Dear Apache Geode Developer Community, A ticket has been created to track your feedback and ideas: GEODE-10467, https://issues.apache.org/jira/browse/GEODE-10467
We’d like to extend special thanks to Kishor, Leon and Charlie for their candid and constructive insights. We welcome further thoughts from the community on these topics. Whether it’s Java, Jetty, support for Lucene’s evolution, Spring integration strategy, or simplifying legacy features, your input is essential to shaping Geode’s future. Best regards, Jinwoo Hwang (he/him/his) SAS® Research and Development http://JinwooHwang.com<http://jinwoohwang.com/> From: Charlie Black <[email protected]> Date: Saturday, September 20, 2025 at 12:03 AM To: [email protected] <[email protected]> Subject: Re: [DISCUSS] Proposal for Apache Geode 2.0.0 – Call for Community Input and Reviewers EXTERNAL Long time Geode user here. For Spring, the community is set to release Spring 7 in November 2025. It may make sense to skip Spring 6 and move directly to 7. I know that updating Lucene was blocked in earlier Geode versions because of the need to maintain Java 8 compatibility. Unless someone in the community is willing to take on completing Lucene indexing, I’d recommend removing it entirely to simplify the codebase. The feature was never really finished. HOWEVER - One item that is cool about Lucene was the ability for nearest neighbor queries, so if we want to make Geode into a vector store I am pretty sure we can use that Lucene indexing feature. This would very much like how elastic search can support AI use cases. KNN indexing was introduced in Lucene 9 which requires JDK 11. My current usage of Geode just revolves around the core - gets, puts and listeners - I am not sure I would pick up finishing Lucene myself. Another candidate I would suggest for removal is off-heap memory. While it was an interesting feature, it’s difficult for operations teams to monitor effectively. With modern JVMs and pause-less garbage collectors like ZGC, its original purpose of making large heaps manageable under CMS GC is no longer relevant. Charlie On Fri, Sep 19, 2025 at 12:08 PM Jinwoo Hwang <[email protected]> wrote: > Hi Leon, > > You’ve raised a very valid concern, and I appreciate you taking the time > to review the pull request as well. > > Given the age of those libraries, we would probably need to move forward > with upgrading Jetty to 12 and Lucene to 9. It’s worth evaluating whether > those modules are still essential or if deprecation is the more sustainable > path. > > Thanks again for your thoughtful input. > > > Best regards, > > Jinwoo Hwang (he/him/his) > > > > SAS® Research and Development > > https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fprotect.checkpoint.com%2Fv2%2Fr01%2F___http%3A%2F%2FJinwooHwang.com___.YzJ1OnNhc2luc3RpdHV0ZTpjOm86MmY2OWQxYWQ1OGIwZGE5ZDI1MzA0MDhkNmMxNmJlMDA6NzozMjY1OjZmNGViMzQyNzQ4NWFkZmQ3ODJkNWRmNDkyYWMwMTI2ZGY1ZTA2ZTMyZDAzZDUxZjg1ZjEyODA2ZTA2MmI0NDQ6cDpUOk4&data=05%7C02%7CJinwoo.Hwang%40sas.com%7C38a200b6a1ad41647d1408ddf7faad46%7Cb1c14d5c362545b3a4309552373a0c2f%7C0%7C0%7C638939378217946375%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=Bi4gZ52PbEyqK%2BXP%2Bzuu%2BLdq38O6MVSQwNorZc9WAAg%3D&reserved=0<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