-1005
<https://issues.apache.org/jira/browse/YUNIKORN-1005> are fixed.
The remaining one is the who-are-we web page, I am currently collecting
info for that, should be done by next week.
Shall we start to vote now? I can start a new thread for the community
voting if nobody has objections.

On Tue, Jan 11, 2022 at 11:02 AM Wilfred Spiegelenburg <wi...@apache.org>
wrote:

> None of the security lists mentioned in the security page [1] are
> moderated. They are private lists, i.e. not openly available for
> browsing in an archive, but not moderated. Using the private@ for
> YuniKorn does not seem to line up with what other projects do either.
> None of the recently graduated projects mention anything like using
> the private@ mailing list on their sites. They all have just used the
> general security link mentioned on their site unless they have a
> specific security@ list. YuniKorn would be the one standing out from
> what seems to be the norm.
> Examples from the last 2 years of graduated projects using a simple
> link or a text pointing to [1]: Pinot, Dolphinscheduler, Ratis,
> Echarts, Gobblin, TVM, Superset and Datasketches. There are more but I
> think this provides an overview of what is expected on graduation.
>
> Wilfred
>
> [1] https://www.apache.org/security/
>
> On Tue, 11 Jan 2022 at 18:21, Weiwei Yang <ww...@apache.org> wrote:
> >
> > Hi Wilfred
> >
> > Adding a security@ mailing list sounds like a good idea, but I do not
> think that is required in the current stage.
> > We can do that post-graduate. For now, the Apache security doc said
> >
> > > We strongly encourage you to report potential security vulnerabilities
> to one of our private security mailing lists first, before disclosing them
> in a public forum.
> >
> > I do not see any issue if we use our private@ mailing list for this
> purpose.
> >
> > On Mon, Jan 10, 2022 at 11:01 PM Wilfred Spiegelenburg <
> wilfreds@apache.org> wrote:
> >>
> >> The private@ is a moderated list. This has two issues: a moderator
> >> needs to approve any message not sent by a PMC member. This will slow
> >> down the process of interaction with the reporter. It would also not
> >> reach the YuniKorn committers group as not all committers are part of
> >> the PMC. Security issues should be handled and worked on by all
> >> committers not just by the PMC members.
> >>
> >> The security notification update made to the website I think does not
> >> line up with the security guidelines referenced in the link provided
> >> in the dropdown menu of the YuniKorn site [1]. In that link there is a
> >> well defined way to report security issues. If we need to enhance and
> >> extend what we do we either establish a security@ mailing list and
> >> provide a static page with security related information on our site or
> >> we leave it as is. My preference would be to establish a security@
> >> list and make all committers a member of that list.
> >>
> >> I think we need to roll back the website changes part of YUNIKORN-1006
> >> [2] in PR [3] for the website.
> >>
> >> Wilfred
> >>
> >> [1] https://www.apache.org/security/
> >> [2] https://issues.apache.org/jira/browse/YUNIKORN-1006
> >> [3] https://github.com/apache/incubator-yunikorn-site/pull/105
> >>
> >> On Tue, 11 Jan 2022 at 04:45, Holden Karau <ho...@pigscanfly.ca>
> wrote:
> >> >
> >> > For "The project provides a well-documented, secure and private
> channel to report security issues, along with a documented way of
> responding to them.' the standard that I've seen used is to tell people to
> e-mail private@ when they think they might have a security related issue.
> I think that would probably work well for Yunikorn too.
> >> >
> >> >
> >> > On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
> chenyazhangchenya@gmail.com> wrote:
> >> >>
> >> >> Hi Weiwei,
> >> >>
> >> >> Thanks for driving this! The evaluation is quite comprehensive
> overall. I checked our Apache project maturity guidelines and noticed the
> below three items. Not sure if we already have them but they are not
> blockers to our graduation. We could think more about them along the way.
> >> >>
> >> >> QU30
> >> >>
> >> >> The project provides a well-documented, secure and private channel
> to report security issues, along with a documented way of responding to
> them.
> >> >>
> >> >> QU40
> >> >>
> >> >> The project puts a high priority on backwards compatibility and aims
> to document any incompatible changes and provide tools and documentation to
> help users transition to new features.
> >> >>
> >> >> CO50
> >> >>
> >> >> The project documents how contributors can earn more rights such as
> commit access or decision power, and applies these principles consistently.
> >> >>
> >> >>
> >> >> Thanks,
> >> >>
> >> >> Chenya
> >> >>
> >> >>
> >> >>
> >> >> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org>
> wrote:
> >> >>>
> >> >>> Hi YuniKorn community and mentors
> >> >>>
> >> >>> Based on the discussion thread [1], after 2 years time of
> incubating, it is
> >> >>> considered that now is a good time to graduate YuniKorn from the ASF
> >> >>> incubator and become a top-level Apache project. We have reviewed
> the ASF
> >> >>> project maturity model [2] and provided some assessment of the
> project's
> >> >>> maturity based on the guidelines. Details are included as the
> following.
> >> >>> Please read this and share your thoughts by replying to this email,
> your
> >> >>> feedback will be much appreciated!!!
> >> >>>
> >> >>> *Code, License, and Copyright*
> >> >>>
> >> >>> All code is maintained on github, under Apache 2.0 license. We have
> >> >>> reviewed all the dependencies and ensured they do not bring any
> license
> >> >>> issues. All the status files, license headers, and copyright are up
> to date.
> >> >>>
> >> >>> *Release*
> >> >>>
> >> >>> The community has released 5 releases in the past 2 years, i.e
> v0.8, v0.9,
> >> >>> v0.10, v0,11, and v0.12. These releases were done by 5 different
> release
> >> >>> managers [3] and indicate the community can create releases
> independently.
> >> >>> We have also a well-documented release process, automated tools to
> help new
> >> >>> release managers with the process.
> >> >>>
> >> >>> *Quality*
> >> >>>
> >> >>> The community has developed a comprehensive CI/CD pipeline as a
> guard of
> >> >>> the code quality. The pipeline runs per-commit license check,
> code-format
> >> >>> check, code-coverage check, UT, and end-to-end tests. All these are
> built
> >> >>> as automated github actions, new contributors can easily trigger
> and view
> >> >>> results when submitting patches.
> >> >>>
> >> >>> *Community*
> >> >>>
> >> >>> The community has developed an easy-to-read homepage for the
> project [4],
> >> >>> the website hosts all the materials related to the project including
> >> >>> versioned documentation, user docs, developer docs, design docs,
> >> >>> performance docs. It provides the top-level navigation to the
> software
> >> >>> download page, where links to all our previous releases. It also
> has the
> >> >>> pages for the new contributors on-boarding with the project, such
> as how to
> >> >>> join community meetings, events links, etc.
> >> >>>
> >> >>> The community shows appreciation to all contributors and welcomes
> all kinds
> >> >>> of contributions (not just for code). We have built an open, diverse
> >> >>> community and gathered many people to work together. With that, we
> have 41
> >> >>> unique code contributors and some non-code contributors as well.
> Many of
> >> >>> them have becoming to be committers and PPMC members while working
> with the
> >> >>> community. There were 2 new mentors, 8 new committers, 2 new PPMC
> from 6
> >> >>> different organizations [5] added in the incubating phase. And in
> total,
> >> >>> the project has 6 mentors, 21 PPMC, and 27 committers from at least
> 14
> >> >>> different organizations. Community collaboration was done in a
> wide-public,
> >> >>> open manner, we leverage regular bi-weekly/weekly community
> meetings for 2
> >> >>> different timezones [6] and dev/user slack channels, mailing lists
> for
> >> >>> offline discussions.
> >> >>>
> >> >>> *Independence*
> >> >>>
> >> >>> The project was initially donated by Cloudera, but with a diverse
> open
> >> >>> source community, it has been operated as an independent project
> since it
> >> >>> entered into ASF incubator. The committers and PPMC members are a
> group of
> >> >>> passionate people from at least 14 different organizations, such as
> >> >>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft,
> Snowflake, etc.
> >> >>> The project's success is not depending on any single entity.
> >> >>>
> >> >>> I have enough reasons to believe the project has done sustainable
> >> >>> development successfully in the Apache way. Again, please share your
> >> >>> thoughts, all YuniKorn contributors, committers, PPMC, and mentors.
> Thank
> >> >>> you!
> >> >>>
> >> >>> [1]
> https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
> >> >>> [2]
> >> >>>
> https://community.apache.org/apache-way/apache-project-maturity-model.html
> >> >>>
> >> >>> [3] https://yunikorn.apache.org/community/download
> >> >>> [4] https://yunikorn.apache.org/
> >> >>> [5] https://incubator.apache.org/projects/yunikorn.html
> >> >>>
> >> >>> [6]
> >> >>>
> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
> >> >
> >> >
> >> >
> >> > --
> >> > Twitter: https://twitter.com/holdenkarau
> >> > Books (Learning Spark, High Performance Spark, etc.):
> https://amzn.to/2MaRAG9
> >> > YouTube Live Streams: https://www.youtube.com/user/holdenkarau
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> For additional commands, e-mail: dev-help@yunikorn.apache.org
>
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Weiwei Yang <ww...@apache.org>]

