Apache Ignite 2.8 RELEASE [Time, Scope, Manager]

Thu, 09 Jan 2020 23:25:35 -0800 


Agree with Nikolay, -1 from me, too.
 
>Hello, Igniters.
>
>I’m -1 to include the read-only patch to 2.8.
>I think we shouldn’t accept any patches to 2.8 except bug fixes for blockers 
>and major issues.
>
>Guys, we don’t release Apache Ignite for 13 months!
>We should focus on the release and make it ASAP.
>
>We can’t extend the scope anymore.
> 
>> 10 янв. 2020 г., в 04:29, Sergey Antonov < antonovserge...@gmail.com > 
>> написал(а):
>>
>> Hello, Maxim!
>>
>>> This PR [2] doesn't look a very simple +5,517 −2,038, 111 files
>> changed.
>> Yes, PR is huge, but I wrote a lot of new tests and reworked already
>> presented. Changes in product code are minimal - only 30 changed files in
>> /src/main/ part. And most of them are new control.sh commands and
>> configuration.
>>
>>> Do we have customer requests for this feature or maybe users who are
>> waiting for exactly that ENUM values exactly in 2.8 release (not the 2.8.1
>> for instance)?
>> Can we introduce in new features in maintanance release (2.8.1)? Cluster
>> read-only mode will be new feature, if we remove IgniteCluster#readOnly in
>> 2.8 release. If all ok with that, lets remove IgniteCluster#readOnly and
>> move ticket [1] to 2.8.1 release.
>>
>>> Do we have extended test results report (on just only TC.Bot green visa)
>> on this feature to be sure that we will not add any blocker issues to the
>> release?
>> I'm preparing patch for 2.8 release and I will get new TC Bot visa vs
>> release branch.
>>
>> [1]  https://issues.apache.org/jira/browse/IGNITE-12225
>>
>>
>>
>> чт, 9 янв. 2020 г. в 19:38, Maxim Muzafarov < mmu...@apache.org >:
>>
>>> Folks,
>>>
>>>
>>> Let me remind you that we are working on the 2.8 release branch
>>> stabilization currently (please, keep it in mind).
>>>
>>>
>>> Do we have a really STRONG reason for adding such a change [1] to the
>>> ignite-2.8 branch? This PR [2] doesn't look a very simple +5,517
>>> −2,038, 111 files changed.
>>> Do we have customer requests for this feature or maybe users who are
>>> waiting for exactly that ENUM values exactly in 2.8 release (not the
>>> 2.8.1 for instance)?
>>> Can we just simply remove IgniteCluster#readOnly to eliminate any
>>> backward compatibility issues between 2.8 and 2.9 releases?
>>> Do we have extended test results report (on just only TC.Bot green
>>> visa) on this feature to be sure that we will not add any blocker
>>> issues to the release? For instance, on pre-production environment.
>>>
>>> I'd like to notice that we also have more than enough the release
>>> blocker issues [3] which are still `in progress` and such a release
>>> run becomes endless. Such changes without strong reasons looks too
>>> scary for me a special after scope and code freeze dates.
>>>
>>> Please, dispel my doubts.
>>>
>>> [1]  https://issues.apache.org/jira/browse/IGNITE-12225
>>> [2]  https://github.com/apache/ignite/pull/7194
>>> [3]
>>>  
>>> https://cwiki.apache.org/confluence/display/IGNITE/Apache+Ignite+2.8#ApacheIgnite2.8-Unresolvedissues(notrelatedtodocumentation
>>>  )
>>>
>>> On Thu, 9 Jan 2020 at 19:01, Alexey Zinoviev < zaleslaw....@gmail.com >
>>> wrote:
>>>>
>>>> +1
>>>>
>>>> чт, 9 янв. 2020 г. в 18:52, Sergey Antonov < antonovserge...@gmail.com >:
>>>>
>>>>> +1
>>>>>
>>>>> I'm preparing patch for 2.8 branch now. TC Bot visa for 2.8 branch
>>> will be
>>>>> at 13 Jan
>>>>>
>>>>> чт, 9 янв. 2020 г., 21:06 Ivan Pavlukhin < vololo...@gmail.com >:
>>>>>
>>>>>> +1
>>>>>>
>>>>>> чт, 9 янв. 2020 г. в 16:38, Ivan Rakov < ivan.glu...@gmail.com >:
>>>>>>>
>>>>>>> Maxim M. and anyone who is interested,
>>>>>>>
>>>>>>> I suggest to include this fix to 2.8 release:
>>>>>>>  https://issues.apache.org/jira/browse/IGNITE-12225
>>>>>>> Basically, it's a result of the following discussion:
>>>>>>>
>>>>>>
>>>>>
>>>  
>>> http://apache-ignite-developers.2346864.n4.nabble.com/DISCUSSION-Single-point-in-API-for-changing-cluster-state-td43665.html
>>>>>>>
>>>>>>> The fix affects public API: IgniteCluster#readOnly methods that
>>> work
>>>>> with
>>>>>>> boolean are replaced with ones that work with enum.
>>>>>>> If we include it, we won't be obliged to keep deprecated boolean
>>>>> version
>>>>>> of
>>>>>>> API in the code (which is currently present in 2.8 branch) as it
>>> wasn't
>>>>>>> published in any release.
>>>>>>>
>>>>>>> On Tue, Dec 31, 2019 at 3:54 PM Ilya Kasnacheev <
>>>>>>  ilya.kasnach...@gmail.com >
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Hello!