fprotect.checkpoint.com%2Fv2%2Fr01%2F___http%3A%2F%2Fjinwoohwang.com%2F___.YzJ1OnNhc2luc3RpdHV0ZTpjOm86MmY2OWQxYWQ1OGIwZGE5ZDI1MzA0MDhkNmMxNmJlMDA6NzpiMWNlOjQ3MjcxYmYyMTA3YjE5YjU1MWI1NDFlODNmYjU2ZDgyNjc5YWU0MjUwOGNhODljMDM3YjBjYmIwZjM4ZmE2NmE6cDpUOk4&data=05%7C02%7CJinwoo.Hwang%40sas.com%7C38a200b6a1ad41647d1408ddf7faad46%7Cb1c14d5c362545b3a4309552373a0c2f%7C0%7C0%7C638939378217958464%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=OQ9b1RNznLD7L8RWdyoLU8Qnge3XqUBY31XBn9DBo0E%3D&reserved=0><https://protect.checkpoint.com/v2/r01/___http://JinwooHwang.com___.YzJ1OnNhc2luc3RpdHV0ZTpjOm86MmY2OWQxYWQ1OGIwZGE5ZDI1MzA0MDhkNmMxNmJlMDA6NzozMjY1OjZmNGViMzQyNzQ4NWFkZmQ3ODJkNWRmNDkyYWMwMTI2ZGY1ZTA2ZTMyZDAzZDUxZjg1ZjEyODA2ZTA2MmI0NDQ6cDpUOk4> > > > > From: Leon Finker <[email protected]> > Date: Friday, September 19, 2025 at 2:49 PM > To: [email protected] <[email protected]> > Subject: Re: [DISCUSS] Proposal for Apache Geode 2.0.0 – Call for > Community Input and Reviewers > > EXTERNAL > > Hi Jinwoo, > > Thanks to everyone for picking up the geode and moving forward! > > I want to mention a few other major libraries that are left behind on EOL > versions now: Jetty and Lucene (6 years old). Not sure if they are even > needed and maybe those modules should be deprecated if there is no interest > in maintaining them. > > On Fri, Sep 19, 2025 at 7:29 AM Jinwoo Hwang <[email protected]> wrote: > > > Dear Apache Geode Developer Community, > > > > Thank you for your continued support in delivering version 1.15.2. After > a > > three-year hiatus, this milestone reflects the resilience and > collaboration > > that define our community. Special appreciation to Niall for resolving > the > > SVN permission issue—the last mile to our finish line. > > Now that we are almost at the finish line, let’s not slow down—let’s > > accelerate. > > > > I would like to propose Apache Geode 2.0.0, a major modernization effort > > that positions the project for long-term sustainability, stronger > security, > > and better developer experience. Below is a draft roadmap of proposed > > upgrades—each representing a significant leap forward: > > > > > > > > *Proposed Upgrades for Apache Geode 2.0.0* > > *Upgrade Java Runtime from 1.8 to 17* > > > > - Addresses numerous known vulnerabilities reported since 2019. > > - Brings performance improvements and modern language features. > > - Aligns with long-term support (LTS) standards. > > > > *Upgrade Spring Framework to Version 6* > > > > - Resolves numerous CVEs that have been reported in prior versions. > > While we cannot confirm whether Apache Geode is directly affected, > > upgrading is a proactive step toward minimizing exposure. > > - Aligns with Java 17 and Jakarta EE 9. > > - Introduces cleaner APIs and reactive programming support. > > > > *Upgrade Spring Security to Version 6* > > > > - Addresses several high-severity vulnerabilities. Again, while we > > cannot confirm Geode’s exposure, upgrading ensures alignment with > > current > > security best practices. > > - Simplifies configuration with SecurityFilterChain. > > - Aligns with Jakarta EE 9 and modern security practices. > > - Offers a zero-known-vulnerability baseline in current releases. > > > > *Migrate from Java EE to Jakarta EE 