hi all

Most issues under the graduation preparation JIRA YUNIKORN-1005
<https://issues.apache.org/jira/browse/YUNIKORN-1005> are fixed.
The remaining one is the who-are-we web page, I am currently collecting
info for that, should be done by next week.
Shall we start to vote now? I can start a new thread for the community
voting if nobody has objections.

On Tue, Jan 11, 2022 at 11:02 AM Wilfred Spiegelenburg <wi...@apache.org>
wrote:

> None of the security lists mentioned in the security page [1] are
> moderated. They are private lists, i.e. not openly available for
> browsing in an archive, but not moderated. Using the private@ for
> YuniKorn does not seem to line up with what other projects do either.
> None of the recently graduated projects mention anything like using
> the private@ mailing list on their sites. They all have just used the
> general security link mentioned on their site unless they have a
> specific security@ list. YuniKorn would be the one standing out from
> what seems to be the norm.
> Examples from the last 2 years of graduated projects using a simple
> link or a text pointing to [1]: Pinot, Dolphinscheduler, Ratis,
> Echarts, Gobblin, TVM, Superset and Datasketches. There are more but I
> think this provides an overview of what is expected on graduation.
>
> Wilfred
>
> [1] https://www.apache.org/security/
>
> On Tue, 11 Jan 2022 at 18:21, Weiwei Yang <ww...@apache.org> wrote:
> >
> > Hi Wilfred
> >
> > Adding a security@ mailing list sounds like a good idea, but I do not
> think that is required in the current stage.
> > We can do that post-graduate. For now, the Apache security doc said
> >
> > > We strongly encourage you to report potential security vulnerabilities
> to one of our private security mailing lists first, before disclosing them
> in a public forum.
> >
> > I do not see any issue if we use our private@ mailing list for this
> purpose.
> >
> > On Mon, Jan 10, 2022 at 11:01 PM Wilfred Spiegelenburg <
> wilfreds@apache.org> wrote:
> >>
> >> The private@ is a moderated list. This has two issues: a moderator
> >> needs to approve any message not sent by a PMC member. This will slow
> >> down the process of interaction with the reporter. It would also not
> >> reach the YuniKorn committers group as not all committers are part of
> >> the PMC. Security issues should be handled and worked on by all
> >> committers not just by the PMC members.
> >>
> >> The security notification update made to the website I think does not
> >> line up with the security guidelines referenced in the link provided
> >> in the dropdown menu of the YuniKorn site [1]. In that link there is a
> >> well defined way to report security issues. If we need to enhance and
> >> extend what we do we either establish a security@ mailing list and
> >> provide a static page with security related information on our site or
> >> we leave it as is. My preference would be to establish a security@
> >> list and make all committers a member of that list.
> >>
> >> I think we need to roll back the website changes part of YUNIKORN-1006
> >> [2] in PR [3] for the website.
> >>
> >> Wilfred
> >>
> >> [1] https://www.apache.org/security/
> >> [2] https://issues.apache.org/jira/browse/YUNIKORN-1006
> >> [3] https://github.com/apache/incubator-yunikorn-site/pull/105
> >>
> >> On Tue, 11 Jan 2022 at 04:45, Holden Karau <ho...@pigscanfly.ca>
> wrote:
> >> >
> >> > For "The project provides a well-documented, secure and private
> channel to report security issues, along with a documented way of
> responding to them.' the standard that I've seen used is to tell people to
> e-mail private@ when they think they might have a security related issue.
> I think that would probably work well for Yunikorn too.
> >> >
> >> >
> >> > On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
> chenyazhangchenya@gmail.com> wrote:
> >> >>
> >> >> Hi Weiwei,
> >> >>
> >> >> Thanks for driving this! The evaluation is quite comprehensive
> overall. I checked our Apache project maturity guidelines and noticed the
> below three items. Not sure if we already have them but they are not
> blockers to our graduation. We could think more about them along the way.
> >> >>
> >> >> QU30
> >> >>
> >> >> The project provides a well-documented, secure and private channel
> to report security issues, along with a documented way of responding to
> them.
> >> >>
> >> >> QU40
> >> >>
> >> >> The project puts a high priority on backwards compatibility and aims
> to document any incompatible changes and provide tools and documentation to
> help users transition to new features.
> >> >>
> >> >> CO50
> >> >>
> >> >> The project documents how contributors can earn more rights such as
> commit access or decision power, and applies these principles consistently.
> >> >>
> >> >>
> >> >> Thanks,
> >> >>
> >> >> Chenya
> >> >>
> >> >>
> >> >>
> >> >> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org>
> wrote:
> >> >>>