>>>>>>>>
>>>>>>>> I have ran dependency checker plugin and quote the following:
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-urideploy:
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-spring:
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-spring-data:
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-aop:
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-visor-console:
>>>>>>>>
>>>>>>>> spring-core-4.3.18.RELEASE.jar
>>>>>>>> (pkg:maven/org.springframework/spring-core@4.3.18.RELEASE,
>>>>>>>>
>>>>>>
>>> cpe:2.3:a:pivotal_software:spring_framework:4.3.18.release:*:*:*:*:*:*:*,
>>>>>>>>
>>> cpe:2.3:a:springsource:spring_framework:4.3.18.release:*:*:*:*:*:*:*,
>>>>>>>>
>>> cpe:2.3:a:vmware:springsource_spring_framework:4.3.18:*:*:*:*:*:*:*)
>>>>> :
>>>>>>>> CVE-2018-15756
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-spring-data_2.0:
>>>>>>>>
>>>>>>>> spring-core-5.0.8.RELEASE.jar
>>>>>>>> (pkg:maven/org.springframework/spring-core@5.0.8.RELEASE,
>>>>>>>>
>>>>>>
>>> cpe:2.3:a:pivotal_software:spring_framework:5.0.8.release:*:*:*:*:*:*:*,
>>>>>>>>
>>> cpe:2.3:a:springsource:spring_framework:5.0.8.release:*:*:*:*:*:*:*,
>>>>>>>>
>>> cpe:2.3:a:vmware:springsource_spring_framework:5.0.8:*:*:*:*:*:*:*) :
>>>>>>>> CVE-2018-15756
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-rest-http:
>>>>>>>>
>>>>>>>> jetty-server-9.4.11.v20180605.jar
>>>>>>>> (pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605,
>>>>>>>> cpe:2.3:a:eclipse:jetty:9.4.11:20180605:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:jetty:jetty:9.4.11.v20180605:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:mortbay_jetty:jetty:9.4.11:20180605:*:*:*:*:*:*) :
>>>>>>>> CVE-2018-12545, CVE-2019-10241, CVE-2019-10247
>>>>>>>> jackson-databind-2.9.6.jar
>>>>>>>> (pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.6,
>>>>>>>> cpe:2.3:a:fasterxml:jackson:2.9.6:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:fasterxml:jackson-databind:2.9.6:*:*:*:*:*:*:*) :
>>>>>>>> CVE-2018-1000873, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720,
>>>>>>>> CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362,
>>>>>>>> CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379,
>>>>>>>> CVE-2019-14439, CVE-2019-14540, CVE-2019-16335, CVE-2019-16942,
>>>>>>>> CVE-2019-16943, CVE-2019-17267, CVE-2019-17531
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-kubernetes:
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-aws:
>>>>>>>>
>>>>>>>> jackson-databind-2.9.6.jar
>>>>>>>> (pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.6,
>>>>>>>> cpe:2.3:a:fasterxml:jackson:2.9.6:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:fasterxml:jackson-databind:2.9.6:*:*:*:*:*:*:*) :
>>>>>>>> CVE-2018-1000873, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720,
>>>>>>>> CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362,
>>>>>>>> CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379,
>>>>>>>> CVE-2019-14439, CVE-2019-14540, CVE-2019-16335, CVE-2019-16942,
>>>>>>>> CVE-2019-16943, CVE-2019-17267, CVE-2019-17531
>>>>>>>> bcprov-ext-jdk15on-1.54.jar
>>>>>>>> (pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.54) :
>>>>> CVE-2015-6644,
>>>>>>>> CVE-2016-1000338, CVE-2016-1000339, CVE-2016-1000340,
>>>>> CVE-2016-1000341,
>>>>>>>> CVE-2016-1000342, CVE-2016-1000343, CVE-2016-1000344,
>>>>> CVE-2016-1000345,
>>>>>>>> CVE-2016-1000346, CVE-2016-1000352, CVE-2016-2427,
>>> CVE-2017-13098,
>>>>>>>> CVE-2018-1000180, CVE-2018-1000613
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-gce:
>>>>>>>>
>>>>>>>> httpclient-4.0.1.jar
>>>>>> (pkg:maven/org.apache.httpcomponents/httpclient@4.0.1
>>>>>>>> ,
>>>>>>>> cpe:2.3:a:apache:httpclient:4.0.1:*:*:*:*:*:*:*) : CVE-2011-1498,
>>>>>>>> CVE-2014-3577, CVE-2015-5262
>>>>>>>> guava-jdk5-17.0.jar (pkg:maven/com.google.guava/guava-jdk5@17.0,
>>>>>>>> cpe:2.3:a:google:guava:17.0:*:*:*:*:*:*:*) : CVE-2018-10237
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-cloud:
>>>>>>>>
>>>>>>>> openstack-keystone-2.0.0.jar
