incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Weir <>
Subject Re: [EXT][DISCUSS] Including Groovy as a scripting language
Date Tue, 27 Sep 2011 23:07:06 GMT
On Tue, Sep 27, 2011 at 6:30 PM, Pedro F. Giffuni <> wrote:
> --- On Tue, 9/27/11, Rob Weir <> wrote:
> ...
>> > Another point that Rob brought would be if we need a
>> SGA
>> > to add the Groovy (or other) extension.
>> >
>> > I would think an SGA is a rather extreme thing to
>> require
>> > for extensions: we wouldn't require that if we want
>> to
>> > include stuff like ucpp, bsh, or icu ... or dmake ;).
>> >
>> Again, this is a binary versus source code question.
> Not really, that was clarified already. The issue now is
> how to bring code into the the SVN tree.

Bringing it into SVN is easy.  Making it into a release is another
question.  To do that requires going through the IP Clearance process.

>> I thought the discussion was about bringing the groovy
>> extension source code over, yes?
> Yes.
>> That would require taking it through the IP
>> Clearance process.
>> An SGA is the normal way to do this.
> The PMC can require signing an SGA, I don't discuss that.

As a Podling, the Incubation PMC needs to sign off on IP Clearance and
releases as well.

> There are other ways of doing it though: people that
> have signed ICLAs can bring in code under an appropriate
> license and register it in the NOTICE file, and that's
> about to happen as we replace copyleft components with
> less restricted software.

The iCLA is of zero value if you are checking in someone else's code.
The iCLA is about code that you write.

For third party code, you don't personally know the provenance of the
code.  And if it was not developed on the Apache servers, in our SVN,
in our public, archived mailings lists, etc., then neither do we.
This isn't to say the code is not good.  It just means that we do not
have the record of its development.  That is why we need the SGA.

I'm going through this right now, in another Apache project, the ODF
Toolkit.  Even though the code was written almost entirely by IBM and
Oracle, and the committers all have iCLAs and CCLAs, and the code has
been Apache 2.0 licensed from the start, IBM and Oracle are still
submitting SGA's for this code.

I'm willing to debate it for long-established, well-known,
high-profile OSS projects that are being used everywhere, e..g, ICU.
This is partially about risk management.  That is why we should take
this case by case.  But I don't think the Groovy extension falls into
that category.

> You can't really expect opensource coders to go signing
> SGAs for all the projects that want to use their code.

The IP cleanliness of the code is very important for Apache projects.
That is why we take steps that other projects may not require,
including requiring an iCLA for committers, a CCLA for corporate
contributors, and an SGA for existing open source projects that are
contributed to Apache.

I don't expect that all outside open source developers will agree to
this paperwork.  But I do hope that this project will take these
requirements seriously.  We should not think of an SGA as being
extreme or unreasonable.  We should think of it as an opportunity to
assure that the IP of the project is reassured.


> cheers,
> Pedro.

View raw message