From 0e2ee6366b3e74d6fac51b873391d20344aa407c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Fri, 21 Jun 2024 00:07:37 +0200 Subject: [PATCH 01/17] Use docker for local build. Move manual install instructions to own file --- .asf.yaml | 6 +++--- README.md | 43 ++++++++----------------------------- build.sh | 54 ++++++++++++++++++++++++----------------------- manual-install.md | 49 ++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 89 insertions(+), 63 deletions(-) create mode 100644 manual-install.md diff --git a/.asf.yaml b/.asf.yaml index 61e541f93c..53d0759607 100644 --- a/.asf.yaml +++ b/.asf.yaml @@ -16,7 +16,7 @@ github: production notifications: - jobs: janhoy@apache.org - issues: janhoy@apache.org - pullrequests: janhoy@apache.org + jobs: builds@solr.apache.org + issues: issues@@solr.apache.org + pullrequests: issues@solr.apache.org jira_options: link label worklog diff --git a/README.md b/README.md index 2ee2a4bfb3..6eb40193f8 100644 --- a/README.md +++ b/README.md @@ -4,13 +4,16 @@ This repository contains the "source code" of the Solr website at [solr.apache.o ## Building the site -The site is written in [Markdown][9] syntax and built into a static site using [Pelican][1]. The site is re-built automatically by [ASF Buildbot][5] on every push to main branch, and the result can be previewed at [solr.staged.apache.org][6]. Build success/failure emails are sent to [commits@solr.apache.org][7] mailing list. Read more about the mechanics behind auto building in [INFRA Confluence][8]. +The site is written in [Markdown][9] syntax and built into a static site using [Pelican][1]. + +On each Pull Request we do a simple pelican build. The staging site is re-built automatically by Github Actions on every push to `main` branch, and the result can be previewed at [solr.staged.apache.org][6]. Build success/failure emails are sent to [commits@solr.apache.org][7] mailing list. If the staged site looks good, simply merge the changes to branch `production` and the site will be deployed in a minute or two. Note that simple edits can also be done directly in the GitHub UI rather than clone -> edit -> commit -> push. > **IMPORTANT**: Please never commit directly to `production` branch. All commits should go to `main, and then merge `main` to `production`. Note that it **is** possible to make a Pull Request for the merge from `main-->production`. If you do so, please merge using a merge commit rather than a squash merge. -For larger edits it is recommended to build and preview the site locally. This lets you see the result of your changes instantly without committing anything. The next sections detail that procedure. The TL;DR instructions goes like this: +For larger edits it is recommended to build and preview the site locally. This lets you see the result of your changes instantly without committing anything. +The bundled script uses a pelican docker image to build and serve the site locally. Please make sure you have docker installed. # Usage: ./build.sh [-l] [] # -l Live build and reload source changes on localhost:8000 @@ -19,39 +22,13 @@ For larger edits it is recommended to build and preview the site locally. This l Now go to to view the beautiful Solr web page served from your laptop with live-preview of updates :) -### Installing Pelican by hand - -The site uses [Pelican][1] for static html generation. Pelican requires [Python 3.5+][4] and can be installed with pip. - -**The `build.sh` script mentioned in the above paragraph takes care of setting up your Pelican environment,** and you can skip this part unless you want to understand the moving parts and install things by hand. Assuming that you have python3 installed, simply run: - -```sh -pip3 install -r requirements.txt -``` - -If you run into conflicts with existing packages, a solution is to use a virtual Python environment. See the [Pelican installation page][2] for more details. These are quick commands, Linux flavor: - -```sh -python3 -m venv env -source env/bin/activate -pip install -r requirements.txt -``` - -Once Pelican is installed you can convert your content into HTML via the pelican command (`content` is the default location to build from). - -```sh -pelican -``` - -The above command will generate your site and save it in the `output/` folder using the solr theme and settings defined in `pelicanconf.py` +### Other options -You can also tell Pelican to watch for your modifications, instead of manually re-running it every time you want to see your changes. To enable this, run the pelican command with the `-r` or `--autoreload` option. On non-Windows environments, this option can also be combined with the `-l` or `--listen` option to simultaneously both auto-regenerate and serve the output through a builtin webserver on . +If you want to build the site without the docker image, you can install Python 3 and Pelican, see [manual install](./manual-install.md) for details. -```sh -pelican --autoreload --listen -``` +On Windows, you can use the Windows Subsystem for Linux (WSL) to run the build script. Or you can run the docker command directly in a Terminal: -Remember that on Mac/Linux you can use the `build.sh` script with `-l` option to do the same. + docker run --rm -w /work -p 8000:8000 -v $(pwd):/work qwe1/docker-pelican:4.8.0 pip3 install -r requirements.txt; pelican content -r -l -b 0.0.0.0 ## Updating site during a Solr release @@ -80,9 +57,7 @@ Modify `SOLR_LATEST_RELEASE` and `SOLR_PREVIOUS_MAJOR_RELEASE`, and [2]: https://docs.getpelican.com/en/stable/install.html [3]: https://solr.apache.org/downloads.html#about-versions-and-support [4]: https://www.python.org/downloads/ -[5]: https://ci2.apache.org/#/builders/3 [6]: https://solr.staged.apache.org [7]: https://lists.apache.org/list.html?commits@solr.apache.org -[8]: https://wiki.apache.org/confluence/display/INFRA/Git+-+.asf.yaml+features [9]: http://daringfireball.net/projects/markdown/syntax diff --git a/build.sh b/build.sh index b8b942d4b8..abd423ad30 100755 --- a/build.sh +++ b/build.sh @@ -14,51 +14,53 @@ # See the License for the specific language governing permissions and # limitations under the License. +# Using https://hub.docker.com/r/qwe1/docker-pelican as pelican image, supports both AMD64 and ARM64 +PELICAN_IMAGE="qwe1/docker-pelican:4.8.0" +DOCKER_CMD="docker run --rm -w /work -p 8000:8000 -v $(pwd):/work $PELICAN_IMAGE" +unset SERVE +PIP_CMD="pip3 install -r requirements.txt" +PELICAN_CMD="pelican content -o output" +export SITEURL="https://solr.apache.org/" + +function usage { + echo "Usage: ./build.sh [-l] []" + echo " -l Live build and reload source changes on localhost:8000" + echo " --help Show full help for options that Pelican accepts" +} + +if ! docker -v >/dev/null 2>&1 +then + echo "ERROR: This script requires docker." + echo " Please install Docker and try again." + echo + usage + exit 2 +fi + if [[ ! -z $1 ]]; then if [[ "$1" == "-l" ]]; then SERVE=true shift else - echo "Usage: ./build.sh [-l] []" - echo " -l Live build and reload source changes on localhost:8000" - echo " --help Show full help for options that Pelican accepts" + usage if [[ "$1" == "-h" ]]; then exit 0 elif [[ "$1" == "--help" ]]; then echo echo "Below is a list of other arguments you can use which will be passed to pelican." echo - pelican --help + $DOCKER_CMD pelican -h exit 0 fi fi fi -if [[ ! $(python3 -h 2>/dev/null) ]]; then - echo "No python installed" - echo "Try one of" - echo " brew install python3" - echo " apt install python3" - exit 2 -fi -if [[ -d env ]]; then - source env/bin/activate && pip -q install --upgrade pip && pip -q install -r requirements.txt >/dev/null -fi -if [[ ! $(pelican -h 2>/dev/null) ]]; then - echo "No pelican installed, attempting install" - python3 -m venv env && source env/bin/activate && pip -q install --upgrade pip && pip install -r requirements.txt - if [[ $? -gt 0 ]]; then - echo "Failed pelican install, exiting." - exit 2 - else - echo "Install OK" && echo && echo - fi -fi if [[ $SERVE ]]; then echo "Building Solr site locally. Goto http://localhost:8000 to view." echo "Edits you do to the source tree will be compiled immediately!" - pelican --autoreload --listen $@ + echo "$DOCKER_CMD $PIP_CMD; $PELICAN_CMD --autoreload --listen -b 0.0.0.0" + $DOCKER_CMD $PIP_CMD; $PELICAN_CMD --autoreload --listen -b 0.0.0.0 $@ else echo "Building Solr site." echo "To build and serve live edits locally, run this script with -l argument. Use -h for help." - pelican $@ + $DOCKER_CMD $PIP_CMD; $PELICAN_CMD $@ fi diff --git a/manual-install.md b/manual-install.md new file mode 100644 index 0000000000..122afd6df9 --- /dev/null +++ b/manual-install.md @@ -0,0 +1,49 @@ +# Installing Pelican by hand + +The site uses [Pelican][1] for static html generation. Pelican requires [Python 3.5+][4] and can be installed with pip. + +**The `build.sh` script mentioned in REAME is the easiest way of building the site**, and you can skip this part unless you want to understand the moving parts and install things by hand. + +## Install Python 3 + +First, you need to install Python 3. You can download the latest version from the [Python website][4] or +use your package manager to install it. For example, on macOS: + +```shell +brew install python +``` + +## Install Pelican + +To install pelican and requirements, simply run the following command in the root of the repository: + +```sh +pip3 install -r requirements.txt +``` + +If you run into conflicts with existing packages, a solution is to use a virtual Python environment. See the [Pelican installation page][2] for more details. These are quick commands, Linux flavor: + +```sh +python3 -m venv env +source env/bin/activate +pip install -r requirements.txt +``` + +Once Pelican is installed you can convert your content into HTML via the pelican command (`content` is the default location to build from). + +```sh +pelican +``` + +The above command will generate your site and save it in the `output/` folder using the solr theme and settings defined in `pelicanconf.py` + +You can also tell Pelican to watch for your modifications, instead of manually re-running it every time you want to see your changes. To enable this, run the pelican command with the `-r` or `--autoreload` option. On non-Windows environments, this option can also be combined with the `-l` or `--listen` option to simultaneously both auto-regenerate and serve the output through a builtin webserver on . + +```sh +pelican --autoreload --listen +``` + +Remember that on Mac/Linux you can use the `build.sh` script with `-l` option to do the same. + +[1]: https://blog.getpelican.com/ +[4]: https://www.python.org/downloads/ From 235e4e1f08e2dc8203f1463b9358c37a0ce09c60 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Fri, 21 Jun 2024 00:11:58 +0200 Subject: [PATCH 02/17] Remove debug echo --- build.