>>>>>>>> (pkg:maven/org.apache.jclouds.api/openstack-keystone@2.0.0,
>>>>>>>> cpe:2.3:a:openstack:keystone:2.0.0:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:openstack:openstack:2.0.0:*:*:*:*:*:*:*) :
>>> CVE-2013-2014,
>>>>>>>> CVE-2013-4222, CVE-2013-6391, CVE-2014-0204, CVE-2014-3476,
>>>>>> CVE-2014-3520,
>>>>>>>> CVE-2014-3621, CVE-2015-3646, CVE-2015-7546, CVE-2018-14432,
>>>>>> CVE-2018-20170
>>>>>>>> cloudstack-2.0.0.jar
>>>>> (pkg:maven/org.apache.jclouds.api/cloudstack@2.0.0
>>>>>> ,
>>>>>>>> cpe:2.3:a:apache:cloudstack:2.0.0:*:*:*:*:*:*:*) : CVE-2013-2136,
>>>>>>>> CVE-2013-6398, CVE-2014-0031, CVE-2014-9593, CVE-2015-3252
>>>>>>>> docker-2.0.0.jar (pkg:maven/org.apache.jclouds.api/docker@2.0.0,
>>>>>>>> cpe:2.3:a:docker:docker:2.0.0:*:*:*:*:*:*:*) : CVE-2018-10892,
>>>>>>>> CVE-2019-13139, CVE-2019-13509, CVE-2019-15752, CVE-2019-16884,
>>>>>>>> CVE-2019-5736
>>>>>>>> guava-16.0.1.jar (pkg:maven/com.google.guava/guava@16.0.1,
>>>>>>>> cpe:2.3:a:google:guava:16.0.1:*:*:*:*:*:*:*) : CVE-2018-10237
>>>>>>>> docker-1.9.3.jar (pkg:maven/org.apache.jclouds.labs/docker@1.9.3
>>> ,
>>>>>>>> cpe:2.3:a:docker:docker:1.9.3:*:*:*:*:*:*:*) : CVE-2016-3697,
>>>>>>>> CVE-2017-14992, CVE-2019-13139, CVE-2019-13509, CVE-2019-15752,
>>>>>>>> CVE-2019-16884, CVE-2019-5736
>>>>>>>> jsch.agentproxy.core-0.0.8.jar
>>>>>>>> (pkg:maven/com.jcraft/jsch.agentproxy.core@0.0.8,
>>>>>>>> cpe:2.3:a:jcraft:jsch:0.0.8:*:*:*:*:*:*:*) : CVE-2016-5725
>>>>>>>> bcprov-ext-jdk15on-1.49.jar
>>>>>>>> (pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.49) :
>>>>> CVE-2015-6644,
>>>>>>>> CVE-2015-7940, CVE-2016-1000338, CVE-2016-1000339,
>>> CVE-2016-1000341,
>>>>>>>> CVE-2016-1000342, CVE-2016-1000343, CVE-2016-1000344,
>>>>> CVE-2016-1000345,
>>>>>>>> CVE-2016-1000346, CVE-2016-1000352, CVE-2017-13098,
>>> CVE-2018-1000613
>>>>>>>> okhttp-2.2.0.jar (pkg:maven/com.squareup.okhttp/okhttp@2.2.0,
>>>>>>>> cpe:2.3:a:squareup:okhttp:2.2.0:*:*:*:*:*:*:*) : CVE-2016-2402
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-mesos:
>>>>>>>>
>>>>>>>> mesos-1.5.0.jar (pkg:maven/org.apache.mesos/mesos@1.5.0,
>>>>>>>> cpe:2.3:a:apache:mesos:1.5.0:*:*:*:*:*:*:*) : CVE-2018-11793,
>>>>>>>> CVE-2018-1330, CVE-2018-8023, CVE-2019-0204, CVE-2019-5736
>>>>>>>> jetty-server-9.4.11.v20180605.jar
>>>>>>>> (pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605,
>>>>>>>> cpe:2.3:a:eclipse:jetty:9.4.11:20180605:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:jetty:jetty:9.4.11.v20180605:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:mortbay_jetty:jetty:9.4.11:20180605:*:*:*:*:*:*) :
>>>>>>>> CVE-2018-12545, CVE-2019-10241, CVE-2019-10247
>>>>>>>> jackson-databind-2.9.6.jar
>>>>>>>> (pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.6,
>>>>>>>> cpe:2.3:a:fasterxml:jackson:2.9.6:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:fasterxml:jackson-databind:2.9.6:*:*:*:*:*:*:*) :
>>>>>>>> CVE-2018-1000873, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720,
>>>>>>>> CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362,
>>>>>>>> CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379,
>>>>>>>> CVE-2019-14439, CVE-2019-14540, CVE-2019-16335, CVE-2019-16942,
>>>>>>>> CVE-2019-16943, CVE-2019-17267, CVE-2019-17531
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-kafka:
>>>>>>>>
>>>>>>>> kafka-clients-2.0.1.jar
>>>>> (pkg:maven/org.apache.kafka/kafka-clients@2.0.1
>>>>>> ,
>>>>>>>> cpe:2.3:a:apache:kafka:2.0.1:*:*:*:*:*:*:*) : CVE-2018-17196
>>>>>>>> connect-api-2.0.1.jar
>>> (pkg:maven/org.apache.kafka/connect-api@2.0.1,
>>>>>>>> cpe:2.3:a:apache:kafka:2.0.1:*:*:*:*:*:*:*) : CVE-2018-17196
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-flume:
>>>>>>>>
>>>>>>>> guava-11.0.2.jar (pkg:maven/com.google.guava/guava@11.0.2,
>>>>>>>> cpe:2.3:a:google:guava:11.0.2:*:*:*:*:*:*:*) : CVE-2018-10237
>>>>>>>> jackson-core-asl-1.8.8.jar
>>>>>>>> (pkg:maven/org.codehaus.jackson/jackson-core-asl@1.8.8,
>>>>>>>> cpe:2.3:a:fasterxml:jackson:1.8.8:*:*:*:*:*:*:*) :