> >> >>> Hi YuniKorn community and mentors
> >> >>>
> >> >>> Based on the discussion thread [1], after 2 years time of
> incubating, it is
> >> >>> considered that now is a good time to graduate YuniKorn from the ASF
> >> >>> incubator and become a top-level Apache project. We have reviewed
> the ASF
> >> >>> project maturity model [2] and provided some assessment of the
> project's
> >> >>> maturity based on the guidelines. Details are included as the
> following.
> >> >>> Please read this and share your thoughts by replying to this email,
> your
> >> >>> feedback will be much appreciated!!!
> >> >>>
> >> >>> *Code, License, and Copyright*
> >> >>>
> >> >>> All code is maintained on github, under Apache 2.0 license. We have
> >> >>> reviewed all the dependencies and ensured they do not bring any
> license
> >> >>> issues. All the status files, license headers, and copyright are up
> to date.
> >> >>>
> >> >>> *Release*
> >> >>>
> >> >>> The community has released 5 releases in the past 2 years, i.e
> v0.8, v0.9,
> >> >>> v0.10, v0,11, and v0.12. These releases were done by 5 different
> release
> >> >>> managers [3] and indicate the community can create releases
> independently.
> >> >>> We have also a well-documented release process, automated tools to
> help new
> >> >>> release managers with the process.
> >> >>>
> >> >>> *Quality*
> >> >>>
> >> >>> The community has developed a comprehensive CI/CD pipeline as a
> guard of
> >> >>> the code quality. The pipeline runs per-commit license check,
> code-format
> >> >>> check, code-coverage check, UT, and end-to-end tests. All these are
> built
> >> >>> as automated github actions, new contributors can easily trigger
> and view
> >> >>> results when submitting patches.
> >> >>>
> >> >>> *Community*
> >> >>>
> >> >>> The community has developed an easy-to-read homepage for the
> project [4],
> >> >>> the website hosts all the materials related to the project including
> >> >>> versioned documentation, user docs, developer docs, design docs,
> >> >>> performance docs. It provides the top-level navigation to the
> software
> >> >>> download page, where links to all our previous releases. It also
> has the
> >> >>> pages for the new contributors on-boarding with the project, such
> as how to
> >> >>> join community meetings, events links, etc.
> >> >>>
> >> >>> The community shows appreciation to all contributors and welcomes
> all kinds
> >> >>> of contributions (not just for code). We have built an open, diverse
> >> >>> community and gathered many people to work together. With that, we
> have 41
> >> >>> unique code contributors and some non-code contributors as well.
> Many of
> >> >>> them have becoming to be committers and PPMC members while working
> with the
> >> >>> community. There were 2 new mentors, 8 new committers, 2 new PPMC
> from 6
> >> >>> different organizations [5] added in the incubating phase. And in
> total,
> >> >>> the project has 6 mentors, 21 PPMC, and 27 committers from at least
> 14
> >> >>> different organizations. Community collaboration was done in a
> wide-public,
> >> >>> open manner, we leverage regular bi-weekly/weekly community
> meetings for 2
> >> >>> different timezones [6] and dev/user slack channels, mailing lists
> for
> >> >>> offline discussions.
> >> >>>
> >> >>> *Independence*
> >> >>>
> >> >>> The project was initially donated by Cloudera, but with a diverse
> open
> >> >>> source community, it has been operated as an independent project
> since it
> >> >>> entered into ASF incubator. The committers and PPMC members are a
> group of
> >> >>> passionate people from at least 14 different organizations, such as
> >> >>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft,
> Snowflake, etc.
> >> >>> The project's success is not depending on any single entity.
> >> >>>
> >> >>> I have enough reasons to believe the project has done sustainable
> >> >>> development successfully in the Apache way. Again, please share your
> >> >>> thoughts, all YuniKorn contributors, committers, PPMC, and mentors.
> Thank
> >> >>> you!
> >> >>>
> >> >>> [1]
> https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
> >> >>> [2]
> >> >>>
> https://community.apache.org/apache-way/apache-project-maturity-model.html
> >> >>>
> >> >>> [3] https://yunikorn.apache.org/community/download
> >> >>> [4] https://yunikorn.apache.org/
> >> >>> [5] https://incubator.apache.org/projects/yunikorn.html
> >> >>>
> >> >>> [6]
> >> >>>
> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
> >> >
> >> >
> >> >
> >> > --
> >> > Twitter: https://twitter.com/holdenkarau
> >> > Books (Learning Spark, High Performance Spark, etc.):
> https://amzn.to/2MaRAG9
> >> > YouTube Live Streams: https://www.youtube.com/user/holdenkarau
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
> For additional commands, e-mail: dev-help@yunikorn.apache.org
>
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Wilfred Spiegelenburg <wi...@apache.org>]

