cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Nalley <>
Subject Re: ICLA for contributors
Date Mon, 13 Jun 2016 18:33:18 GMT
CCLAs are completely optional - and no one (AFAIK) checks the employer
of new committers as a general rule. (Plus, employers change)

ICLAs are required for committers - and they explicitly say among
other things that you won't commit things for which the ASF wouldn't
have the right to redistribute.

Code contributions from non-committers are generally accepted under
provision 5 of the Apache Software License V2. So strictly speaking an
ICLA isn't required. However, we generally would want to have an ICLA
for any major contribution. (Think something on the magnitude of a
distinct new feature; or something requiring IP Clearance, etc) This
is essentially the person communicating to us that their contribution
is being freely given and they are authorized to provide it to us.


On Fri, Jun 10, 2016 at 10:56 AM, John Burwell
<> wrote:
> Ron,
> As part of committer on-boarding, the PMC requires each committer candidate have an ASF
ICLA in place and verifies the CCLA of their employer.
> Thanks,
> -John
> 53 Chandos Place, Covent Garden, London VA WC2N 4HSUK
> @shapeblue
> On Jun 10, 2016, at 10:47 AM, Ron Wheeler <> wrote:
>> That is correct from my reading of the Apache page as well.
>> I think that your definition of committer and contributor is identical to Apache's.
>> Ron
>> On 09/06/2016 3:57 PM, John Burwell wrote:
>>> All,
>>> I believe Pierre-Luc’s explanation is correct, and that we may have slightly
different definitions of contributor and committer.  Generally, we define a contributor, we
are referring to anyone (committer, PMC member, any person in the world) who contributes code,
documentation, etc to the project.  We define a committer as a contributor who demonstrated
a strong and sustained commitment to the project.  In recognition of this commitment, committers
are granted the right to commit changes to the project’s public repositories.  Execution
of an ICLA and CCLA are required in order for someone to become an Apache CloudStack committer.
>>> IANAL, but my understanding is that any individual can contribute to an Apache
project without signing an ICLA/CCLA because a committer with one in place will perform commit
to the repository.  The act of the individual giving code to the project and a committer reviewing
and committing it to the repository qualifies as rights assignment under by the ASL.  Since
execution of an ICLA/CCLA is a prerequisite for all Apache CloudStack committers and Apache
secures our repositories to only allow committers read/write access, rights assignment under
the ASL for our repositories is properly enforced/managed.
>>> Thanks,
>>> -John
>>> 53 Chandos Place, Covent Garden, London VA WC2N 4HSUK
>>> @shapeblue
>>> On Jun 9, 2016, at 1:46 PM, Pierre-Luc Dion <> wrote:
>>>> Hi Ron,
>>>> As far as I know, ICLA and CCLA is required for commiters, but not required
>>>> for non-commiters contributors. I don't know about all details, someone
>>>> else in the ML might have more details about this. For sure, you can be a
>>>> contributor without submitting code as a anyone in this ML is consider as
>>>> contributor.
>>>> Cheers,
>>>> On Thu, Jun 9, 2016 at 11:46 AM, Ron Wheeler <
>>>>> wrote:
>>>>> As part of a discussion during last weeks meeting in Mpntreal, the
>>>>> question was raised about the requirement to have an Individual Contributor
>>>>> License Agreement (ICLA) for each contributor.
>>>>> describes the requirements as follows:
>>>>> "The ASF desires that all contributors of ideas, code, or documentation
>>>>> any Apache projects complete, sign, and submit (via fax or email) an
>>>>> Individual Contributor License Agreement (ICLA). The purpose of this
>>>>> agreement is to clearly define the terms under which intellectual property
>>>>> has been contributed to the ASF and thereby allow us to defend the project
>>>>> should there be a legal dispute regarding the software at some future
>>>>> A signed ICLA is required to be on file before an individual is given
>>>>> commit rights to an ASF project.
>>>>> For a corporation that has assigned employees to work on an Apache
>>>>> project, a Corporate CLA (CCLA) is available for contributing intellectual
>>>>> property via the corporation, that may have been assigned as part of
>>>>> employment agreement. Note that a Corporate CLA does not remove the need
>>>>> for every developer to sign their own ICLA as an individual, to cover
>>>>> of their contributions which are not owned by the corporation signing
>>>>> CCLA."
>>>>> There is a split between desirable and mandatory.
>>>>> I am not sure that the argument that submitting a PR is a clear sign
>>>>> intent to give up all rights, has ever been tested in a court but it
>>>>> much easier to have an signed ICLA for each contributor.
>>>>> A CCLA for each company that is either paying people to work on the
>>>>> project or has a clause in their employment contract giving the company
>>>>> rights to all IP created during their employment is required. This removes
>>>>> any ambiguity about the individual's right to make a PR.
>>>>> It is a little bit of housekeeping to keep track of the list of
>>>>> contributors with ICLA's. A wiki page listing the contributors is a simple
>>>>> solution.
>>>>> is what we did at OFBiz.
>>>>> The ICLA and CCLA is good for all Apache projects.
>>>>> Ron
>>>>> --
>>>>> Ron Wheeler
>>>>> President
>>>>> Artifact Software Inc
>>>>> email:
>>>>> skype: ronaldmwheeler
>>>>> phone: 866-970-2435, ext 102
>> --
>> Ron Wheeler
>> President
>> Artifact Software Inc
>> email:
>> skype: ronaldmwheeler
>> phone: 866-970-2435, ext 102

View raw message