www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lawrence Rosen" <lro...@rosenlaw.com>
Subject RE: IP Clearance
Date Thu, 28 Jul 2011 18:30:10 GMT
> What is being described here is quite a different matter.  We have a
> codebase that (from what I have been told) includes some code that was
> originally developed here at the ASF, and intentionally made
> available[1] under an incompatible license by an individual who also
> asked to resign from the ASF.  Now we are asking somebody else to add
> an Apache License header with the intent of taking code of unknown
> provenance back in to the fold and distributing it to others.

Now that's a different story! Where did we learn that? This makes the code highly suspect!
We only accept code of *known provenance* under *compatible licenses*. We don't just change
license headers to make code appear safe!

/Larry




> -----Original Message-----
> From: sa3ruby@gmail.com [mailto:sa3ruby@gmail.com] On Behalf Of Sam
> Ruby
> Sent: Thursday, July 28, 2011 11:22 AM
> To: legal-discuss@apache.org
> Subject: Re: IP Clearance
> 
> On Thu, Jul 28, 2011 at 1:49 PM, Mark Struberg <struberg@yahoo.de>
> wrote:
> > I hope I'm finding the right words. I'll try ;)
> >
> > Imo all the iCLA discussion is overrated ^^
> >
> > The iCLA is a 'safety net' for the ASF. All the 'you can take that
> code and do what you like' is already granted if a person releases a
> piece of code under the Apache License!
> > What the iCLA does is additionally telling us 'yes I'm really aware
> that I must have written that code myself'.
> >
> > So it doesn't really change much if someone doesn't have an iCLA on
> file _as_long_ as noone else comes and claims that this certain code is
> NOT written by the committer but from another person and it's _not_
> free source. Or if someone claims the same for a patent.
> >
> > At least that's my take on it.
> >
> > Can anyone confirm/clarify this view?
> 
> We have taken a lot of care in our processes -- from requiring ICLAs
> for all committers, setting up PMCs which are responsible for
> oversight, as well as infrastructure support that sends out commit
> messages to the relevant mailing lists whenever a commit is made.
> 
> None of this exists by default for code developed elsewhere.
> 
> Understandably many of our projects are going to depend on code
> developed elsewhere.  If we are duped along with others, we will take
> action to correct such matters.
> 
> What is being described here is quite a different matter.  We have a
> codebase that (from what I have been told) includes some code that was
> originally developed here at the ASF, and intentionally made
> available[1] under an incompatible license by an individual who also
> asked to resign from the ASF.  Now we are asking somebody else to add
> an Apache License header with the intent of taking code of unknown
> provenance back in to the fold and distributing it to others.
> 
> Any PMC that takes an attitude of "Caveat emptor" is not providing
> proper oversight.
> 
> > txs and LieGrue,
> > strub
> 
> - Sam Ruby
> 
> [1] https://github.com/sonatype/sonatype-aether
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org


Mime
View raw message