XMLProjectPages/StatusReportForNovember162003

General Comments

Things have been relatively quiet on the broader project front. The sub-projects are all going well, and the XMLBeans effort is now fully into the incubation process.

xml.apache.org has now moved all sub-projects to using the ASF mirroring system, and a consolodated download page has been created for all files in the over-arching project. A fantastic effort from all concerned.

PMC

Membership

On the PMC membership front, Ilene Seelemann stepped down from the PMC for personal reasons, and Brian Minchau stepped in as the replacement Xalan representative. Erwin van der Koogh was also voted in to become the replacement xml-security representative after Christian stepped down.

Oversight

Dirk recently raised the question of oversite of the Xerces-P sub-project, particularly around releases of code. There is a feeling that this is too much of a one man shop / no peer review/oversight or peer-reviewed releases. Given that it is a thin layer on C++ we may simply tie it in with xerces-c for the real releases. However this is still under discussion.

As an input to this discussion, the PMC would like to understand the board's position on the requirement of an umbrella PMC to vote on all sub-project code-releases. Currently the XML PMC does not do this - we rely on individual PMC members within each sub-project to ensure appropriate processes are being followed.

Issues needing attention:

Legal

In the August report, we sought the endorsement of the board for the sending of e-mails to submit notification of export of cryptographic code for the xml-security Java and C++ libraries.

This was discussed, but no final conclusion was indicated on board@.

The e-mails below are proposed, and it is suggested (subject to board approval) that these come from Berin Lautenbach as the chair of the XML PMC.

We would also like to understand whether it is permissable (given recent discussions between Ben Laurie and the FreeBSD folk) to release compiled versions of the libraries.

EMAIL 1 - Java Code

To crypt@bis.doc.gov, enc@ncsc.mil, enc@ncsc.mil
Subject TSU NOTIFICATION


SUBMISSION TYPE: TSU
SUBMITTED BY: Berin Lautenbach
SUBMITTED FOR: Apache Software Foundation
POINT OF CONTACT: Apache's XML Security Project
PHONE and/or FAX: security-dev@xml.apache.org
MANUFACTURER: N/A
PRODUCT NAME/MODEL #: XML-Security-J Library
ECCN: 5D002

NOTIFICATION:
Web site - http://xml.apache.org/security/Java
CVS repository - http://cvs.apache.org/viewcvs.cgi/xml-security/src/
(When Released) http://www.apache.org/dist/xml/security/java-library/

NOTE : Current downloadable release code does not contain the new XML-Encryption code, only digital signature code.  See CVS repository for new code.


EMAIL 2 - C++ Code

To crypt@bis.doc.gov, enc@ncsc.mil, enc@ncsc.mil
Subject TSU NOTIFICATION


SUBMISSION TYPE: TSU
SUBMITTED BY: Berin Lautenbach
SUBMITTED FOR: Apache Software Foundation
POINT OF CONTACT: Apache's XML Security Project
PHONE and/or FAX: security-dev@xml.apache.org
MANUFACTURER: N/A
PRODUCT NAME/MODEL #: XML-Security-C Library
ECCN: 5D002

NOTIFICATION:
Web site - http://xml.apache.org/security/c
CVS Repository - http://cvs.apache.org/viewcvs.cgi/xml-security/c/src/
Download directory - http://www.apache.org/dist/xml/security/c-library/

NOTE : Current downloadable release code does not contain the new XML-Encryption code, only digital signature code.  See CVS repository for new code.

Axkit

The cvs repository has been temporaily branched to allow for some exploritory development into a new pipeline mechanism which will allow for seamless incremental caching, cacheable logic sheets, automatic SAX chaining and an easier pipeline extension mechanism. Since this work is likely to change a number of the internal API's, it's been kept separate from the core until the full impact of it can be accessed. Some fairly intensive design sessions occured in the group in order to try and find ways to support things such as SOAP and DAV more simply at the pipeline level, and this work is expected to come to fruition as part of the new pipeline design.

An initial port to Apache2 has been started with some success, but isn't in a releasable state at the moment. This is currently on hold while we decide whether we want the new pipeline code in for 2.0, so we can then port it forwards.