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/build.sh b/build.sh index abd423ad30..0fa36a5325 100755 --- a/build.sh +++ b/build.sh @@ -57,7 +57,6 @@ fi if [[ $SERVE ]]; then echo "Building Solr site locally. Goto http://localhost:8000 to view." echo "Edits you do to the source tree will be compiled immediately!" - echo "$DOCKER_CMD $PIP_CMD; $PELICAN_CMD --autoreload --listen -b 0.0.0.0" $DOCKER_CMD $PIP_CMD; $PELICAN_CMD --autoreload --listen -b 0.0.0.0 $@ else echo "Building Solr site." From f40760581f0dac83705131d0e6c43c446039c6a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Tue, 25 Jun 2024 12:59:31 +0200 Subject: [PATCH 03/17] Simplify PR build --- .github/workflows/pr-build-pelican.yml | 27 ++++++-------------------- 1 file changed, 6 insertions(+), 21 deletions(-) diff --git a/.github/workflows/pr-build-pelican.yml b/.github/workflows/pr-build-pelican.yml index 08524ca598..07f5b7c89d 100644 --- a/.github/workflows/pr-build-pelican.yml +++ b/.github/workflows/pr-build-pelican.yml @@ -10,25 +10,10 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - name: Set up Python - # This is the version of the action for setting up Python, not the Python version. - uses: actions/setup-python@v5 + - name: Build Pelican Site + uses: apache/infrastructure-actions/pelican@main with: - python-version: '3.x' - - name: Display Python version - run: python -c "import sys; print(sys.version)" - - name: Install Pelican - shell: bash - # Install needs to run in separate shell so stdout is restored - run: | - ( - pip3 install pelican==4.9.1 markdown bs4 ezt requests - ) - python3 -V - echo "Pelican version:" - pelican --version - # If the site uses Github Flavored Markdown, use this build branch - - name: Generate website from markdown - shell: bash - run: | - python3 -B -m pelican content + destination: ${{ github.ref == 'refs/heads/production' && 'asf-site' || 'asf-staging' }} + gfm: 'false' + version: '4.8.0' + publish: 'false' From 84f9dd974f35b8752c65ba843915e91913df1aab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Tue, 25 Jun 2024 13:01:51 +0200 Subject: [PATCH 04/17] Re-enable some py modules --- .github/workflows/pr-build-pelican.yml | 3 +-- requirements.txt | 6 +++--- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/workflows/pr-build-pelican.yml b/.github/workflows/pr-build-pelican.yml index 07f5b7c89d..7d5ced8f30 100644 --- a/.github/workflows/pr-build-pelican.yml +++ b/.github/workflows/pr-build-pelican.yml @@ -13,7 +13,6 @@ jobs: - name: Build Pelican Site uses: apache/infrastructure-actions/pelican@main with: - destination: ${{ github.ref == 'refs/heads/production' && 'asf-site' || 'asf-staging' }} gfm: 'false' - version: '4.8.0' + version: '4.9.1' publish: 'false' diff --git a/requirements.txt b/requirements.txt index 1dcd2d739b..84f33cddd8 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,12 +1,12 @@ pelican~=4.9.1 Markdown~=3.4 -#checksumdir~=1.2.0 +checksumdir~=1.2.0 # Pelican plugins beautifulsoup4~=4.12.3 # Dependencies of the vex plugin -#jsonschema~=4.22.0 -#jsonref~=1.1.0 +jsonschema~=4.22.0 +jsonref~=1.1.0 # Dev tools invoke~=2.2.0 From d34a288028772cc7ca09eb1ac11f764047c58576 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Tue, 25 Jun 2024 13:06:45 +0200 Subject: [PATCH 05/17] Re-enable VEX --- pelicanconf.py | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/pelicanconf.py b/pelicanconf.py index 7f1d1b9141..749921f158 100755 --- a/pelicanconf.py +++ b/pelicanconf.py @@ -2,7 +2,7 @@ # -*- coding: utf-8 -*- # from __future__ import unicode_literals from datetime import datetime, date -#from checksumdir import dirhash +from checksumdir import dirhash AUTHOR = 'Solr Developers' SITENAME = 'Apache Solr' @@ -20,9 +20,7 @@ # This string will be appended to all unversioned css and js resources to prevent caching surprises on edits. # The theme's htaccess file also sets a cache-control header with longer lifetime, if the v=XXXX query string is added. -#STATIC_RESOURCE_SUFFIX = "?v=%s" % dirhash('themes/solr/static', 'sha1')[-8:] -# SOLR-17339: Dynamic hash disabled until we can install custom modules like checksumdir. Bump this manually on changes -STATIC_RESOURCE_SUFFIX = "?v=4dd59757" +STATIC_RESOURCE_SUFFIX = "?v=%s" % dirhash('themes/solr/static', 'sha1')[-8:] PATH = 'content' @@ -99,8 +97,7 @@ 'jinja2content', 'regex_replace', 'age_days_lt', -# SOLR-17339: Vex disabled until https://github.com/apache/infrastructure-actions/pull/63 is merged -# 'vex' + 'vex' # 'md_inline_extension', ] From 0daa07a9665442a23498ab8a81c61735b426aafb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Tue, 25 Jun 2024 13:06:51 +0200 Subject: [PATCH 06/17] Revert "Add a static copy of the VEX table as a stop gap (#105)" This reverts commit ba79233ff7992ad1cd3ee6d579c1cea29b7f2c1e. --- themes/solr/templates/security.html | 354 ---------------------------- 1 file changed, 354 deletions(-) diff --git a/themes/solr/templates/security.html b/themes/solr/templates/security.html index 0dd531c2d5..1c465737a8 100644 --- a/themes/solr/templates/security.html +++ b/themes/solr/templates/security.html @@ -73,360 +73,6 @@

CVE reports for Apache Solr de {{ sub("(https://.*?)([.;]\s)", "\\1\\2", v.analysis.detail) }} {% endfor %} - - - - CVE-2022-33980 - - < 9.1 - - - commons-configuration2-2.7.jar - not affected - Solr uses commons-configuration2 for "hadoop-auth" only (for Kerberos). It is only used for loading Hadoop configuration files that would only ever be provided by trusted administrators, not externally (untrusted). - - - - CVE-2022-42889 - - < 9.1 - - - commons-text-1.9.jar - not affected - Solr uses commons-text directly (StringEscapeUtils.escapeEcmaScript) in LoadAdminUiServlet that is not vulnerable. Solr also has a "hadoop-auth" module that uses Apache Hadoop which uses commons-text through commons-configuration2. For Solr, the concern is limited to loading Hadoop configuration files that would only ever be provided by trusted administrators, not externally (untrusted). - - - - CVE-2022-25168 - - < 9.1 - - - hadoop-common-3.2.2.jar - not affected - The vulnerable code won't be used by Solr because Solr only is only