>>> CVE-2017-15095,
>>>>>>>> CVE-2017-17485, CVE-2017-7525
>>>>>>>> jackson-mapper-asl-1.8.8.jar
>>>>>>>> (pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.8,
>>>>>>>> cpe:2.3:a:fasterxml:jackson:1.8.8:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:fasterxml:jackson-mapper-asl:1.8.8:*:*:*:*:*:*:*) :
>>>>>>>> CVE-2017-15095, CVE-2017-17485, CVE-2017-7525, CVE-2018-1000873,
>>>>>>>> CVE-2018-14718, CVE-2018-5968, CVE-2018-7489, CVE-2019-14540,
>>>>>>>> CVE-2019-16335, CVE-2019-17267
>>>>>>>> commons-collections-3.2.1.jar
>>>>>>>> (pkg:maven/commons-collections/commons-collections@3.2.1,
>>>>>>>> cpe:2.3:a:apache:commons_collections:3.2.1:*:*:*:*:*:*:*) :
>>>>>> CVE-2015-6420,
>>>>>>>> CVE-2017-15708, Remote code execution
>>>>>>>> netty-3.9.4.Final.jar (pkg:maven/io.netty/netty@3.9.4.Final,
>>>>>>>> cpe:2.3:a:netty:netty:3.9.4:*:*:*:*:*:*:*) : CVE-2015-2156,
>>>>>> CVE-2019-16869,
>>>>>>>> POODLE vulnerability in SSLv3.0 support
>>>>>>>> servlet-api-2.5-20110124.jar
>>>>>>>> (pkg:maven/org.mortbay.jetty/servlet-api@2.5-20110124,
>>>>>>>> cpe:2.3:a:jetty:jetty:2.5.20110124:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:mortbay:jetty:2.5.20110124:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:mortbay_jetty:jetty:2.5.20110124:*:*:*:*:*:*:*) :
>>>>>> CVE-2005-3747,
>>>>>>>> CVE-2007-5615, CVE-2009-1523, CVE-2009-1524, CVE-2009-5048,
>>>>>> CVE-2009-5049,
>>>>>>>> CVE-2011-4461
>>>>>>>> jetty-util-6.1.26.jar
>>> (pkg:maven/org.mortbay.jetty/jetty-util@6.1.26
>>>>> ,
>>>>>>>> cpe:2.3:a:jetty:jetty:6.1.26:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:mortbay:jetty:6.1.26:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:mortbay_jetty:jetty:6.1.26:*:*:*:*:*:*:*) :
>>> CVE-2009-1523,
>>>>>>>> CVE-2011-4461
>>>>>>>> jetty-6.1.26.jar (pkg:maven/org.mortbay.jetty/jetty@6.1.26,
>>>>>>>> cpe:2.3:a:jetty:jetty:6.1.26:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:mortbay:jetty:6.1.26:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:mortbay_jetty:jetty:6.1.26:*:*:*:*:*:*:*) :
>>> CVE-2009-1523,
>>>>>>>> CVE-2011-4461, CVE-2017-7656, CVE-2017-7657, CVE-2017-7658,
>>>>>> CVE-2017-9735,
>>>>>>>> CVE-2019-10241, CVE-2019-10247
>>>>>>>> libthrift-0.9.0.jar (pkg:maven/org.apache.thrift/libthrift@0.9.0)
>>> :
>>>>>>>> CVE-2015-3254, CVE-2016-5397, CVE-2018-1320, CVE-2019-0205
>>>>>>>> httpclient-4.1.3.jar
>>>>>> (pkg:maven/org.apache.httpcomponents/httpclient@4.1.3
>>>>>>>> ,
>>>>>>>> cpe:2.3:a:apache:httpclient:4.1.3:*:*:*:*:*:*:*) : CVE-2014-3577,
>>>>>>>> CVE-2015-5262
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-twitter:
>>>>>>>>
>>>>>>>> httpclient-4.2.5.jar
>>>>>> (pkg:maven/org.apache.httpcomponents/httpclient@4.2.5
>>>>>>>> ,
>>>>>>>> cpe:2.3:a:apache:httpclient:4.2.5:*:*:*:*:*:*:*) : CVE-2014-3577,
>>>>>>>> CVE-2015-5262
>>>>>>>> guava-14.0.1.jar (pkg:maven/com.google.guava/guava@14.0.1,
>>>>>>>> cpe:2.3:a:google:guava:14.0.1:*:*:*:*:*:*:*) : CVE-2018-10237
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-zookeeper:
>>>>>>>>
>>>>>>>> jackson-databind-2.9.8.jar
>>>>>>>> (pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8,
>>>>>>>> cpe:2.3:a:fasterxml:jackson:2.9.8:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:fasterxml:jackson-databind:2.9.8:*:*:*:*:*:*:*) :
>>>>>> CVE-2019-12086,
>>>>>>>> CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, CVE-2019-14439,
>>>>>>>> CVE-2019-14540, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943,
>>>>>>>> CVE-2019-17267, CVE-2019-17531
>>>>>>>> guava-16.0.1.jar (pkg:maven/com.google.guava/guava@16.0.1,
>>>>>>>> cpe:2.3:a:google:guava:16.0.1:*:*:*:*:*:*:*) : CVE-2018-10237
>>>>>>>> jackson-mapper-asl-1.9.13.jar
>>>>>>>> (pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.13,
>>>>>>>> cpe:2.3:a:fasterxml:jackson:1.9.13:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:fasterxml:jackson-mapper-asl:1.9.13:*:*:*:*:*:*:*) :
>>>>>>>> CVE-2017-15095, CVE-2017-17485, CVE-2017-7525, CVE-2018-1000873,
>>>>>>>> CVE-2018-14718, CVE-2018-5968, CVE-2018-7489, CVE-2019-10172,