None of the security lists mentioned in the security page [1] are
moderated. They are private lists, i.e. not openly available for
browsing in an archive, but not moderated. Using the private@ for
YuniKorn does not seem to line up with what other projects do either.
None of the recently graduated projects mention anything like using
the private@ mailing list on their sites. They all have just used the
general security link mentioned on their site unless they have a
specific security@ list. YuniKorn would be the one standing out from
what seems to be the norm.
Examples from the last 2 years of graduated projects using a simple
link or a text pointing to [1]: Pinot, Dolphinscheduler, Ratis,
Echarts, Gobblin, TVM, Superset and Datasketches. There are more but I
think this provides an overview of what is expected on graduation.

Wilfred

[1] https://www.apache.org/security/

On Tue, 11 Jan 2022 at 18:21, Weiwei Yang <ww...@apache.org> wrote:
>
> Hi Wilfred
>
> Adding a security@ mailing list sounds like a good idea, but I do not think that is required in the current stage.
> We can do that post-graduate. For now, the Apache security doc said
>
> > We strongly encourage you to report potential security vulnerabilities to one of our private security mailing lists first, before disclosing them in a public forum.
>
> I do not see any issue if we use our private@ mailing list for this purpose.
>
> On Mon, Jan 10, 2022 at 11:01 PM Wilfred Spiegelenburg <wi...@apache.org> wrote:
>>
>> The private@ is a moderated list. This has two issues: a moderator
>> needs to approve any message not sent by a PMC member. This will slow
>> down the process of interaction with the reporter. It would also not
>> reach the YuniKorn committers group as not all committers are part of
>> the PMC. Security issues should be handled and worked on by all
>> committers not just by the PMC members.
>>
>> The security notification update made to the website I think does not
>> line up with the security guidelines referenced in the link provided
>> in the dropdown menu of the YuniKorn site [1]. In that link there is a
>> well defined way to report security issues. If we need to enhance and
>> extend what we do we either establish a security@ mailing list and
>> provide a static page with security related information on our site or
>> we leave it as is. My preference would be to establish a security@
>> list and make all committers a member of that list.
>>
>> I think we need to roll back the website changes part of YUNIKORN-1006
>> [2] in PR [3] for the website.
>>
>> Wilfred
>>
>> [1] https://www.apache.org/security/
>> [2] https://issues.apache.org/jira/browse/YUNIKORN-1006
>> [3] https://github.com/apache/incubator-yunikorn-site/pull/105
>>
>> On Tue, 11 Jan 2022 at 04:45, Holden Karau <ho...@pigscanfly.ca> wrote:
>> >
>> > For "The project provides a well-documented, secure and private channel to report security issues, along with a documented way of responding to them.' the standard that I've seen used is to tell people to e-mail private@ when they think they might have a security related issue. I think that would probably work well for Yunikorn too.
>> >
>> >
>> > On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <ch...@gmail.com> wrote:
>> >>
>> >> Hi Weiwei,
>> >>
>> >> Thanks for driving this! The evaluation is quite comprehensive overall. I checked our Apache project maturity guidelines and noticed the below three items. Not sure if we already have them but they are not blockers to our graduation. We could think more about them along the way.
>> >>
>> >> QU30
>> >>
>> >> The project provides a well-documented, secure and private channel to report security issues, along with a documented way of responding to them.
>> >>
>> >> QU40
>> >>
>> >> The project puts a high priority on backwards compatibility and aims to document any incompatible changes and provide tools and documentation to help users transition to new features.
>> >>
>> >> CO50
>> >>
>> >> The project documents how contributors can earn more rights such as commit access or decision power, and applies these principles consistently.
>> >>
>> >>
>> >> Thanks,
>> >>
>> >> Chenya
>> >>
>> >>
>> >>
>> >> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org> wrote:
>> >>>
>> >>> Hi YuniKorn community and mentors
>> >>>
>> >>> Based on the discussion thread [1], after 2 years time of incubating, it is
>> >>> considered that now is a good time to graduate YuniKorn from the ASF
>> >>> incubator and become a top-level Apache project. We have reviewed the ASF
>> >>> project maturity model [2] and provided some assessment of the project's
>> >>> maturity based on the guidelines. Details are included as the following.
>> >>> Please read this and share your thoughts by replying to this email, your
>> >>> feedback will be much appreciated!!!
>> >>>
>> >>> *Code, License, and Copyright*
>> >>>
>> >>> All code is maintained on github, under Apache 2.0 license. We have
>> >>> reviewed all the dependencies and ensured they do not bring any license
>> >>> issues. All the status files, license headers, and copyright are up to date.
>> >>>
>> >>> *Release*
>> >>>
>> >>> The community has released 5 releases in the past 2 years, i.e v0.8, v0.9,
>> >>> v0.10, v0,11, and v0.12. These releases were done by 5 different release
>> >>> managers [3] and indicate the community can create releases independently.
>> >>> We have also a well-documented release process, automated tools to help new
>> >>> release managers with the process.
>> >>>
>> >>> *Quality*
>> >>>
>> >>> The community has developed a comprehensive CI/CD pipeline as a guard of
>> >>> the code quality. The pipeline runs per-commit license check, code-format
>> >>> check, code-coverage check, UT, and end-to-end tests. All these are built
>> >>> as automated github actions, new contributors can easily trigger and view
>> >>> results when submitting patches.
>> >>>
>> >>> *Community*
>> >>>
>> >>> The community has developed an easy-to-read homepage for the project [4],
>> >>> the website hosts all the materials related to the project including
>> >>> versioned documentation, user docs, developer docs, design docs,
>> >>> performance docs. It provides the top-level navigation to the software
>> >>> download page, where links to all our previous releases. It also has the
>> >>> pages for the new contributors on-boarding with the project, such as how to
>> >>> join community meetings, events links, etc.
>> >>>
>> >>> The community shows appreciation to all contributors and welcomes all kinds
>> >>> of contributions (not just for code). We have built an open, diverse
>> >>> community and gathered many people to work together. With that, we have 41
>> >>> unique code contributors and some non-code contributors as well. Many of
>> >>> them have becoming to be committers and PPMC members while working with the
>> >>> community. There were 2 new mentors, 8 new committers, 2 new PPMC from 6
>> >>> different organizations [5] added in the incubating phase. And in total,
>> >>> the project has 6 mentors, 21 PPMC, and 27 committers from at least 14
>> >>> different organizations. Community collaboration was done in a wide-public,
>> >>> open manner, we leverage regular bi-weekly/weekly community meetings for 2
>> >>> different timezones [6] and dev/user slack channels, mailing lists for
>> >>> offline discussions.
>> >>>
>> >>> *Independence*
>> >>>
>> >>> The project was initially donated by Cloudera, but with a diverse open
>> >>> source community, it has been operated as an independent project since it
>> >>> entered into ASF incubator. The committers and PPMC members are a group of
>> >>> passionate people from at least 14 different organizations, such as
>> >>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft, Snowflake, etc.
>> >>> The project's success is not depending on any single entity.
>> >>>
>> >>> I have enough reasons to believe the project has done sustainable
>> >>> development successfully in the Apache way. Again, please share your
>> >>> thoughts, all YuniKorn contributors, committers, PPMC, and mentors. Thank
>> >>> you!
>> >>>
>> >>> [1] https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
>> >>> [2]
>> >>> https://community.apache.org/apache-way/apache-project-maturity-model.html
>> >>>
>> >>> [3] https://yunikorn.apache.org/community/download
>> >>> [4] https://yunikorn.apache.org/
>> >>> [5] https://incubator.apache.org/projects/yunikorn.html
>> >>>
>> >>> [6]
>> >>> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
>> >
>> >
>> >
>> > --
>> > Twitter: https://twitter.com/holdenkarau
>> > Books (Learning Spark, High Performance Spark, etc.): https://amzn.to/2MaRAG9
>> > YouTube Live Streams: https://www.youtube.com/user/holdenkarau

