Hi all,
I’d like to start a discussion about moving the kerberos-security extension
from core to contrib.
This extension hasn’t seen much recent development, and at the moment,
there isn’t anyone in the community actively maintaining it. It also brings
in Hadoop common libraries, which—similar
sgtm +1, and doing this aligns with the direction we are going with
the other hadoop stuff i think. If we really want to keep supporting
kerberos for auth longer term I think we would need to look into
replacing the existing implementation with something that doesn't use
hadoop libraries.
On Mon,
I think this sounds reasonable, but to clarify what would the actual
change be here, just stronger wording in
https://druid.apache.org/docs/latest/configuration/extensions/#community-extensions
and not scanning for CVE? or something more, e.g. would we stop
publishing contrib jars to maven
(https:/
Hi all,
I’d like to open a discussion about the support model we apply to contrib
extensions in Apache Druid.
Specifically, I propose that we explicitly document that contrib extensions
are provided “as is”, meaning that the Druid PMC and committer community
make no guarantees about their ongoi
