You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by Bryan Pendleton <bp...@gmail.com> on 2023/01/11 13:51:41 UTC

[INFO] DB Report for January, 2023

Below is the quarterly report I submitted to the board.

Thank you to all the project communities for the feedback
about project status and activities, much appreciated!

thanks,

bryan

## Description:
The mission of the Apache DB project is to create and maintain
commercial-quality, open-source, database solutions based on software licensed
to the Foundation, for distribution at no charge to the public.

The Apache DB TLP consists of the following subprojects:
 o Derby    : a relational database implemented entirely in Java.
 o JDO      : focused on building the API and the TCK for compatibility
              testing of Java Data Object implementations providing data
              persistence.
 o Torque   : an object-relational mapper for Java.

## Issues:
There are no issues requiring board attention.

## Membership Data:
Apache DB was founded 2002-07-16 (20 years ago)
There are currently 47 committers and 44 PMC members in this project.
The Committer-to-PMC ratio is roughly 1:1.

Community changes, past quarter:
- No new PMC members. Last addition was Georg Kallidis on 2020-08-26.
- No new committers. Last addition was Tobias Bouschen on 2021-01-19.

## Project Activity:
Recent releases:

- Derby-10.16.1.1 was released on 2022-06-15.
- JDO 3.2.1 was released on 2022-05-25.
- JDO 3.2 was released on 2022-02-01.
- Torque 5.1 was released on 2022-01-31.

- The Derby community received a security vulnerability report
and have addressed it; it is tracked as CVE-2022-46337. The
fix in already in the source tree and will be delivered with
Derby's next release, which is not yet scheduled.
- The Derby community have also been testing with new builds
of the upcoming JDK 20; Derby's testing processes may have
found a bug in one of the JDK 20 features as a result which
is good.

- The JDO community evaluated the Derby vulnerability
report to see if it applied to JDO's use of Derby; no JDO
vulnerability was found as a result.
- The JDO community are working on moving from JDK 8 to JDK 11,
which will be a significant change and require a new 3.3
release, which is not yet scheduled.
- The JDO community are working on improving code quality via
feedback solicited from a code analysis tool called SonarCloud.
SonarCloud itself is not open source but is free to analyze
open source projects. A number of issues reported by the tool
have been merged to the main branch and several others are
currently being worked.

- The Torque community have completed source modifications
to move from JDK 8 to JDK 11. The changes are anticipated
to be delivered as a new release 5.2, which is not yet
scheduled.

## Community Health:
Community health seems good across the project. All the
mailing lists were at typical levels, and source contributions
and fixes have been proceeding at a normal pace. All the
project repositories are in a development stage trying to
work toward future releases.