using HDFS as a client. - - - - CVE-2021-44832 - - 7.4-8.11.1 - - - log4j-core-2.14.1.jar, log4j-core-2.16.0.jar - not affected - Solr's default log configuration doesn't use JDBCAppender and we don't imagine a user would want to use it or other obscure appenders. - - - - CVE-2021-45105, CVE-2021-45046 - - 7.4-8.11.1 - - - log4j-core-2.14.1.jar, log4j-core-2.16.0.jar - not affected - The MDC data used by Solr are for the collection, shard, replica, core and node names, and a potential trace id, which are all sanitized. Furthermore, Solr's default log configuration doesn't use double-dollar-sign and we don't imagine a user would want to do that. - - - - CVE-2020-13955 - - 8.1.0- today - - - avatica-core-1.13.0.jar, calcite-core-1.18.0.jar - not affected - Solr's SQL adapter does not use the vulnerable class "HttpUtils". Calcite only used it to talk to Druid or Splunk. - - - - CVE-2018-10237 - - 5.4.0-today - - - carrot2-guava-18.0.jar - not affected - Only used with the Carrot2 clustering engine. - - - - CVE-2014-0114 - - 4.9.0-7.5.0 - - - commons-beanutils-1.8.3.jar - not affected - This is only used at compile time and it cannot be used to attack Solr. Since it is generally unnecessary, the dependency has been removed as of 7.5.0. See SOLR-12617. - - - - CVE-2019-10086 - - 8.0.0-8.3.0 - - - commons-beanutils-1.9.3.jar - not affected - While commons-beanutils was removed in 7.5, it was added back in 8.0 in error and removed again in 8.3. The vulnerable class was not used in any Solr code path. This jar remains a dependency of both Velocity and hadoop-common, but Solr does not use it in our implementations. - - - - CVE-2012-2098, CVE-2018-1324, CVE-2018-11771 - - 4.6.0-today - - - commons-compress (only as part of Ant 1.8.2) - not affected - Only used in test framework and at build time. - - - - CVE-2018-1000632 - - 4.6.0-today - - - dom4j-1.6.1.jar - not affected - Only used in Solr tests. - - - - CVE-2018-10237 - - 4.6.0-today - - - guava-*.jar - not affected - Only used in tests. - - - - CVE-2017-15718 - - 6.6.1-7.6.0 - - - hadoop-auth-2.7.4.jar, hadoop-hdfs-2.7.4.jar (all Hadoop) - not affected - Does not impact Solr because Solr uses Hadoop as a client library. - - - - CVE-2017-14952 - - 6.0.0-7.5.0 - - - icu4j-56.1.jar, icu4j-59.1.jar - not affected - Issue applies only to the C++ release of ICU and not ICU4J, which is what Lucene uses. ICU4J is at v63.2 as of Lucene/Solr 7.6.0 - - - - CVE-2017-15095, CVE-2017-17485, CVE-2017-7525, CVE-2018-5968, CVE-2018-7489, CVE-2019-12086, CVE-2019-12384, CVE-2018-12814, CVE-2019-14379, CVE-2019-14439, CVE-2020-35490, CVE-2020-35491, CVE-2021-20190, CVE-2019-14540, CVE-2019-16335 - - 4.7.0-today - - - jackson-databind-*.jar - not affected - These CVEs, and most of the known jackson-databind CVEs since 2017, are all related to problematic 'gadgets' that could be exploited during deserialization of untrusted data. The Jackson developers described 4 conditions that must be met in order for a problematic gadget to be exploited. See https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062. Solr's use of jackson-databind does not meet 1 of the 4 conditions described which makes these CVEs unexploitable. The specific condition that Solr does not meet is the 3rd one: 'Enable polymorphic type handling' Solr does not include any polymorphic type handling, and Solr does not configure jackson-databind de/serialization to expect or include class names in serialized JSON. Two CVEs, 2019-14540 & 2019-16335, are related to HikariConfig and HikariDataSource classes, neither of which are used in Solr's code base. - - - - CVE-2019-10241, CVE-2019-10247 - - 7.7.0-8.2 - - - jetty-9.4.14 - not affected - Solr upgraded to Jetty 9.4.19 for the 8.2 release. Additionally, the path to exploit these vulnerabilities was fixed in 8.1 and 7.7.2. Earlier versions can manually patch their configurations as described in SOLR-13409. - - - - CVE-2020-27218 - - 7.3.0-8.8.0 - - - jetty-9.4.0 to 9.4.34 - not affected - Only exploitable through use of Jetty's GzipHandler, which is only implemented in Embedded Solr Server. - - - - CVE-2020-27223 - - 7.3.0-present - - - jetty-9.4.6 to 9.4.36 - not affected - Only exploitable if Solr's webapp directory is deployed as a symlink, which is not Solr's default. - - - - CVE-2021-33813 - - to present - - - jdom-*.jar - not affected - JDOM is only used in Solr Cell, which should not be used in production which makes the vulnerability unexploitable. It is a dependency of Apache Tika, which has analyzed the issue and determined the vulnerability is limited to two libraries not commonly used in search applications, see TIKA-3488 for details. Since Tika should be used outside of Solr, use a version of Tika which updates the affected libraries if concerned about exposure to this issue. - - - - CVE-2018-1000056 - - 4.6.0-7.6.0 - - - junit-4.10.jar - not affected - JUnit only used in tests; CVE only refers to a Jenkins plugin not used by Solr. - - - - CVE-2014-7940, CVE-2016-6293, CVE-2016-7415, CVE-2017-14952, CVE-2017-17484, CVE-2017-7867, CVE-2017-7868 - - 7.3.1 - - - lucene-analyzers-icu-7.3.1.jar - not affected - All of these issues apply to the C++ release of ICU and not ICU4J, which is what Lucene uses. - - - - CVE-2019-16869 - - 8.2-8.3 - - - netty-all-4.1.29.Final.jar - not affected - This is not included in Solr but is a dependency of ZooKeeper 3.5.5. The version was upgraded in ZooKeeper 3.5.6, included with Solr 8.3. The specific classes mentioned in the CVE are not used in Solr (nor in ZooKeeper as far as the Solr community can determine). - - - - CVE-2017-14868, CVE-2017-14949 - - 5.2.0-today - - - org.restlet-2.3.0.jar - not affected - Solr should not be exposed outside a firewall where bad actors can send HTTP requests. These two CVEs specifically involve classes (SimpleXMLProvider and XmlRepresentation, respectively) that Solr does not use in any code path. - - - - CVE-2015-5237 - - 6.5.0-today - - - protobuf-java-3.1.0.jar - not affected - Dependency for Hadoop and Calcite. ?? - - - - CVE-2018-1471 - - 5.4.0-7.7.2, 8.0-8.3 - - - simple-xml-2.7.1.jar - not affected - Dependency of Carrot2 and used during compilation, not at runtime (see SOLR-769. This .jar was replaced in Solr 8.3 and backported to 7.7.3 (see SOLR-13779). - - - - CVE-2018-8088 - - 4.x-today - - - slf4j-api-1.7.24.jar, jcl-over-slf4j-1.7.24.jar, jul-to-slf4j-1.7.24.jar - not affected - The reported CVE impacts org.slf4j.ext.EventData, which is not used in Solr. - - - - CVE-2018-1335 - - 7.3.1-7.5.0 - - - tika-core.1.17.jar - not affected - Solr does not run tika-server, so this is not a problem. - - - - CVE- - - 7.3.1-today - - - tika-core.*.jar - not affected - All Tika issues that could be Solr vulnerabilities would only be exploitable if untrusted files are indexed with SolrCell. This is not recommended in production systems, so Solr does not consider these valid CVEs for Solr. - - - - CVE- - - 6.6.2-today - - - velocity-tools-2.0.jar - not affected - Solr does not ship a Struts jar. This is a transitive POM listing and not included with Solr (see comment in SOLR-2849). - - - - CVE-2016-6809, CVE-2018-1335, CVE-2018-1338, CVE-2018-1339 - - 5.5.5, 6.2.0-today - - - vorbis-java-tika-0.8.jar - not affected - See https://github.com/Gagravarr/VorbisJava/issues/30; reported CVEs are not related to OggVorbis at all. - - - - CVE-2012-0881 - - ~2.9-today - - - xercesImpl-2.9.1.jar - not affected - Only used in Lucene Benchmarks and Solr tests. - - - - CVE-2023-51074, GHSA-pfh2-hfmq-phg5 - - all - - - json-path-2.8.0.jar - not affected - The only places we use json-path is for querying (via Calcite) and for transforming/indexing custom JSON. Since the advisory describes a problem that is limited to the current thread, and users that are allowed to query/transform/index are already trusted to cause load to some extent, this advisory does not appear to have impact on the way json-path is used in Solr. - - {% endblock content_inner %} From 3a02aca42058f349267ca02c0e21cdce62d33795 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Tue, 25 Jun 2024 13:12:25 +0200 Subject: [PATCH 07/17] Debug mode --- .github/workflows/pr-build-pelican.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/pr-build-pelican.yml b/.github/workflows/pr-build-pelican.yml index 7d5ced8f30..8240a43cba 100644 --- a/.github/workflows/pr-build-pelican.yml +++ b/.github/workflows/pr-build-pelican.yml @@ -16,3 +16,4 @@ jobs: gfm: 'false' version: '4.9.1' publish: 'false' + debug: 'true' From 7fafcd94273d0983c47cb01c950f241941a8ddba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Wed, 26 Jun 2024 01:25:16 +0200 Subject: [PATCH 08/17] Turn off debug --- .github/workflows/pr-build-pelican.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-build-pelican.yml b/.github/workflows/pr-build-pelican.yml index 8240a43cba..080b8fba29 100644 --- a/.github/workflows/pr-build-pelican.yml +++ b/.github/workflows/pr-build-pelican.yml @@ -16,4 +16,4 @@ jobs: gfm: 'false' version: '4.9.1' publish: 'false' - debug: 'true' + debug: 'false' From e2cea22ba909dfcaaab97c8e5ff75f2cac07ea60 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Wed, 26 Jun 2024 12:50:05 +0200 Subject: [PATCH 09/17] Improve build script --- README.md | 6 ++--- build.sh | 80 +++++++++++++++++++++++++++++++++++++++++-------------- 2 files changed, 63 insertions(+), 23 deletions(-) diff --git a/README.md b/README.md index 6eb40193f8..1af5fc9771 100644 --- a/README.md +++ b/README.md @@ -15,9 +15,9 @@ If the staged site looks good, simply merge the changes to branch `production` a For larger edits it is recommended to build and preview the site locally. This lets you see the result of your changes instantly without committing anything. The bundled script uses a pelican docker image to build and serve the site locally. Please make sure you have docker installed. - # Usage: ./build.sh [-l] [] + # Usage: ./build.sh [-l] [-b] [] # -l Live build and reload source changes on localhost:8000 - # --help Show full help for options that Pelican accepts + # -b Re-build local docker image, re-installing packages from requirements.txt ./build.sh -l Now go to to view the beautiful Solr web page served from your laptop with live-preview of updates :) @@ -28,7 +28,7 @@ If you want to build the site without the docker image, you can install Python 3 On Windows, you can use the Windows Subsystem for Linux (WSL) to run the build script. Or you can run the docker command directly in a Terminal: - docker run --rm -w /work -p 8000:8000 -v $(pwd):/work qwe1/docker-pelican:4.8.0 pip3 install -r requirements.txt; pelican content -r -l -b 0.0.0.0 + docker run --rm -ti -w /work -p 8000:8000 -v $(pwd):/work qwe1/docker-pelican:4.8.0 sh -c "pip3 install -r requirements.txt; pelican content -r -l -b 0.0.0.0" ## Updating site during a Solr release diff --git a/build.sh b/build.sh index 0fa36a5325..984b5dd042 100755 --- a/build.sh +++ b/build.sh @@ -14,20 +14,43 @@ # See the License for the specific language governing permissions and # limitations under the License. +# Fail on error +set -e +#set -x + # Using https://hub.docker.com/r/qwe1/docker-pelican as pelican image, supports both AMD64 and ARM64 PELICAN_IMAGE="qwe1/docker-pelican:4.8.0" -DOCKER_CMD="docker run --rm -w /work -p 8000:8000 -v $(pwd):/work $PELICAN_IMAGE" +SOLR_PELICAN_IMAGE="solr-pelican-image" +DOCKER_CMD="docker run --rm -ti -w /work -p 8000:8000 -v $(pwd):/work $SOLR_PELICAN_IMAGE" unset SERVE PIP_CMD="pip3 install -r requirements.txt" PELICAN_CMD="pelican content -o output" +PELICAN_OPTS="" export SITEURL="https://solr.apache.org/" function usage { - echo "Usage: ./build.sh [-l] []" + echo "Usage: ./build.sh [-l] [-b] []" echo " -l Live build and reload source changes on localhost:8000" + echo " -b Re-build local docker image, re-installing packages from requirements.txt" echo " --help Show full help for options that Pelican accepts" } +function build_image { + echo "Building local Docker image for Pelican, called $SOLR_PELICAN_IMAGE." + # Make a new local image with the pip packages installed + docker rm -f solr-pelican >/dev/null 2>&1 || true + docker run --name solr-pelican -w /work -v $(pwd):/work $PELICAN_IMAGE sh -c "$PIP_CMD" + docker commit solr-pelican $SOLR_PELICAN_IMAGE + docker rm -f solr-pelican >/dev/null 2>&1 || true +} + +function ensure_image { + if ! docker inspect $SOLR_PELICAN_IMAGE >/dev/null 2>&1 + then + build_image + fi +} + if ! docker -v >/dev/null 2>&1 then echo "ERROR: This script requires docker." @@ -37,29 +60,46 @@ then exit 2 fi -if [[ ! -z $1 ]]; then - if [[ "$1" == "-l" ]]; then - SERVE=true - shift - else - usage - if [[ "$1" == "-h" ]]; then - exit 0 - elif [[ "$1" == "--help" ]]; then - echo - echo "Below is a list of other arguments you can use which will be passed to pelican." - echo - $DOCKER_CMD pelican -h +while getopts ":lbh-:" opt; do + case ${opt} in + l ) + SERVE=true + ;; + b ) + build_image + ;; + h ) + usage exit 0 - fi - fi -fi + ;; + - ) + case "${OPTARG}" in + help ) + echo + echo "Below is a list of other arguments you can use which will be passed to pelican." + echo + $DOCKER_CMD pelican -h + exit 0 + ;; + * ) + PELICAN_OPTS+="--${OPTARG} " + ;; + esac + ;; + \? ) + PELICAN_OPTS+="-${OPTARG} " + ;; + esac +done +shift $((OPTIND -1)) + +ensure_image if [[ $SERVE ]]; then echo "Building Solr site locally. Goto http://localhost:8000 to view." echo "Edits you do to the source tree will be compiled immediately!" - $DOCKER_CMD $PIP_CMD; $PELICAN_CMD --autoreload --listen -b 0.0.0.0 $@ + $DOCKER_CMD sh -c "$PELICAN_CMD --autoreload --listen -b 0.0.0.0 $PELICAN_OPTS $*" else echo "Building Solr site." echo "To build and serve live edits locally, run this script with -l argument. Use -h for help." - $DOCKER_CMD $PIP_CMD; $PELICAN_CMD $@ + $DOCKER_CMD sh -c "$PELICAN_CMD $PELICAN_OPTS $*" fi From 218fc25280e85f734bdbd17ff40f18f696c720cb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Wed, 26 Jun 2024 13:00:16 +0200 Subject: [PATCH 10/17] Print output about -b option --- build.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/build.sh b/build.sh index 984b5dd042..e84945ff5b 100755 --- a/build.sh +++ b/build.sh @@ -97,9 +97,11 @@ ensure_image if [[ $SERVE ]]; then echo "Building Solr site locally. Goto http://localhost:8000 to view." echo "Edits you do to the source tree will be compiled immediately!" + echo "Changes to requirements.txt will require using -b option to rebuild the image." $DOCKER_CMD sh -c "$PELICAN_CMD --autoreload --listen -b 0.0.0.0 $PELICAN_OPTS $*" else - echo "Building Solr site." + echo "Building Solr site locally." echo "To build and serve live edits locally, run this script with -l argument. Use -h for help." + echo "Changes to requirements.txt will require using -b option to rebuild the image." $DOCKER_CMD sh -c "$PELICAN_CMD $PELICAN_OPTS $*" fi From 71d9b107135cb6aeca20b268c250f17f988e9e8a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Wed, 26 Jun 2024 13:11:48 +0200 Subject: [PATCH 11/17] Fixup manual-install.md --- manual-install.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/manual-install.md b/manual-install.md index 122afd6df9..d18d812e84 100644 --- a/manual-install.md +++ b/manual-install.md @@ -1,12 +1,13 @@ # Installing Pelican by hand -The site uses [Pelican][1] for static html generation. Pelican requires [Python 3.5+][4] and can be installed with pip. +The site uses [Pelican][1] for static html generation. Pelican requires [Python 3.5+][2] and can be installed with pip. -**The `build.sh` script mentioned in REAME is the easiest way of building the site**, and you can skip this part unless you want to understand the moving parts and install things by hand. +**The `build.sh` script mentioned in README is the easiest way of building the site using Docker**. +If for some reason you want to install Python and Pelican by hand, here are the steps: ## Install Python 3 -First, you need to install Python 3. You can download the latest version from the [Python website][4] or +First, you need to install Python 3. You can download the latest version from the [Python website][2] or use your package manager to install it. For example, on macOS: ```shell @@ -21,7 +22,7 @@ To install pelican and requirements, simply run the following command in the roo pip3 install -r requirements.txt ``` -If you run into conflicts with existing packages, a solution is to use a virtual Python environment. See the [Pelican installation page][2] for more details. These are quick commands, Linux flavor: +If you run into conflicts with existing packages, a solution is to use a virtual Python environment. See the [Pelican installation page][3] for more details. These are quick commands, Linux flavor: ```sh python3 -m venv env @@ -43,7 +44,6 @@ You can also tell Pelican to watch for your modifications, instead of manually r pelican --autoreload --listen ``` -Remember that on Mac/Linux you can use the `build.sh` script with `-l` option to do the same. - -[1]: https://blog.getpelican.com/ -[4]: https://www.python.org/downloads/ +[1]: https://getpelican.com +[2]: https://www.python.org/downloads/ +[3]: https://docs.getpelican.com/en/stable/install.html From 667a489f226b0b16828594282615fcb142ba8e94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Wed, 26 Jun 2024 13:25:54 +0200 Subject: [PATCH 12/17] Use python:3-alpine as base image --- README.md | 2 +- build.sh | 15 +++++++-------- 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 1af5fc9771..87eb1aea05 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ If you want to build the site without the docker image, you can install Python 3 On Windows, you can use the Windows Subsystem for Linux (WSL) to run the build script. Or you can run the docker command directly in a Terminal: - docker run --rm -ti -w /work -p 8000:8000 -v $(pwd):/work qwe1/docker-pelican:4.8.0 sh -c "pip3 install -r requirements.txt; pelican content -r -l -b 0.0.0.0" + docker run --rm -ti -w /work -p 8000:8000 -v $(pwd):/work python:3-alpine sh -c "pip3 install -r requirements.txt; pelican content -r -l -b 0.0.0.0" ## Updating site during a Solr release diff --git a/build.sh b/build.sh index e84945ff5b..e69c79ff86 100755 --- a/build.sh +++ b/build.sh @@ -18,10 +18,9 @@ set -e #set -x -# Using https://hub.docker.com/r/qwe1/docker-pelican as pelican image, supports both AMD64 and ARM64 -PELICAN_IMAGE="qwe1/docker-pelican:4.8.0" -SOLR_PELICAN_IMAGE="solr-pelican-image" -DOCKER_CMD="docker run --rm -ti -w /work -p 8000:8000 -v $(pwd):/work $SOLR_PELICAN_IMAGE" +PYTHON_IMAGE="python:3-alpine" +SOLR_LOCAL_PELICAN_IMAGE="solr-pelican-image" +DOCKER_CMD="docker run --rm -ti -w /work -p 8000:8000 -v $(pwd):/work $SOLR_LOCAL_PELICAN_IMAGE" unset SERVE PIP_CMD="pip3 install -r requirements.txt" PELICAN_CMD="pelican content -o output" @@ -36,16 +35,16 @@ function usage { } function build_image { - echo "Building local Docker image for Pelican, called $SOLR_PELICAN_IMAGE." + echo "Building local Docker image for Pelican, called $SOLR_LOCAL_PELICAN_IMAGE." # Make a new local image with the pip packages installed docker rm -f solr-pelican >/dev/null 2>&1 || true - docker run --name solr-pelican -w /work -v $(pwd):/work $PELICAN_IMAGE sh -c "$PIP_CMD" - docker commit solr-pelican $SOLR_PELICAN_IMAGE + docker run --name solr-pelican -w /work -v $(pwd):/work $PYTHON_IMAGE sh -c "$PIP_CMD" + docker commit solr-pelican $SOLR_LOCAL_PELICAN_IMAGE docker rm -f solr-pelican >/dev/null 2>&1 || true } function ensure_image { - if ! docker inspect $SOLR_PELICAN_IMAGE >/dev/null 2>&1 + if ! docker inspect $SOLR_LOCAL_PELICAN_IMAGE >/dev/null 2>&1 then build_image fi From d6c52b69841c2adfbc16497320344062d6d7a010 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Wed, 26 Jun 2024 15:04:54 +0200 Subject: [PATCH 13/17] Auto rebuild when requirements.txt has changed --- README.md | 3 +-- build.sh | 36 ++++++++++++++++++++++++++++++++---- 2 files changed, 33 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 87eb1aea05..72c0a03c49 100644 --- a/README.md +++ b/README.md @@ -15,9 +15,8 @@ If the staged site looks good, simply merge the changes to branch `production` a For larger edits it is recommended to build and preview the site locally. This lets you see the result of your changes instantly without committing anything. The bundled script uses a pelican docker image to build and serve the site locally. Please make sure you have docker installed. - # Usage: ./build.sh [-l] [-b] [] + # Usage: ./build.sh [-l] [] # -l Live build and reload source changes on localhost:8000 - # -b Re-build local docker image, re-installing packages from requirements.txt ./build.sh -l Now go to to view the beautiful Solr web page served from your laptop with live-preview of updates :) diff --git a/build.sh b/build.sh index e69c79ff86..54bc02d0df 100755 --- a/build.sh +++ b/build.sh @@ -28,9 +28,8 @@ PELICAN_OPTS="" export SITEURL="https://solr.apache.org/" function usage { - echo "Usage: ./build.sh [-l] [-b] []" + echo "Usage: ./build.sh [-l] []" echo " -l Live build and reload source changes on localhost:8000" - echo " -b Re-build local docker image, re-installing packages from requirements.txt" echo " --help Show full help for options that Pelican accepts" } @@ -50,6 +49,36 @@ function ensure_image { fi } +function check_requirements_update { + # Get the last modified time of requirements.txt + local req_mod_time + if [[ $(uname) == "Darwin" ]]; then + req_mod_time=$(stat -f "%m" requirements.txt) + else + req_mod_time=$(stat -c "%Y" requirements.txt) + fi + + # Get the build timestamp of the docker image + local image_build_time + image_build_time=$(docker inspect --format='{{.Created}}' $SOLR_LOCAL_PELICAN_IMAGE) + + # Parse the timestamp into seconds since epoch in UTC + if [[ $(uname) == "Darwin" ]]; then + # macOS date command workaround + image_build_time=$(echo "$image_build_time" | awk -F '.' '{print $1}') + image_build_time=$(date -ju -f "%Y-%m-%dT%H:%M:%S" "$image_build_time" "+%s") + else + # Linux date command + image_build_time=$(date -d "$(echo "$image_build_time" | cut -d'.' -f1 | sed 's/T/ /; s/Z//')" --utc "+%s") + fi + + # Compare the timestamps and build the image if requirements.txt is newer + if [[ $req_mod_time -gt $image_build_time ]]; then + echo "requirements.txt has been updated since the last build, rebuilding image!" + build_image + fi +} + if ! docker -v >/dev/null 2>&1 then echo "ERROR: This script requires docker." @@ -93,14 +122,13 @@ done shift $((OPTIND -1)) ensure_image +check_requirements_update if [[ $SERVE ]]; then echo "Building Solr site locally. Goto