9* > > > > - Required for Java 17+ compatibility. > > - Provides updated specifications and active community support. > > > > *Update Build Configuration for Java 17 Compatibility* > > > > - Upgrade Gradle Version 6 to 7.3.3 to Support Java 17 Tool Chain. > > - Enables consistent builds across environments. > > - Improves build performance and dependency resolution. > > - Aligns with modern standards and mitigates known risks. > > > > *Remediation of any undisclosed security vulnerabilities* > > > > > > These are not just technical upgrades—they are strategic investments in > the > > future of Apache Geode. They will help us stay relevant, secure, and > > performant in a rapidly evolving ecosystem. > > > > To make this vision a reality, we need your help. This release is already > > generating excitement—so much so that I’ve been personally contacted by > > individuals asking how they can contribute to the Geode community. That > > kind of energy is rare, and we’d be remiss not to harness it. > > > > We’re looking for: > > > > - Feedback to make this roadmap more comprehensive and aligned with > > community needs. > > - Volunteers to help review pull requests as we finalize these > changes. > > - Contributors interested in shaping the future of Apache Geode > through > > code, documentation, testing, and ideas. > > > > > > Whether you’re a long-time committer or a new contributor, your > > participation will be instrumental in making Apache Geode 2.0.0 a > reality. > > Let’s build the future of Geode, together—with clarity, purpose, and > > momentum. > > > > Best regards, > > Jinwoo Hwang (he/him/his) > > > > SAS® Research and Development > > > https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fprotect.checkpoint.com%2Fv2%2Fr01%2F___http%3A%2F%2FJinwooHwang.com___.YzJ1OnNhc2luc3RpdHV0ZTpjOm86YzAzMjljOWVhOTkxMGJhN2U5YjcyODFkMDk5ZGJkZGQ6Nzo3N2M5OmYwYjgxYzIwNWUxZjM1NDFjNDZhZTk5YzhmZWMwMzZlN2ExODJjNmM4NjUwZWU2MTgzNDU5NDM2ZTAxYmQyMjE6cDpUOk4&data=05%7C02%7CJinwoo.Hwang%40sas.com%7C38a200b6a1ad41647d1408ddf7faad46%7Cb1c14d5c362545b3a4309552373a0c2f%7C0%7C0%7C638939378217965573%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=LCsXyXF0C5SuDxlptjjXABIxDoCNjv%2BdygC8zvNsv%2Bw%3D&reserved=0<https://protect.checkpoint.com/v2/r01/___http://JinwooHwang.com___.YzJ1OnNhc2luc3RpdHV0ZTpjOm86YzAzMjljOWVhOTkxMGJhN2U5YjcyODFkMDk5ZGJkZGQ6Nzo3N2M5OmYwYjgxYzIwNWUxZjM1NDFjNDZhZTk5YzhmZWMwMzZlN2ExODJjNmM4NjUwZWU2MTgzNDU5NDM2ZTAxYmQyMjE6cDpUOk4> > < > https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fprotect.checkpoint.com%2Fv2%2Fr01%2F___http%3A%2F%2FJinwooHwang.com___.YzJ1OnNhc2luc3RpdHV0ZTpjOm86YzAzMjljOWVhOTkxMGJhN2U5YjcyODFkMDk5ZGJkZGQ6Nzo3N2M5OmYwYjgxYzIwNWUxZjM1NDFjNDZhZTk5YzhmZWMwMzZlN2ExODJjNmM4NjUwZWU2MTgzNDU5NDM2ZTAxYmQyMjE6cDpUOk4&data=05%7C02%7CJinwoo.Hwang%40sas.com%7C38a200b6a1ad41647d1408ddf7faad46%7Cb1c14d5c362545b3a4309552373a0c2f%7C0%7C0%7C638939378217972037%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=axbugcy6LXBEwUq5k5MSdpF%2FEslTov3F8eAuyzbjxow%3D&reserved=0<https://protect.checkpoint.com/v2/r01/___http://JinwooHwang.com___.YzJ1OnNhc2luc3RpdHV0ZTpjOm86YzAzMjljOWVhOTkxMGJhN2U5YjcyODFkMDk5ZGJkZGQ6Nzo3N2M5OmYwYjgxYzIwNWUxZjM1NDFjNDZhZTk5YzhmZWMwMzZlN2ExODJjNmM4NjUwZWU2MTgzNDU5NDM2ZTAxYmQyMjE6cDpUOk4> > > > > >