>>>>>>>> CVE-2019-14540, CVE-2019-16335, CVE-2019-17267
>>>>>>>> netty-all-4.1.29.Final.jar
>>> (pkg:maven/io.netty/netty-all@4.1.29.Final
>>>>> ,
>>>>>>>> cpe:2.3:a:netty:netty:4.1.29:*:*:*:*:*:*:*) : CVE-2019-16869
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-camel:
>>>>>>>>
>>>>>>>> camel-core-2.22.0.jar
>>> (pkg:maven/org.apache.camel/camel-core@2.22.0,
>>>>>>>> cpe:2.3:a:apache:camel:2.22.0:*:*:*:*:*:*:*) : CVE-2018-8041,
>>>>>>>> CVE-2019-0188, CVE-2019-0194
>>>>>>>>
>>>>>>>>
>>>>>>
>>>>>
>>> camel-core-2.22.0.jar/META-INF/maven/org.apache.camel/spi-annotations/pom.xml
>>>>>>>> (pkg:maven/org.apache.camel/spi-annotations@2.22.0,
>>>>>>>> cpe:2.3:a:apache:camel:2.22.0:*:*:*:*:*:*:*) : CVE-2018-8041,
>>>>>>>> CVE-2019-0188, CVE-2019-0194
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-storm:
>>>>>>>>
>>>>>>>> storm-core-1.1.1.jar (pkg:maven/org.apache.storm/storm-core@1.1.1
>>> ,
>>>>>>>> cpe:2.3:a:apache:storm:1.1.1:*:*:*:*:*:*:*) : CVE-2018-11779,
>>>>>>>> CVE-2018-1331, CVE-2018-1332, CVE-2018-8008, CVE-2019-0202
>>>>>>>>
>>>>>>
>>>>>
>>> storm-core-1.1.1.jar/META-INF/maven/org.eclipse.jetty/jetty-servlet/pom.xml
>>>>>>>> (pkg:maven/org.eclipse.jetty/jetty-servlet@7.6.13.v20130916,
>>>>>>>> cpe:2.3:a:eclipse:jetty:7.6.13:20130916:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:jetty:jetty:7.6.13.v20130916:*:*:*:*:*:*:*) :
>>>>> CVE-2019-10247
>>>>>>>>
>>>>>>>>
>>>>>>
>>>>>
>>> storm-core-1.1.1.jar/META-INF/maven/org.apache.httpcomponents/httpclient/pom.xml
>>>>>>>> (pkg:maven/org.apache.httpcomponents/httpclient@4.3.3,
>>>>>>>> cpe:2.3:a:apache:httpclient:4.3.3:*:*:*:*:*:*:*) : CVE-2014-3577,
>>>>>>>> CVE-2015-5262
>>>>>>>>
>>> storm-core-1.1.1.jar/META-INF/maven/com.google.guava/guava/pom.xml
>>>>>>>> (pkg:maven/com.google.guava/guava@16.0.1,
>>>>>>>> cpe:2.3:a:google:guava:16.0.1:*:*:*:*:*:*:*) : CVE-2018-10237
>>>>>>>> storm-core-1.1.1.jar/META-INF/maven/io.netty/netty/pom.xml
>>>>>>>> (pkg:maven/io.netty/netty@3.9.0.Final,
>>>>>>>> cpe:2.3:a:netty:netty:3.9.0:*:*:*:*:*:*:*) : CVE-2014-0193,
>>>>>> CVE-2014-3488,
>>>>>>>> CVE-2015-2156, CVE-2019-16869, POODLE vulnerability in SSLv3.0
>>>>> support
>>>>>>>>
>>>>>>
>>>>>
>>> storm-core-1.1.1.jar/META-INF/maven/org.eclipse.jetty/jetty-server/pom.xml
>>>>>>>> (pkg:maven/org.eclipse.jetty/jetty-server@7.6.13.v20130916,
>>>>>>>> cpe:2.3:a:eclipse:jetty:7.6.13:20130916:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:jetty:jetty:7.6.13.v20130916:*:*:*:*:*:*:*) :
>>>>> CVE-2011-4461,
>>>>>>>> CVE-2017-7656, CVE-2017-7657, CVE-2017-7658, CVE-2017-9735,
>>>>>> CVE-2019-10241,
>>>>>>>> CVE-2019-10247
>>>>>>>>
>>>>>>
>>> storm-core-1.1.1.jar/META-INF/maven/org.eclipse.jetty/jetty-util/pom.xml
>>>>>>>> (pkg:maven/org.eclipse.jetty/jetty-util@7.6.13.v20130916,
>>>>>>>> cpe:2.3:a:eclipse:jetty:7.6.13:20130916:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:jetty:jetty:7.6.13.v20130916:*:*:*:*:*:*:*) :
>>>>> CVE-2011-4461,
>>>>>>>> CVE-2019-10247
>>>>>>>>
>>>>>>>>
>>>>>>
>>>>>
>>> storm-core-1.1.1.jar/META-INF/maven/commons-fileupload/commons-fileupload/pom.xml
>>>>>>>> (pkg:maven/commons-fileupload/commons-fileupload@1.3.2,
>>>>>>>> cpe:2.3:a:apache:commons_fileupload:1.3.2:*:*:*:*:*:*:*) :
>>>>>> CVE-2016-1000031
>>>>>>>>
>>>>>>
>>> storm-core-1.1.1.jar/META-INF/maven/org.apache.hadoop/hadoop-auth/pom.xml
>>>>>>>> (pkg:maven/org.apache.hadoop/hadoop-auth@2.6.1,
>>>>>>>> cpe:2.3:a:apache:hadoop:2.6.1:*:*:*:*:*:*:*) : CVE-2015-1776,
>>>>>>>> CVE-2016-3086, CVE-2016-5001, CVE-2016-5393, CVE-2016-6811,
>>>>>> CVE-2017-15713,
>>>>>>>> CVE-2017-3161, CVE-2017-3162, CVE-2017-3166, CVE-2018-11768,
>>>>>> CVE-2018-1296,
>>>>>>>> CVE-2018-8009, CVE-2018-8029
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-cassandra-store:
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-cassandra-serializers:
>>>>>>>>
>>>>>>>> commons-beanutils-1.9.2.jar
>>>>>>>> (pkg:maven/commons-beanutils/commons-beanutils@1.9.2,
>>>>>>>> cpe:2.3:a:apache:commons_beanutils:1.9.2:*:*:*:*:*:*:*) :