A number of UTF-8 conversion bugs have been fixed in the core. These manifested in users seeing Latin-1 characters output, while the encoding declaration said UTF-8.

Work on adding a number of new transformation languages has started and should be released soon, concerning mostly STX and TT2. The XSP engine has been enhanced with XSLT-style interpolated attribute value templates.

Batik

Implementation of the Batik distribution miroring. Nightly builds are in place as well as release signing.

Large number of bug fixes. The team thinks SVG is now the only SVG implementation we know of which passes all the W3C Test Suite tests, excluding declarative animation.

The team is planning a 1.5.1 release after ApacheCon.

Commons

We have released a beta of our popular Resolver component, and hope to have a full 1.1 release out in time for version-matching with Ant which points its users to the Resolver for optional tasks.

We also have the start of a plan in place to regularlize the version numbering and releases of our external xml-apis.jar component. We hope we can get the Xalan and Xerces teams to help us ship JAXP-TCK passed versions of xml-apis.jar that can then be used across many ASF projects that deal with XML.

-- ShaneCurcuru

FOP

We were finally able to freeze our maintenance branch so we can concentrate on working on the redesign. As we have very few active people in the Java department (that's different with support) progress is slow. At least, we are starting to get feedback and even patches for the redesign so we are on a good course in spite of the circumstances.

-- JeremiasMaerki

Forrest

Forrest-0.5 was released in mid-September. Work on version 0.6 has so far been focussed on re-organising the build process to be more efficient. A new version of the forrestbot has begun. We continue to update our version of Cocoon to stay just off the bleeding edge. This has been useful for both projects. Progress on Forrest-0.6 has slowed a little and some of the main committers must be occupied by other things. The last report noted that all Cocoon committers are now Forrest committers, but we have only seen one or two. There is also one new Forrest committer. Some of the users seem to be de-lurking on the mailing list, which is a good sign. No known license issues.

Xalan-C ++

There were no new releases, so there was no functional change, however Xalan-C++ did change its distribution to use the mirrors sites (see http://xml.apache.org/mirrors.cgi or http://www.apache.org/dyn/closer.cgi/xml/xalan-c).

--BrianMinchau

Xalan-J/XSLTC

Xalan-J 2.5.2 was released in late October 2003. The changes were:

• bug fixes (see http://xml.apache.org/xalan-j/readme.html)

• downloading of Xalan-J moved to the various mirror sites around the world (see http://xml.apache.org/mirrors.cgi or http://xml.apache.org/xalan-j/downloads.html ) which is also what the other Apache projects did.

Unrelated to the 2.5.2 release, development work was started on the xslt20-compiled branch to support XSLT 2.0 and Xpath 2.0 (both drafts) with XSLTC.

--BrianMinchau

Xerces-C++

Xerces-C has 2 new committers. There have been many bug fixes and considerable work is going into serializable grammars, stateless grammars, PSVI and schema component model. The new memory management scheme is now stable and we think the memory leaks have all been plugged. Entity resolver support has now been enhanced. We hope to release this year.

Xerces-J

In the last couple of months, considerable progress has been made in tracking the DOM level 3 Core and Load/Save specifications. Our XInclude implementation has also become considerably more correct and complete. A new release will likely occur some time this month, which will highlight these changes along with some work on performance.

Xerces-P

The Xerces-P project made a number of bug fix releases on the 2.3.0 stable release (2.3.0-2, -3, and -4). The main focus was smoothing out the initial support for Windows and Mac OS X, and general project cleanup.

There is also now a win32 binary available for the project.

Also, the project switched over to SVN for maintain the source code, and the project WWW site.

The project WWW page is now up-to-date, but has not yet migrated over to using Forrest.

-- JasonStewart

Xindice

No particular progress in Xindice land. Still waiting to find time in fixing documentation and packaging a release, but both the user and dev lists have little or no traffic, and committers seem to be busy elsewhere. A careful consideration about the future of this project should be carried on: Xindice is widely used, yet it seems unable to attract a stable and healthy developer community.

XML-Security

The XML-Security subproject has continued work on implementations of the XML-Encryption standard. An alpha is nearly ready for public release for the C++ library. Some work has also been done on the Java library, but the pace here is slower.