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
For additional commands, e-mail: dev-help@yunikorn.apache.org

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Weiwei Yang <ww...@apache.org>]

Hi Wilfred

Adding a security@ mailing list sounds like a good idea, but I do not think
that is required in the current stage.
We can do that post-graduate. For now, the Apache security doc said

> We strongly encourage you to report potential security vulnerabilities to
one of our private security mailing lists first, before disclosing them in
a public forum.

I do not see any issue if we use our private@ mailing list for this purpose.

On Mon, Jan 10, 2022 at 11:01 PM Wilfred Spiegelenburg <wi...@apache.org>
wrote:

> The private@ is a moderated list. This has two issues: a moderator
> needs to approve any message not sent by a PMC member. This will slow
> down the process of interaction with the reporter. It would also not
> reach the YuniKorn committers group as not all committers are part of
> the PMC. Security issues should be handled and worked on by all
> committers not just by the PMC members.
>
> The security notification update made to the website I think does not
> line up with the security guidelines referenced in the link provided
> in the dropdown menu of the YuniKorn site [1]. In that link there is a
> well defined way to report security issues. If we need to enhance and
> extend what we do we either establish a security@ mailing list and
> provide a static page with security related information on our site or
> we leave it as is. My preference would be to establish a security@
> list and make all committers a member of that list.
>
> I think we need to roll back the website changes part of YUNIKORN-1006
> [2] in PR [3] for the website.
>
> Wilfred
>
> [1] https://www.apache.org/security/
> [2] https://issues.apache.org/jira/browse/YUNIKORN-1006
> [3] https://github.com/apache/incubator-yunikorn-site/pull/105
>
> On Tue, 11 Jan 2022 at 04:45, Holden Karau <ho...@pigscanfly.ca> wrote:
> >
> > For "The project provides a well-documented, secure and private channel
> to report security issues, along with a documented way of responding to
> them.' the standard that I've seen used is to tell people to e-mail private@
> when they think they might have a security related issue. I think that
> would probably work well for Yunikorn too.
> >
> >
> > On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <
> chenyazhangchenya@gmail.com> wrote:
> >>
> >> Hi Weiwei,
> >>
> >> Thanks for driving this! The evaluation is quite comprehensive overall.
> I checked our Apache project maturity guidelines and noticed the below
> three items. Not sure if we already have them but they are not blockers to
> our graduation. We could think more about them along the way.
> >>
> >> QU30
> >>
> >> The project provides a well-documented, secure and private channel to
> report security issues, along with a documented way of responding to them.
> >>
> >> QU40
> >>
> >> The project puts a high priority on backwards compatibility and aims to
> document any incompatible changes and provide tools and documentation to
> help users transition to new features.
> >>
> >> CO50
> >>
> >> The project documents how contributors can earn more rights such as
> commit access or decision power, and applies these principles consistently.
> >>
> >>
> >> Thanks,
> >>
> >> Chenya
> >>
> >>
> >>
> >> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org> wrote:
> >>>
> >>> Hi YuniKorn community and mentors
> >>>
> >>> Based on the discussion thread [1], after 2 years time of incubating,
> it is
> >>> considered that now is a good time to graduate YuniKorn from the ASF
> >>> incubator and become a top-level Apache project. We have reviewed the
> ASF
> >>> project maturity model [2] and provided some assessment of the
> project's
> >>> maturity based on the guidelines. Details are included as the
> following.
> >>> Please read this and share your thoughts by replying to this email,
> your
> >>> feedback will be much appreciated!!!
> >>>
> >>> *Code, License, and Copyright*
> >>>
> >>> All code is maintained on github, under Apache 2.0 license. We have
> >>> reviewed all the dependencies and ensured they do not bring any license
> >>> issues. All the status files, license headers, and copyright are up to
> date.
> >>>
> >>> *Release*
> >>>
> >>> The community has released 5 releases in the past 2 years, i.e v0.8,
> v0.9,
> >>> v0.10, v0,11, and v0.12. These releases were done by 5 different
> release
> >>> managers [3] and indicate the community can create releases
> independently.
> >>> We have also a well-documented release process, automated tools to
> help new
> >>> release managers with the process.
> >>>
> >>> *Quality*
> >>>
> >>> The community has developed a comprehensive CI/CD pipeline as a guard
> of
> >>> the code quality. The pipeline runs per-commit license check,
> code-format
> >>> check, code-coverage check, UT, and end-to-end tests. All these are
> built
> >>> as automated github actions, new contributors can easily trigger and
> view
> >>> results when submitting patches.
> >>>
> >>> *Community*
> >>>
> >>> The community has developed an easy-to-read homepage for the project
> [4],
> >>> the website hosts all the materials related to the project including
> >>> versioned documentation, user docs, developer docs, design docs,
> >>> performance docs. It provides the top-level navigation to the software
> >>> download page, where links to all our previous releases. It also has
> the
> >>> pages for the new contributors on-boarding with the project, such as
> how to
> >>> join community meetings, events links, etc.
> >>>
> >>> The community shows appreciation to all contributors and welcomes all
> kinds
> >>> of contributions (not just for code). We have built an open, diverse
> >>> community and gathered many people to work together. With that, we
> have 41
> >>> unique code contributors and some non-code contributors as well. Many
> of
> >>> them have becoming to be committers and PPMC members while working
> with the
> >>> community. There were 2 new mentors, 8 new committers, 2 new PPMC from
> 6
> >>> different organizations [5] added in the incubating phase. And in
> total,
> >>> the project has 6 mentors, 21 PPMC, and 27 committers from at least 14
> >>> different organizations. Community collaboration was done in a
> wide-public,
> >>> open manner, we leverage regular bi-weekly/weekly community meetings
> for 2
> >>> different timezones [6] and dev/user slack channels, mailing lists for
> >>> offline discussions.
> >>>
> >>> *Independence*
> >>>
> >>> The project was initially donated by Cloudera, but with a diverse open
> >>> source community, it has been operated as an independent project since
> it
> >>> entered into ASF incubator. The committers and PPMC members are a
> group of
> >>> passionate people from at least 14 different organizations, such as
> >>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft, Snowflake,
> etc.
> >>> The project's success is not depending on any single entity.
> >>>
> >>> I have enough reasons to believe the project has done sustainable
> >>> development successfully in the Apache way. Again, please share your
> >>> thoughts, all YuniKorn contributors, committers, PPMC, and mentors.
> Thank
> >>> you!
> >>>
> >>> [1] https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
> >>> [2]
> >>>
> https://community.apache.org/apache-way/apache-project-maturity-model.html
> >>>
> >>> [3] https://yunikorn.apache.org/community/download
> >>> [4] https://yunikorn.apache.org/
> >>> [5] https://incubator.apache.org/projects/yunikorn.html
> >>>
> >>> [6]
> >>>
> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
> >
> >
> >
> > --
> > Twitter: https://twitter.com/holdenkarau
> > Books (Learning Spark, High Performance Spark, etc.):
> https://amzn.to/2MaRAG9
> > YouTube Live Streams: https://www.youtube.com/user/holdenkarau
>