>>>>>> CVE-2019-10086
>>>>>>>> commons-collections-3.2.1.jar
>>>>>>>> (pkg:maven/commons-collections/commons-collections@3.2.1,
>>>>>>>> cpe:2.3:a:apache:commons_collections:3.2.1:*:*:*:*:*:*:*) :
>>>>>> CVE-2015-6420,
>>>>>>>> CVE-2017-15708, Remote code execution
>>>>>>>> spring-core-4.3.18.RELEASE.jar
>>>>>>>> (pkg:maven/org.springframework/spring-core@4.3.18.RELEASE,
>>>>>>>>
>>>>>>
>>> cpe:2.3:a:pivotal_software:spring_framework:4.3.18.release:*:*:*:*:*:*:*,
>>>>>>>>
>>> cpe:2.3:a:springsource:spring_framework:4.3.18.release:*:*:*:*:*:*:*,
>>>>>>>>
>>> cpe:2.3:a:vmware:springsource_spring_framework:4.3.18:*:*:*:*:*:*:*)
>>>>> :
>>>>>>>> CVE-2018-15756
>>>>>>>> netty-transport-4.1.27.Final.jar
>>>>>>>> (pkg:maven/io.netty/netty-transport@4.1.27.Final,
>>>>>>>> cpe:2.3:a:netty:netty:4.1.27:*:*:*:*:*:*:*) : CVE-2019-16869
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-flink:
>>>>>>>>
>>>>>>>> flink-hadoop-fs-1.5.0.jar
>>>>>> (pkg:maven/org.apache.flink/flink-hadoop-fs@1.5.0
>>>>>>>> ,
>>>>>>>> cpe:2.3:a:apache:hadoop:1.5.0:*:*:*:*:*:*:*) : CVE-2016-5001,
>>>>>>>> CVE-2017-3161, CVE-2017-3162
>>>>>>>>
>>>>>>>>
>>>>>>
>>>>>
>>> flink-shaded-netty-4.0.27.Final-2.0.jar/META-INF/maven/io.netty/netty-all/pom.xml
>>>>>>>> (pkg:maven/io.netty/netty-all@4.0.27.Final,
>>>>>>>> cpe:2.3:a:netty:netty:4.0.27:*:*:*:*:*:*:*) : CVE-2015-2156,
>>>>>> CVE-2016-4970,
>>>>>>>> CVE-2019-16869
>>>>>>>>
>>>>>>>>
>>>>>>
>>>>>
>>> flink-shaded-jackson-2.7.9-3.0.jar/META-INF/maven/com.fasterxml.jackson.core/jackson-databind/pom.xml
>>>>>>>> (pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9,
>>>>>>>> cpe:2.3:a:fasterxml:jackson:2.7.9:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:fasterxml:jackson-databind:2.7.9:*:*:*:*:*:*:*) :
>>>>>> CVE-2017-15095,
>>>>>>>> CVE-2017-17485, CVE-2017-7525, CVE-2018-1000873, CVE-2018-11307,
>>>>>>>> CVE-2018-12022, CVE-2018-12023, CVE-2018-14718, CVE-2018-14719,
>>>>>>>> CVE-2018-14720, CVE-2018-14721, CVE-2018-19360, CVE-2018-19361,
>>>>>>>> CVE-2018-19362, CVE-2018-5968, CVE-2018-7489, CVE-2019-12086,
>>>>>>>> CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, CVE-2019-14439,
>>>>>>>> CVE-2019-14540, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943,
>>>>>>>> CVE-2019-17267, CVE-2019-17531
>>>>>>>>
>>>>>>>>
>>>>>>
>>>>>
>>> flink-shaded-guava-18.0-2.0.jar/META-INF/maven/com.google.guava/guava/pom.xml
>>>>>>>> (pkg:maven/com.google.guava/guava@18.0,
>>>>>>>> cpe:2.3:a:google:guava:18.0:*:*:*:*:*:*:*) : CVE-2018-10237
>>>>>>>>
>>>>>>>> One or more dependencies were identified with known
>>> vulnerabilities
>>>>> in
>>>>>>>> ignite-rocketmq:
>>>>>>>>
>>>>>>>> netty-all-4.0.42.Final.jar
>>> (pkg:maven/io.netty/netty-all@4.0.42.Final
>>>>> ,
>>>>>>>> cpe:2.3:a:netty:netty:4.0.42:*:*:*:*:*:*:*) : CVE-2019-16869
>>>>>>>> netty-tcnative-boringssl-static-1.1.33.Fork26.jar
>>>>>>>> (pkg:maven/io.netty/netty-tcnative-boringssl-static@1.1.33.Fork26
>>> ,
>>>>>>>> cpe:2.3:a:apache:tomcat:1.1.33:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:apache:tomcat_native:1.1.33:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:apache_software_foundation:tomcat:1.1.33:*:*:*:*:*:*:*,
>>>>>>>> cpe:2.3:a:apache_tomcat:apache_tomcat:1.1.33:*:*:*:*:*:*:*) :
>>>>>>>> CVE-2000-1210, CVE-2001-0590, CVE-2002-0493, CVE-2005-4838,
>>>>>> CVE-2006-7196,
>>>>>>>> CVE-2007-1358, CVE-2007-2449, CVE-2008-0128, CVE-2009-2696,
>>>>>> CVE-2012-5568,
>>>>>>>> CVE-2013-2185, CVE-2013-4286, CVE-2013-4322, CVE-2013-4444,
>>>>>> CVE-2013-4590,
>>>>>>>> CVE-2013-6357, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099,
>>>>>> CVE-2014-0119,
>>>>>>>> CVE-2016-5425, CVE-2017-15698, CVE-2018-8019, CVE-2018-8020
>>>>>>>>
>>>>>>>> Main offenders seem to be "jackson-databind" and old maintenance
>>>>>> releases
>>>>>>>> of Spring. I think we can bump most of that.
>>>>>>>>
>>>>>>>> Some integrations also clearly suffer, through it's a problem of
>>>>> their
>>>>>>>> users, since they need to declare their own libraries' versions
>>> by
>>>>>>>> convention.
