cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chip Childers <chip.child...@sungard.com>
Subject Re: [ACS41] Concerns about where development has happened
Date Thu, 10 Jan 2013 14:47:37 GMT
On Wed, Jan 9, 2013 at 9:24 PM, David Nalley <david@gnsa.us> wrote:
> So I figured I'd add some additional thoughts. There are process
> problems, and if you want to understand why we consider this so
> important, take a look at this post[1] by Brett Porter from a few
> months back. IMO getting the process right is vital to our success as
> a project, but it isn't the only problem.
>
> There's also an IP issue here. If you are developing in the ASF repo,
> we are relatively assured that you are complying with the CLA that you
> signed when you were invited as a committer. When massive amounts of
> code come flying in as a single commit, and especially when we are
> aware that the code has been released by another entity who likely
> claims copyright, all manner of warning lights come on. Was this
> copy-pasted into the Apache repos from elsewhere? Is it really yours
> to contribute? Has some grant been attached?
>
> A couple of examples to hopefully explain this better:
>
> The current vote going on for tests is a great example. From an IP
> perspective, that code was written for hire by a contractor (Clogeny)
> for Citrix, and Citrix owned the copyright. So currently the copyright
> for that section of code is owned by Citrix and there needs to occur
> clarification around license, whether it's being licensed or donated
> to, etc.
>
> In another example - CLOUDSTACK-306 (and I know Sheng has survived
> LKML, so he won't feel I am picking on him by using his code as an
> example). This code was developed elsewhere (presumably as a work for
> hire), and indeed published elsewhere first in another product, by a
> third party, who has rights to the IP. While the corporate entity in
> this particular case is friendly to the project, from a legal
> perspective the provenance of the code is known to us, and the
> licensing situation is very muddled.
>
> Apache projects have a reputation for good IP practices, and we, as a
> project need to make sure we are living up to those expectations, and
> that provenance and license is clear.
>
> If you have questions in this regard, please don't hesitate to ask.
>
> --David
>
> [1] http://markmail.org/message/ok4zwqtsroopqqsa
>

David - Thanks for providing the context on "why".  I was pretty
wrapped up in the issue, and didn't fairly remind people of the reason
to be concerned.

-chip

Mime
View raw message