Return-Path: X-Original-To: apmail-incubator-callback-dev-archive@minotaur.apache.org Delivered-To: apmail-incubator-callback-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id BA9079691 for ; Fri, 17 Feb 2012 12:40:36 +0000 (UTC) Received: (qmail 20404 invoked by uid 500); 17 Feb 2012 12:40:36 -0000 Delivered-To: apmail-incubator-callback-dev-archive@incubator.apache.org Received: (qmail 20333 invoked by uid 500); 17 Feb 2012 12:40:36 -0000 Mailing-List: contact callback-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: callback-dev@incubator.apache.org Delivered-To: mailing list callback-dev@incubator.apache.org Received: (qmail 20325 invoked by uid 99); 17 Feb 2012 12:40:36 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 17 Feb 2012 12:40:36 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of rgardler@opendirective.com designates 74.125.82.175 as permitted sender) Received: from [74.125.82.175] (HELO mail-we0-f175.google.com) (74.125.82.175) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 17 Feb 2012 12:40:31 +0000 Received: by werc1 with SMTP id c1so1935085wer.6 for ; Fri, 17 Feb 2012 04:40:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=opendirective.com; s=opendirective; h=mime-version:x-originating-ip:in-reply-to:references:from:date :message-id:subject:to:content-type:content-transfer-encoding; bh=Vyw0vVW7YDHadLmBVk96ZEhJd1YNNnB5wBU74ruLMWA=; b=Qp73lDE7VZOHRaYOVZGGHgXnmv2JcbqSOUEcbhYvz3Er2/a02nINDEJ2VIu8mhHDVk nxQTyil1F5BJEyKrVdnDGIk/ungLRDaVAu1fLNX5n8cOLDP6n+RUIEU8XuO/R6UbZ+EV baWcjxd4oCF3nJMSngHV4KbSp7EJCp+i9Uesc= Received: by 10.180.86.105 with SMTP id o9mr3457275wiz.4.1329482410282; Fri, 17 Feb 2012 04:40:10 -0800 (PST) MIME-Version: 1.0 Received: by 10.180.14.202 with HTTP; Fri, 17 Feb 2012 04:39:30 -0800 (PST) X-Originating-IP: [86.152.204.8] In-Reply-To: References: From: Ross Gardler Date: Fri, 17 Feb 2012 12:39:30 +0000 Message-ID: Subject: Re: Contributions policy for those with no ICLA To: callback-dev@incubator.apache.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Gm-Message-State: ALoCoQlx2T9t6QWd+frv9s9twRbaA1g4mCxqn7TfDp1gbY0yD3AtVDi+0Bd76L7SsCxsULAOPpXM On 16 February 2012 18:57, Brian LeRoux wrote: > There is no nefarious plan to patch bomb Apache Cordova and any > indication that might be the case is plain wrong.=A0I think this might > be a slight cultural disconnect. Apache is new to us and we them. > Traditionally, in our long 3 year heritage =3DP, we've been *very* good > with ensuring CLAs signed. (At least, since the IBMers came involved.) > > Where we and Apache differ is in commit access. In the past, if you > had a decent contribution and a CLA then we made that person a full > committer. (No vote.) > > This is likely the root src of the concern identified by Ross. No, this is not the root concern. I was at an event (Jquery UK) last week at which Cordova was featured quite heavily. I heard some rather confusing and worrying stories. At the same time I was asked to check the CCLA situation for SalesForce.com. These two items were *not* connected, but in my rush to address both situations I mixed the two into a single summary mail and caused confusion. My apologies. Back to the "worrying stories". These were coming from people who are *not* committers and they sounded like "chinese whispers" to me. Rather than suggest these stories are true I just wanted to flag the importance of due diligence in the contribution process here at the ASF. Note, the three people involved in the discussion were *very* upbeat about the move of Cordova to the ASF, this conversation is not anything to worry about from a public perception point of view. > Its a practice we borrowed from the Rubinious project and one Apache > would benefit from. I, and most (all?) others in the ASF, are a great believers in the low barriers policy you describe. The vote is additional, to your previous policy. It's interesting that in over ten years though I've never seen a vote fail (I'm sure it has happened, but not on any I've observed). Note a vote PMC membership exists for legal reasons, but a vote for committership (I believe) exists for social reasons. It might be possible to explore ways of simplifying that in this project, although I've never seen a problem with it since it is just a mechanism to ensure that people *can* object if a situation were to arise where objection is necessary. However, I think that is separate from my concern about IP due diligence. I'm happy to discuss alternatives to committer votes in a separate thread if you want to explore it (honestly I have no idea if an alternative is possible, but I'd be glad to help you explore options in the ASF). To be clear about my concern over IP due diligence is that no committer should be contributing code that is not either a) authored by themselves or b) contributed through a defined and public contribution process (e.g. git pull request, patch in issue tracker or whatever you want to adopt). As I said in my original post, if this is *not* happening then the project is on very solid ground. If it *is* happening then we need to examine why it is happening and, if possible, remove whatever barriers exist for the acceptable options of a) and b)., Ross