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>> --
>>>>>>>> Ilya Kasnacheev
>>>>>>>>
>>>>>>>>
>>>>>>>> пт, 27 дек. 2019 г. в 23:59, Denis Magda < dma...@apache.org >:
>>>>>>>>
>>>>>>>>> Ilya, no I see, thanks for the explanation. Agree with you,
>>> let's
>>>>>> update
>>>>>>>>> the versions of the dependencies to the latest.
>>>>>>>>>
>>>>>>>>> -
>>>>>>>>> Denis
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Thu, Dec 26, 2019 at 10:50 PM Ilya Kasnacheev <
>>>>>>>>>  ilya.kasnach...@gmail.com >
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> Hello!
>>>>>>>>>>
>>>>>>>>>> I have committed ignite-spring-data_2.2 to ignite-2.8.
>>>>>>>>>>
>>>>>>>>>> By bumping versisons I mean the following:
>>>>>>>>>> <slf4j.version>1.7.*7*</slf4j.version>
>>>>>>>>>> <slf4j16.version>1.6.*4*</slf4j16.version>
>>>>>>>>>> <snappy.version>1.1.7.*2*</snappy.version>
>>>>>>>>>> <spark.hadoop.version>2.6.*5*</spark.hadoop.version>
>>>>>>>>>> <spark.version>2.3.*0*</spark.version>
>>>>>>>>>>
>>>>>> <spring.data.version>1.13.*14*.RELEASE</spring.data.version>
>>>>>>>> <!--
>>>>>>>>>> don't forget to update spring version -->
>>>>>>>>>> <spring.version>4.3.*18*.RELEASE</spring.version><!--
>>>>> don't
>>>>>>>>> forget
>>>>>>>>>> to update spring-data version -->
>>>>>>>>>>
>>>>>>>>>
>>> <spring.data-2.0.version>2.0.*9*.RELEASE</spring.data-2.0.version>
>>>>>>>>>> <!-- don't forget to update spring-5.0 version -->
>>>>>>>>>>
>>>>>> <spring-5.0.version>5.0.*8*.RELEASE</spring-5.0.version><!--
>>>>>>>>> don't
>>>>>>>>>> forget to update spring-data-2.0 version -->
>>>>>>>>>>
>>>>>>>>>> All these libraries have maintenance release (such as our
>>>>> 2.7.*6*)
>>>>>> and
>>>>>>>> I
>>>>>>>>>> think it would be beneficial to upgrade these dependencies
>>> to the
>>>>>>>> latest
>>>>>>>>>> maintenance version found in Maven Central.
>>>>>>>>>> For example, there is spring.data-2.0 2.0.*14*.RELEASE.
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>> --
>>>>>>>>>> Ilya Kasnacheev
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> чт, 26 дек. 2019 г. в 19:32, Denis Magda < dma...@apache.org
>>>> :
>>>>>>>>>>
>>>>>>>>>>> A huge +1 for adding Spring Data related
>>> fixes/improvements.
>>>>>> Ilya is
>>>>>>>>>> right
>>>>>>>>>>> that Spring Data related questions sparked last time due to
>>>>>> missing
>>>>>>>>>> support
>>>>>>>>>>> of 2.2 version.
>>>>>>>>>>>
>>>>>>>>>>> Ilya, could you elaborate on what you mean under "bumping
>>> the
>>>>>>>>> versions"?
>>>>>>>>>> Do
>>>>>>>>>>> you suggest performing a straightforward upgrade of
>>>>>>>>> "ignite-spring-data"
>>>>>>>>>> to
>>>>>>>>>>> version 2.2 and introducing
>>> "ignite-spring-data-{old-version"}
>>>>>> for
>>>>>>>> the
>>>>>>>>>>> previous versions? If it's so, I fully agree with the
>>> proposal.
>>>>>>>>>>>
>>>>>>>>>>> -
>>>>>>>>>>> Denis
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Thu, Dec 26, 2019 at 4:52 AM Ilya Kasnacheev <
>>>>>>>>>>  ilya.kasnach...@gmail.com
>>>>>>>>>>>>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hello!
>>>>>>>>>>>>
>>>>>>>>>>>> I propose to add the following ticket to the scope:
>>>>>>>>>>>>  https://issues.apache.org/jira/browse/IGNITE-12259 (3
>>>>>> commits, be
>>>>>>>>>>> careful
>>>>>>>>>>>> with release version)
>>>>>>>>>>>>
>>>>>>>>>>>> Adding tickets to scope surely seems crazy now, but I
>>> will
>>>>>> provide
>>>>>>>>> the
>>>>>>>>>>>> following considerations:
>>>>>>>>>>>> * This is Spring Data 2.2 integration, which we
>>> currently do
>>>>>> not
>>>>>>>>> have,
>>>>>>>>>>>> leading to lots of confused questions on stack overflow
>>> and
>>>>>> mailing
>>>>>>>>>> list.
>>>>>>>>>>>> Spring Data is important to our public image since many
>>>>> people
>>>>>> may
>>>>>>>>>> learn
>>>>>>>>>>>> about out project by starting with Spring Data.
>>>>>>>>>>>>
>>>>>>>>>>>> * It has zero code impact outside of its own module
>>> (just 2
>>>>> POM
>>>>>>>> file
>>>>>>>>>>>> touched and that's all).
>>>>>>>>>>>>
>>>>>>>>>>>> * The core was ready since early November but, due to
>>> gmail
>>>>>> quirk,
>>>>>>>> we
>>>>>>>>>> did
>>>>>>>>>>>> not react to it in time.
>>>>>>>>>>>>
>>>>>>>>>>>> WDYT?
>>>>>>>>>>>>
>>>>>>>>>>>> Another semi-related question. *Should we bump our
>>>>>> dependencies'
>>>>>>>>>> versions
>>>>>>>>>>>> before releasing 2.8?* I talk mainly about spring and
>>>>> hibernate
>>>>>>>>>>>> dependencies. We could switch them to their latest
>>>>> maintenance
>>>>>>>>> versions
>>>>>>>>>>> to
>>>>>>>>>>>> avoid shipping default links to outdated packages.