http://localhost:8000 to view." echo "Edits you do to the source tree will be compiled immediately!" - echo "Changes to requirements.txt will require using -b option to rebuild the image." $DOCKER_CMD sh -c "$PELICAN_CMD --autoreload --listen -b 0.0.0.0 $PELICAN_OPTS $*" else echo "Building Solr site locally." echo "To build and serve live edits locally, run this script with -l argument. Use -h for help." - echo "Changes to requirements.txt will require using -b option to rebuild the image." $DOCKER_CMD sh -c "$PELICAN_CMD $PELICAN_OPTS $*" fi From 4561009d5637198dc6cb7179ffeb019a0dd4a53d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Wed, 26 Jun 2024 15:10:21 +0200 Subject: [PATCH 14/17] Help line --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 72c0a03c49..859f183a09 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,7 @@ The bundled script uses a pelican docker image to build and serve the site local # Usage: ./build.sh [-l] [] # -l Live build and reload source changes on localhost:8000 + # --help Show full help for options that Pelican accepts ./build.sh -l Now go to to view the beautiful Solr web page served from your laptop with live-preview of updates :) From 1337500784ae11b32aeaf2d44181a1534b4b7a67 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Wed, 26 Jun 2024 21:46:05 +0200 Subject: [PATCH 15/17] Show usage for --help too --- build.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/build.sh b/build.sh index 54bc02d0df..861179f1fe 100755 --- a/build.sh +++ b/build.sh @@ -28,7 +28,7 @@ PELICAN_OPTS="" export SITEURL="https://solr.apache.org/" function usage { - echo "Usage: ./build.sh [-l] []" + echo "Usage: ./build.sh [-l] [-h] []" echo " -l Live build and reload source changes on localhost:8000" echo " --help Show full help for options that Pelican accepts" } @@ -103,6 +103,7 @@ while getopts ":lbh-:" opt; do - ) case "${OPTARG}" in help ) + usage echo echo "Below is a list of other arguments you can use which will be passed to pelican." echo From e809111872d6a8757206bf31963b9b864e9ec9eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Thu, 27 Jun 2024 00:02:03 +0200 Subject: [PATCH 16/17] Fix issues email and update readme --- .asf.yaml | 2 +- README.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.asf.yaml b/.asf.yaml index 53d0759607..4908b5e232 100644 --- a/.asf.yaml +++ b/.asf.yaml @@ -17,6 +17,6 @@ github: notifications: jobs: builds@solr.apache.org - issues: issues@@solr.apache.org + issues: issues@solr.apache.org pullrequests: issues@solr.apache.org jira_options: link label worklog diff --git a/README.md b/README.md index 859f183a09..669210fffe 100644 --- a/README.md +++ b/README.md @@ -13,9 +13,9 @@ If the staged site looks good, simply merge the changes to branch `production` a > **IMPORTANT**: Please never commit directly to `production` branch. All commits should go to `main, and then merge `main` to `production`. Note that it **is** possible to make a Pull Request for the merge from `main-->production`. If you do so, please merge using a merge commit rather than a squash merge. For larger edits it is recommended to build and preview the site locally. This lets you see the result of your changes instantly without committing anything. -The bundled script uses a pelican docker image to build and serve the site locally. Please make sure you have docker installed. +The bundled script uses a docker image to build and serve the site locally. Please make sure you have docker installed. - # Usage: ./build.sh [-l] [] + # Usage: ./build.sh [-l] [-h] [] # -l Live build and reload source changes on localhost:8000 # --help Show full help for options that Pelican accepts ./build.sh -l From 07f735c7f6a627ee7d976b666492550519a24d34 Mon Sep 17 00:00:00 2001 From: lizbiella <114702254+lizbiella@users.noreply.github.com> Date: Mon, 8 Jul 2024 16:52:21 +0200 Subject: [PATCH 17/17] Create 2024-07-01-birds-of-a-feather.md (#110) Added the blogpost about Birds of a Feather --- .../pages/blogposts/2024-07-01-birds-of-a-feather.md | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 content/pages/blogposts/2024-07-01-birds-of-a-feather.md diff --git a/content/pages/blogposts/2024-07-01-birds-of-a-feather.md b/content/pages/blogposts/2024-07-01-birds-of-a-feather.md new file mode 100644 index 0000000000..2360dcb1c7 --- /dev/null +++ b/content/pages/blogposts/2024-07-01-birds-of-a-feather.md @@ -0,0 +1,11 @@ +Title: Community Over Code EU 2024 Apache Lucene/Solr Birds Of A Feather +category: solr/blogposts +summary: This blog post is a summary of the Apache Lucene/Solr Birds of a Feather from Community Over Code EU 2024 in Bratislava, Slovakia. Written by Alessandro Benedetti, Director at Sease and Apache Solr Committer and PMC member. +slug: community-over-code-eu-2024-birds-of-a-feather +URL: blogposts/community-over-code-eu-2024-birds-of-a-feather.html +save_as: blogposts/community-over-code-eu-2024-birds-of-a-feather.html + +# Community Over Code EU 2024 Apache Lucene/Solr Birds Of A Feather +Dive into the insights and key takeaways from the Apache Lucene/Solr Birds of a Feather (BoF) session at Community Over Code EU 2024, held in the vibrant city of Bratislava, Slovakia. This session was specially organized to gather feedback from the community, fostering a collaborative environment where developers, users, and enthusiasts could share their experiences and insights. + +Read about the brainstorming that took place during the event to shape the future of these Apache projects - the complete post can be read here: [Community Over Code EU 2024 Apache Lucene/Solr Birds Of A Feather](https://sease.io/2024/06/community-over-code-eu-2024.html)