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Wilfred Spiegelenburg <wi...@apache.org>]

The private@ is a moderated list. This has two issues: a moderator
needs to approve any message not sent by a PMC member. This will slow
down the process of interaction with the reporter. It would also not
reach the YuniKorn committers group as not all committers are part of
the PMC. Security issues should be handled and worked on by all
committers not just by the PMC members.

The security notification update made to the website I think does not
line up with the security guidelines referenced in the link provided
in the dropdown menu of the YuniKorn site [1]. In that link there is a
well defined way to report security issues. If we need to enhance and
extend what we do we either establish a security@ mailing list and
provide a static page with security related information on our site or
we leave it as is. My preference would be to establish a security@
list and make all committers a member of that list.

I think we need to roll back the website changes part of YUNIKORN-1006
[2] in PR [3] for the website.

Wilfred

[1] https://www.apache.org/security/
[2] https://issues.apache.org/jira/browse/YUNIKORN-1006
[3] https://github.com/apache/incubator-yunikorn-site/pull/105

On Tue, 11 Jan 2022 at 04:45, Holden Karau <ho...@pigscanfly.ca> wrote:
>
> For "The project provides a well-documented, secure and private channel to report security issues, along with a documented way of responding to them.' the standard that I've seen used is to tell people to e-mail private@ when they think they might have a security related issue. I think that would probably work well for Yunikorn too.
>
>
> On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <ch...@gmail.com> wrote:
>>
>> Hi Weiwei,
>>
>> Thanks for driving this! The evaluation is quite comprehensive overall. I checked our Apache project maturity guidelines and noticed the below three items. Not sure if we already have them but they are not blockers to our graduation. We could think more about them along the way.
>>
>> QU30
>>
>> The project provides a well-documented, secure and private channel to report security issues, along with a documented way of responding to them.
>>
>> QU40
>>
>> The project puts a high priority on backwards compatibility and aims to document any incompatible changes and provide tools and documentation to help users transition to new features.
>>
>> CO50
>>
>> The project documents how contributors can earn more rights such as commit access or decision power, and applies these principles consistently.
>>
>>
>> Thanks,
>>
>> Chenya
>>
>>
>>
>> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org> wrote:
>>>
>>> Hi YuniKorn community and mentors
>>>
>>> Based on the discussion thread [1], after 2 years time of incubating, it is
>>> considered that now is a good time to graduate YuniKorn from the ASF
>>> incubator and become a top-level Apache project. We have reviewed the ASF
>>> project maturity model [2] and provided some assessment of the project's
>>> maturity based on the guidelines. Details are included as the following.
>>> Please read this and share your thoughts by replying to this email, your
>>> feedback will be much appreciated!!!
>>>
>>> *Code, License, and Copyright*
>>>
>>> All code is maintained on github, under Apache 2.0 license. We have
>>> reviewed all the dependencies and ensured they do not bring any license
>>> issues. All the status files, license headers, and copyright are up to date.
>>>
>>> *Release*
>>>
>>> The community has released 5 releases in the past 2 years, i.e v0.8, v0.9,
>>> v0.10, v0,11, and v0.12. These releases were done by 5 different release
>>> managers [3] and indicate the community can create releases independently.
>>> We have also a well-documented release process, automated tools to help new
>>> release managers with the process.
>>>
>>> *Quality*
>>>
>>> The community has developed a comprehensive CI/CD pipeline as a guard of
>>> the code quality. The pipeline runs per-commit license check, code-format
>>> check, code-coverage check, UT, and end-to-end tests. All these are built
>>> as automated github actions, new contributors can easily trigger and view
>>> results when submitting patches.
>>>
>>> *Community*
>>>
>>> The community has developed an easy-to-read homepage for the project [4],
>>> the website hosts all the materials related to the project including
>>> versioned documentation, user docs, developer docs, design docs,
>>> performance docs. It provides the top-level navigation to the software
>>> download page, where links to all our previous releases. It also has the
>>> pages for the new contributors on-boarding with the project, such as how to
>>> join community meetings, events links, etc.
>>>
>>> The community shows appreciation to all contributors and welcomes all kinds
>>> of contributions (not just for code). We have built an open, diverse
>>> community and gathered many people to work together. With that, we have 41
>>> unique code contributors and some non-code contributors as well. Many of
>>> them have becoming to be committers and PPMC members while working with the
>>> community. There were 2 new mentors, 8 new committers, 2 new PPMC from 6
>>> different organizations [5] added in the incubating phase. And in total,
>>> the project has 6 mentors, 21 PPMC, and 27 committers from at least 14
>>> different organizations. Community collaboration was done in a wide-public,
>>> open manner, we leverage regular bi-weekly/weekly community meetings for 2
>>> different timezones [6] and dev/user slack channels, mailing lists for
>>> offline discussions.
>>>
>>> *Independence*
>>>
>>> The project was initially donated by Cloudera, but with a diverse open
>>> source community, it has been operated as an independent project since it
>>> entered into ASF incubator. The committers and PPMC members are a group of
>>> passionate people from at least 14 different organizations, such as
>>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft, Snowflake, etc.
>>> The project's success is not depending on any single entity.
>>>
>>> I have enough reasons to believe the project has done sustainable
>>> development successfully in the Apache way. Again, please share your