>>>>>>>>>>>>
>>>>>>>>>>>> I think this is one of things that are very hard to do
>>>>> between
>>>>>>>>>> releases,
>>>>>>>>>>> so
>>>>>>>>>>>> I think this dependencies bumping should be a part of a
>>>>> formal
>>>>>>>>>>>> release/testing cycle, and then be backported to master.
>>>>>>>>>>>>
>>>>>>>>>>>> I could volunteer to do that myself, if we agree to merge
>>>>> these
>>>>>>>>> version
>>>>>>>>>>>> upgrades to ignite-2.8 and then re-test.
>>>>>>>>>>>>
>>>>>>>>>>>> Regards,
>>>>>>>>>>>> --
>>>>>>>>>>>> Ilya Kasnacheev
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> вт, 24 дек. 2019 г. в 13:22, Zhenya Stanilovsky
>>>>>>>>>>> < arzamas...@mail.ru.invalid
>>>>>>>>>>>>> :
>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> Igniters, i`l try to compare 2.8 release candidate vs
>>>>> 2.7.6,
>>>>>>>>>>>>> last sha 2.8 was build from : 9d114f3137f92aebc2562a
>>>>>>>>>>>>> i use yardstick benchmarks, 4 bare machine with: 2x
>>> Xeon
>>>>>> X5570
>>>>>>>>> 96Gb
>>>>>>>>>>>> 512GB
>>>>>>>>>>>>> SSD 2048GB HDD 10GB/s
>>>>>>>>>>>>> 1 for client (driver) and 3 for servers.
>>>>>>>>>>>>> this mappings for graphs and real yardstick tests:
>>>>>>>>>>>>>
>>>>>>>>>>>>> atomic-put: IgnitePutBenchmark
>>>>>>>>>>>>> sql-merge-query: IgniteSqlMergeQueryBenchmark
>>>>>>>>>>>>> atomic-get: IgniteGetBenchmark
>>>>>>>>>>>>> tx-get: IgniteGetTxBenchmark
>>>>>>>>>>>>> tx-put: IgnitePutTxBenchmark
>>>>>>>>>>>>> atomic-put-all-bs-10: IgnitePutAllBenchmark
>>>>>>>>>>>>> tx-put-all-bs-10: IgnitePutAllTxBenchmark
>>>>>>>>>>>>>
>>>>>>>>>>>>> cacheMode — partitioned
>>>>>>>>>>>>> CacheWriteSynchronizationMode.FULL_SYNC
>>>>>>>>>>>>> 1 backup
>>>>>>>>>>>>>
>>>>>>>>>>>>> 1. wal = log_only 2. wal = none 3. persistence
>>> disabled.
>>>>>>>>>>>>> Thanks Maxim for wiki page [1]
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> [1]
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>
>>>>>
>>>  
>>> https://cwiki.apache.org/confluence/display/IGNITE/Apache+Ignite+2.8#ApacheIgnite2.8-Benchmarks
>>>>>>>>>>>>>
>>>>>>>>>>>>> do we need some bisect or other work here ?
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> ------- Forwarded message -------
>>>>>>>>>>>>>> From: "Maxim Muzafarov" <  mmu...@apache.org >
>>>>>>>>>>>>>> To:  dev@ignite.apache.org
>>>>>>>>>>>>>> Cc:
>>>>>>>>>>>>>> Subject: Apache Ignite 2.8 RELEASE [Time, Scope,
>>> Manager]
>>>>>>>>>>>>>> Date: Fri, 20 Sep 2019 14:44:31 +0300
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Igniters,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> It's almost a year has passed since the last major
>>> Apache
>>>>>> Ignite
>>>>>>>>> 2.7
>>>>>>>>>>>>>> has been released. We've accumulated a lot of
>>> performance
>>>>>>>>>> improvements
>>>>>>>>>>>>>> and a lot of new features which are waiting for their
>>>>>> release
>>>>>>>>> date.
>>>>>>>>>>>>>> Here is my list of the most interesting things from my
>>>>> point
>>>>>>>> since
>>>>>>>>>> the
>>>>>>>>>>>>>> last major release:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Service Grid,
>>>>>>>>>>>>>> Monitoring,
>>>>>>>>>>>>>> Recovery Read
>>>>>>>>>>>>>> BLT auto-adjust,
>>>>>>>>>>>>>> PDS compression,
>>>>>>>>>>>>>> WAL page compression,
>>>>>>>>>>>>>> Thin client: best effort affinity,
>>>>>>>>>>>>>> Thin client: transactions support (not yet)
>>>>>>>>>>>>>> SQL query history
>>>>>>>>>>>>>> SQL statistics
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I think we should no longer wait and freeze the master
>>>>>> branch
>>>>>>>>>> anymore
>>>>>>>>>>>>>> and prepare the next major release by the end of the
>>> year.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I propose to discuss Time, Scope of Apache Ignite 2.8
>>>>>> release
>>>>>>>> and
>>>>>>>>>> also
>>>>>>>>>>>>>> I want to propose myself to be the release manager of
>>> the
>>>>>>>> planning
>>>>>>>>>>>>>> release.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Scope Freeze: November 4, 2019
>>>>>>>>>>>>>> Code Freeze: November 18, 2019
>>>>>>>>>>>>>> Voting Date: December 10, 2019
>>>>>>>>>>>>>> Release Date: December 17, 2019
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> WDYT?
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Best regards,
>>>>>> Ivan Pavlukhin
>>>>>>
>>>>>
>>>
>>
>>
>> --
>> BR, Sergey Antonov
>  
 
 
 
 



























					Reply via email to