Re: [DISCUSS] PIP-324: Alpine Docker images

Matteo, Yes, I'm seeing a similar number of vulnerabilities with Stackrox. It's important to point out that most of the vulnerabilities are of a low severity, with 22 of them being moderate. Neither Trivy nor Stackrox found any vulnerabilities of an important or critical severity. That's a goo

Re: [DISCUSS] PIP-324: Alpine Docker images

Hi Alexander, it doesn't look to be only 4 issues in that image: https://catalog.redhat.com/software/containers/ubi9/ubi/615bcf606feffc5384e8452e points to this Docker image registry.access.redhat.com/ubi9/ubi@sha256:1fafb0905264413501df60d90a92ca32df8a2011cbfb4876ddff5ceb20c8f165 (redhat 9.3) T

Re: [DISCUSS] PIP-324: Alpine Docker images

According to Red Hat their latest tagged release for UBI9.3, 9.3-1552, has four moderate CVE's (https://catalog.redhat.com/software/containers/ubi9/ubi/615bcf606feffc5384e8452e). There is also the option of basing the Pulsar image on the UBI9-minimal image (https://catalog.redhat.com/software/c

RE: [DISCUSS] Apache Pulsar 3.0.3 Release

+1 I concur. Last release of the 3.x.x LTS branch was Dec 3rd, 2023. Thanks, -Alex H -Original Message- From: Heesung Sohn Sent: Wednesday, February 21, 2024 7:01 PM To: dev@pulsar.apache.org Subject: [DISCUSS] Apache Pulsar 3.0.3 Release [You don't often get email from *REDACTED*. L

Re: [DISCUSS] Apache Pulsar 3.1.3 Release

+1 Technically since the support and security updates for the 3.1.2 release ended 20 days ago (10 Feb 2024), I think this is a good idea. https://pulsar.apache.org/contribute/release-policy/ -Alex H -Original Message- From: PengHui Li Sent: Monday, February 26, 2024 7:55 PM To: dev@pu

Assistance Needed: Community Over Code Connections

Good day, As we approach the season of ASF events, we are seeking assistance from some Apache PMC committers to discover contact information for the various organizations that use and contribute to those projects, in the hopes of partnering with them on event sponsorship. This will help make Commu

[DISCUSS] Broken builds and CI Failures in Maintenance Branches; improving maintenance strategy to address root causes

Dear Pulsar Community, As we prepare for new releases in our maintenance branches, we have once again encountered issues with our cherry-picking process. Some of our maintenance branches are currently broken or were recently broken, containing compilation errors or failing tests. Many have encount

Re: [VOTE] Pulsar Client C++ Release 3.5.0 Candidate 1

Cancel this vote since I want to include the fix to https://github.com/apache/pulsar-client-python/issues/199 in this release. Thanks, Yunze On Fri, Mar 1, 2024 at 2:40 PM Yunze Xu wrote: > > This is the first release candidate for Apache Pulsar Client C++, version > 3.5.0. > > It fixes the fol