>>> thoughts, all YuniKorn contributors, committers, PPMC, and mentors. Thank
>>> you!
>>>
>>> [1] https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
>>> [2]
>>> https://community.apache.org/apache-way/apache-project-maturity-model.html
>>>
>>> [3] https://yunikorn.apache.org/community/download
>>> [4] https://yunikorn.apache.org/
>>> [5] https://incubator.apache.org/projects/yunikorn.html
>>>
>>> [6]
>>> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
>
>
>
> --
> Twitter: https://twitter.com/holdenkarau
> Books (Learning Spark, High Performance Spark, etc.): https://amzn.to/2MaRAG9
> YouTube Live Streams: https://www.youtube.com/user/holdenkarau

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@yunikorn.apache.org
For additional commands, e-mail: dev-help@yunikorn.apache.org

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Holden Karau <ho...@pigscanfly.ca>]

For "The project provides a well-documented, secure and private channel to
report security issues, along with a documented way of responding to them.'
the standard that I've seen used is to tell people to e-mail private@ when
they think they might have a security related issue. I think that would
probably work well for Yunikorn too.


On Mon, Jan 10, 2022 at 7:04 AM Chenya Zhang <ch...@gmail.com>
wrote:

> Hi Weiwei,
>
> Thanks for driving this! The evaluation is quite comprehensive overall. I
> checked our Apache project maturity guidelines and noticed the below three
> items. Not sure if we already have them but they are not blockers to our
> graduation. We could think more about them along the way.
>
> QU30
>
> The project provides a well-documented, secure and private channel to
> report security issues, along with a documented way of responding to them.
>
> QU40
>
> The project puts a high priority on backwards compatibility and aims to
> document any incompatible changes and provide tools and documentation to
> help users transition to new features.
>
> CO50
>
> The project documents how contributors can earn more rights such as commit
> access or decision power, and applies these principles consistently.
>
>
> Thanks,
>
> Chenya
>
>
>
> On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org> wrote:
>
>> Hi YuniKorn community and mentors
>>
>> Based on the discussion thread [1], after 2 years time of incubating, it
>> is
>> considered that now is a good time to graduate YuniKorn from the ASF
>> incubator and become a top-level Apache project. We have reviewed the ASF
>> project maturity model [2] and provided some assessment of the project's
>> maturity based on the guidelines. Details are included as the following.
>> Please read this and share your thoughts by replying to this email, your
>> feedback will be much appreciated!!!
>>
>> *Code, License, and Copyright*
>>
>> All code is maintained on github, under Apache 2.0 license. We have
>> reviewed all the dependencies and ensured they do not bring any license
>> issues. All the status files, license headers, and copyright are up to
>> date.
>>
>> *Release*
>>
>> The community has released 5 releases in the past 2 years, i.e v0.8, v0.9,
>> v0.10, v0,11, and v0.12. These releases were done by 5 different release
>> managers [3] and indicate the community can create releases independently.
>> We have also a well-documented release process, automated tools to help
>> new
>> release managers with the process.
>>
>> *Quality*
>>
>> The community has developed a comprehensive CI/CD pipeline as a guard of
>> the code quality. The pipeline runs per-commit license check, code-format
>> check, code-coverage check, UT, and end-to-end tests. All these are built
>> as automated github actions, new contributors can easily trigger and view
>> results when submitting patches.
>>
>> *Community*
>>
>> The community has developed an easy-to-read homepage for the project [4],
>> the website hosts all the materials related to the project including
>> versioned documentation, user docs, developer docs, design docs,
>> performance docs. It provides the top-level navigation to the software
>> download page, where links to all our previous releases. It also has the
>> pages for the new contributors on-boarding with the project, such as how
>> to
>> join community meetings, events links, etc.
>>
>> The community shows appreciation to all contributors and welcomes all
>> kinds
>> of contributions (not just for code). We have built an open, diverse
>> community and gathered many people to work together. With that, we have 41
>> unique code contributors and some non-code contributors as well. Many of
>> them have becoming to be committers and PPMC members while working with
>> the
>> community. There were 2 new mentors, 8 new committers, 2 new PPMC from 6
>> different organizations [5] added in the incubating phase. And in total,
>> the project has 6 mentors, 21 PPMC, and 27 committers from at least 14
>> different organizations. Community collaboration was done in a
>> wide-public,
>> open manner, we leverage regular bi-weekly/weekly community meetings for 2
>> different timezones [6] and dev/user slack channels, mailing lists for
>> offline discussions.
>>
>> *Independence*
>>
>> The project was initially donated by Cloudera, but with a diverse open
>> source community, it has been operated as an independent project since it
>> entered into ASF incubator. The committers and PPMC members are a group of
>> passionate people from at least 14 different organizations, such as
>> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft, Snowflake, etc.
>> The project's success is not depending on any single entity.
>>
>> I have enough reasons to believe the project has done sustainable
>> development successfully in the Apache way. Again, please share your
>> thoughts, all YuniKorn contributors, committers, PPMC, and mentors. Thank
>> you!
>>
>> [1] https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
>> [2]
>> https://community.apache.org/apache-way/apache-project-maturity-model.html
>>
>> [3] https://yunikorn.apache.org/community/download
>> [4] https://yunikorn.apache.org/
>> [5] https://incubator.apache.org/projects/yunikorn.html
>>
>> [6]
>>
>> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
>>
>

