Apache BVal Report December 2018¶

• The Apache BVal project implements the Java EE Bean Validation specification(s) and related extensions, and became a top-level project of the foundation on February 15, 2012.

Issues:¶

• There are no issues requiring board attention at this time.

Activity:¶

• During the past quarter we released Apache BVal 2.0.0 which delivers an implementation of the latest 2.0 Bean Validation JSR specification.
• The recent release included code that, unless deliberately circumvented, would prevent the behavior at the core of the security vulnerability reported during Q2.
• The Bean Validation EG leadership has reached out to encourage us to obtain official status as a conforming implementation. This is primarily a matter of configuration tooling which we hope to address in a forthcoming point release.
• We have received a small number of post-release bug reports which we intend to address in the immediate future when the team's non-volunteer workload permits.

Health report:¶

• We retain a small core of developers with the desire to keep this project afloat.

PMC changes:¶

• Currently 13 PMC members.
• No new PMC members added in the last 3 months
• Last PMC addition was Romain Manni-Bucau on Mon Nov 18 2013

Committer base changes:¶

• Currently 14 committers.
• No new changes to the committer base since last report.

Releases:¶

• 2.0.0 was released on Sat Oct 27 2018

Mailing list activity:¶

• Activity this quarter reflects the release process of version 2.0.0 and an accompanying JIRA cleanup. Post-release saw some activity in response.

• dev@bval.apache.org:

  • 42 subscribers (down -4 in the last 3 months):
  • 118 emails sent to list (26 in previous quarter)

• user@bval.apache.org:

  • 54 subscribers (down -2 in the last 3 months):
  • 5 emails sent to list (2 in previous quarter)

JIRA activity:¶

• 11 JIRA tickets created in the last 3 months
• 21 JIRA tickets closed/resolved in the last 3 months