-- 
Twitter: https://twitter.com/holdenkarau
Books (Learning Spark, High Performance Spark, etc.):
https://amzn.to/2MaRAG9  <https://amzn.to/2MaRAG9>
YouTube Live Streams: https://www.youtube.com/user/holdenkarau

Re: Apache YuniKorn (Incubating) - Community Graduation Vote

[Chenya Zhang <ch...@gmail.com>]

Hi Weiwei,

Thanks for driving this! The evaluation is quite comprehensive overall. I
checked our Apache project maturity guidelines and noticed the below three
items. Not sure if we already have them but they are not blockers to our
graduation. We could think more about them along the way.

QU30

The project provides a well-documented, secure and private channel to
report security issues, along with a documented way of responding to them.

QU40

The project puts a high priority on backwards compatibility and aims to
document any incompatible changes and provide tools and documentation to
help users transition to new features.

CO50

The project documents how contributors can earn more rights such as commit
access or decision power, and applies these principles consistently.


Thanks,

Chenya



On Mon, Jan 10, 2022 at 12:00 AM Weiwei Yang <ww...@apache.org> wrote:

> Hi YuniKorn community and mentors
>
> Based on the discussion thread [1], after 2 years time of incubating, it is
> considered that now is a good time to graduate YuniKorn from the ASF
> incubator and become a top-level Apache project. We have reviewed the ASF
> project maturity model [2] and provided some assessment of the project's
> maturity based on the guidelines. Details are included as the following.
> Please read this and share your thoughts by replying to this email, your
> feedback will be much appreciated!!!
>
> *Code, License, and Copyright*
>
> All code is maintained on github, under Apache 2.0 license. We have
> reviewed all the dependencies and ensured they do not bring any license
> issues. All the status files, license headers, and copyright are up to
> date.
>
> *Release*
>
> The community has released 5 releases in the past 2 years, i.e v0.8, v0.9,
> v0.10, v0,11, and v0.12. These releases were done by 5 different release
> managers [3] and indicate the community can create releases independently.
> We have also a well-documented release process, automated tools to help new
> release managers with the process.
>
> *Quality*
>
> The community has developed a comprehensive CI/CD pipeline as a guard of
> the code quality. The pipeline runs per-commit license check, code-format
> check, code-coverage check, UT, and end-to-end tests. All these are built
> as automated github actions, new contributors can easily trigger and view
> results when submitting patches.
>
> *Community*
>
> The community has developed an easy-to-read homepage for the project [4],
> the website hosts all the materials related to the project including
> versioned documentation, user docs, developer docs, design docs,
> performance docs. It provides the top-level navigation to the software
> download page, where links to all our previous releases. It also has the
> pages for the new contributors on-boarding with the project, such as how to
> join community meetings, events links, etc.
>
> The community shows appreciation to all contributors and welcomes all kinds
> of contributions (not just for code). We have built an open, diverse
> community and gathered many people to work together. With that, we have 41
> unique code contributors and some non-code contributors as well. Many of
> them have becoming to be committers and PPMC members while working with the
> community. There were 2 new mentors, 8 new committers, 2 new PPMC from 6
> different organizations [5] added in the incubating phase. And in total,
> the project has 6 mentors, 21 PPMC, and 27 committers from at least 14
> different organizations. Community collaboration was done in a wide-public,
> open manner, we leverage regular bi-weekly/weekly community meetings for 2
> different timezones [6] and dev/user slack channels, mailing lists for
> offline discussions.
>
> *Independence*
>
> The project was initially donated by Cloudera, but with a diverse open
> source community, it has been operated as an independent project since it
> entered into ASF incubator. The committers and PPMC members are a group of
> passionate people from at least 14 different organizations, such as
> Alibaba, Apple, Cloudera, Databricks, LinkedIn, Microsoft, Snowflake, etc.
> The project's success is not depending on any single entity.
>
> I have enough reasons to believe the project has done sustainable
> development successfully in the Apache way. Again, please share your
> thoughts, all YuniKorn contributors, committers, PPMC, and mentors. Thank
> you!
>
> [1] https://lists.apache.org/thread/dno411y59g2pcy1d3kd7s3kdjz9jw65n
> [2]
> https://community.apache.org/apache-way/apache-project-maturity-model.html
>
> [3] https://yunikorn.apache.org/community/download
> [4] https://yunikorn.apache.org/
> [5] https://incubator.apache.org/projects/yunikorn.html
>
> [6]
>
> https://docs.google.com/document/d/165gzC7uhcKc5XDWiMYSRKBiPQBy2tDtXADUPuhGlUa0
>